Do not allocate wireguard server IP to clients
It’s possible to avoid assigning any IP to the server but let’s not.
This commit is contained in:
parent
42b16c8ac5
commit
a791e2bcdd
|
@ -39,12 +39,12 @@ def new():
|
||||||
server_pubkey = subprocess.run([f'wg pubkey'], input=settings.get('wg_key'),
|
server_pubkey = subprocess.run([f'wg pubkey'], input=settings.get('wg_key'),
|
||||||
text=True, capture_output=True, shell=True).stdout.strip()
|
text=True, capture_output=True, shell=True).stdout.strip()
|
||||||
|
|
||||||
|
host = ipaddress.ip_interface(settings.get('wg_net', '10.0.0.1/24'))
|
||||||
with db.locked('wireguard'):
|
with db.locked('wireguard'):
|
||||||
# Find a free address for the new key.
|
# Find a free address for the new key.
|
||||||
ips = db.read('wireguard')
|
ips = db.read('wireguard')
|
||||||
network = ipaddress.ip_network(settings.get('wg_net', '10.0.0.1/24'), strict=False)
|
for ip in host.network.hosts():
|
||||||
for ip in network.hosts():
|
if ip != host.ip and str(ip) not in ips:
|
||||||
if str(ip) not in ips:
|
|
||||||
break
|
break
|
||||||
else:
|
else:
|
||||||
return flask.Response('no more available IP addresses', status=500, mimetype='text/plain')
|
return flask.Response('no more available IP addresses', status=500, mimetype='text/plain')
|
||||||
|
|
Loading…
Reference in a new issue