ADD AllowedIPs field in both generators #4 #6

2026-01-05 18:53:13 +01:00 · 2026-01-05 18:53:13 +01:00 · e7d33476ae
commit e7d33476ae
parent 971fdbd0f7
3 changed files with 29 additions and 12 deletions
--- a/html/index.html
+++ b/html/index.html
@ -52,6 +52,14 @@
                    <input type="text" id="dns" placeholder="e.g. 8.8.8.8, 1.1.1.1">
                </div>
            </div>
+
+            <div class="form-row">
+                <div class="form-group">
+                    <label for="allowedIPs">Client AllowedIPs:</label>
+                    <input type="text" id="allowedIPs" value="0.0.0.0/0, ::/0" placeholder="e.g. 0.0.0.0/0, ::/0 or 10.0.0.0/24" required>
+                    <small style="color: #666; display: block; margin-top: 5px;">0.0.0.0/0 routes all traffic through VPN. Use specific subnets for split-tunnel.</small>
+                </div>
+            </div>
            
            <div class="seed-section">
                <label>Cryptographic Seed (for reproducible key generation):</label>
--- a/html/mesh-generator/index.html
+++ b/html/mesh-generator/index.html
@ -34,6 +34,13 @@
                        <input type="text" id="dns" placeholder="e.g. 8.8.8.8, 1.1.1.1">
                    </div>
                </div>
+                <div class="form-row">
+                    <div class="form-group">
+                        <label for="allowedIPs">Peer AllowedIPs:</label>
+                        <input type="text" id="allowedIPs" value="10.0.0.0/24" placeholder="e.g. 10.0.0.0/24 or 0.0.0.0/0" required>
+                        <small style="color: #666; display: block; margin-top: 5px;">Define which IPs each peer can reach through others. Use network CIDR for mesh-only traffic.</small>
+                    </div>
+                </div>
            </div>

            <div class="form-section">
--- a/html/static/script.js
+++ b/html/static/script.js
@ -285,6 +285,7 @@ async function generateConfigs() {
        const serverEndpoint = document.getElementById('serverEndpoint').value;
        const clientCount = parseInt(document.getElementById('clientCount').value);
        const dns = document.getElementById('dns').value;
+        const allowedIPs = document.getElementById('allowedIPs').value;

        // Validate inputs
        if (!validateInputs(serverNetwork, serverEndpoint, clientCount)) {
@ -356,10 +357,10 @@ async function generateConfigs() {
            `${networkParts[0]}.${networkParts[1]}.${networkParts[2]}.${networkParts[3] + 1}`, 
            cidr, clients);

-        const clientConfigs = clients.map(client => 
-            generateClientConfig(client, serverPublicKey, serverEndpoint, serverPort, 
-                `${networkParts[0]}.${networkParts[1]}.${networkParts[2]}.${networkParts[3] + 1}`, 
-                cidr, dns)
+        const clientConfigs = clients.map(client =>
+            generateClientConfig(client, serverPublicKey, serverEndpoint, serverPort,
+                `${networkParts[0]}.${networkParts[1]}.${networkParts[2]}.${networkParts[3] + 1}`,
+                cidr, dns, allowedIPs)
        );

        // Store configurations
@ -439,28 +440,28 @@ AllowedIPs = ${client.ip}/32
    return config;
 }

-function generateClientConfig(client, serverPublicKey, serverEndpoint, serverPort, serverIP, cidr, dns) {
+function generateClientConfig(client, serverPublicKey, serverEndpoint, serverPort, serverIP, cidr, dns, allowedIPs) {
    let config = `# ${client.name} Configuration
 [Interface]
 PrivateKey = ${client.privateKey}
 Address = ${client.ip}/${cidr}`;
-    
+
    // Only add DNS if it's not empty
    if (dns && dns.trim()) {
        config += `
 DNS = ${dns.trim()}`;
    }
-    
+
    config += `

 [Peer]
 PublicKey = ${serverPublicKey}
 PresharedKey = ${client.presharedKey}
-AllowedIPs = 0.0.0.0/0, ::/0
+AllowedIPs = ${allowedIPs}
 Endpoint = ${serverEndpoint}:${serverPort}
 PersistentKeepalive = 25
 `;
-    
+
    return config;
 }

@ -643,6 +644,7 @@ async function generateMeshConfigs() {
    try {
        const networkCIDR = document.getElementById('networkCIDR').value;
        const dns = document.getElementById('dns').value;
+        const allowedIPs = document.getElementById('allowedIPs').value;
        const peerCount = parseInt(document.getElementById('peerCount').value);

        // Validate inputs
@ -728,7 +730,7 @@ async function generateMeshConfigs() {
        // Generate configurations for each peer
        const meshConfigs = peers.map((peer, index) => ({
            name: peer.name,
-            config: generateMeshPeerConfig(peer, peers, index, cidr, dns, presharedKeys)
+            config: generateMeshPeerConfig(peer, peers, index, cidr, dns, presharedKeys, allowedIPs)
        }));

        // Store configurations
@ -769,7 +771,7 @@ function validateMeshInputs(networkCIDR, peerCount) {
    return true;
 }

-function generateMeshPeerConfig(currentPeer, allPeers, currentIndex, cidr, dns, presharedKeys) {
+function generateMeshPeerConfig(currentPeer, allPeers, currentIndex, cidr, dns, presharedKeys, allowedIPs) {
    let config = `# ${currentPeer.name} Configuration (Mesh Network)
 [Interface]
 PrivateKey = ${currentPeer.privateKey}
@ -798,7 +800,7 @@ ListenPort = ${currentPeer.port}
 [Peer]
 PublicKey = ${peer.publicKey}
 PresharedKey = ${presharedKey}
-AllowedIPs = ${peer.ip}/32`;
+AllowedIPs = ${allowedIPs}`;

            // Add endpoint if available
            if (peer.endpoint) {