diff --git a/CHANGELOG.md b/CHANGELOG.md index 73a7f733331..1040d68df7d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -116,7 +116,7 @@ In this release, the schema version has changed from 10 to 12. ### Fixed -- Adding an IP into only one ipset on Linux ([#3638]). +- Adding an IP into only one of the matching ipsets on Linux ([#3638]). - Removal of temporary filter files ([#3567]). - Panic when an upstream server responds with an empty question section ([#3551]). diff --git a/internal/aghnet/ipset_linux.go b/internal/aghnet/ipset_linux.go index 15bb37b9008..43be4a49532 100644 --- a/internal/aghnet/ipset_linux.go +++ b/internal/aghnet/ipset_linux.go @@ -68,13 +68,13 @@ type ipsetProps struct { // unit is a convenient alias for struct{}. type unit = struct{} -// ipsInIpsetSet is the type of a set of IP addresses added to a specific ipset. -type ipsInIpsetSet map[ipInIpset]unit +// ipsInIpset is the type of a set of IP-address-to-ipset mappings. +type ipsInIpset map[ipInIpsetEntry]unit -// ipInIpset it the type for the -type ipInIpset struct { +// ipInIpsetEntry it the type for entries in an ipsInIpset set. +type ipInIpsetEntry struct { ipsetName string - ipArr [16]byte + ipArr [net.IPv6len]byte } // ipsetMgr is the Linux Netfilter ipset manager. @@ -92,7 +92,7 @@ type ipsetMgr struct { // are either added to all corresponding ipsets or not. When that stops // being the case, for example if we add dynamic reconfiguration of // ipsets, this map will need to become a per-ipset-name one. - addedIPs ipsInIpsetSet + addedIPs ipsInIpset ipv4Conn ipsetConn ipv6Conn ipsetConn @@ -209,7 +209,7 @@ func newIpsetMgrWithDialer(ipsetConf []string, dial ipsetDialer) (mgr IpsetManag dial: dial, - addedIPs: make(ipsInIpsetSet), + addedIPs: make(ipsInIpset), } err = m.dialNetfilter(&netlink.Config{}) @@ -275,19 +275,19 @@ func (m *ipsetMgr) addIPs(host string, set ipsetProps, ips []net.IP) (n int, err } var entries []*ipset.Entry - var newAddedIPs []ipInIpset + var newAddedEntries []ipInIpsetEntry for _, ip := range ips { - k := ipInIpset{ + e := ipInIpsetEntry{ ipsetName: set.name, } - copy(k.ipArr[:], ip.To16()) + copy(e.ipArr[:], ip.To16()) - if _, added := m.addedIPs[k]; added { + if _, added := m.addedIPs[e]; added { continue } entries = append(entries, ipset.NewEntry(ipset.EntryIP(ip))) - newAddedIPs = append(newAddedIPs, k) + newAddedEntries = append(newAddedEntries, e) } n = len(entries) @@ -312,8 +312,8 @@ func (m *ipsetMgr) addIPs(host string, set ipsetProps, ips []net.IP) (n int, err // Only add these to the cache once we're sure that all of them were // actually sent to the ipset. - for _, k := range newAddedIPs { - m.addedIPs[k] = unit{} + for _, e := range newAddedEntries { + m.addedIPs[e] = unit{} } return n, nil diff --git a/internal/dnsforward/ipset_test.go b/internal/dnsforward/ipset_test.go index a46deec1c69..66185a5ca27 100644 --- a/internal/dnsforward/ipset_test.go +++ b/internal/dnsforward/ipset_test.go @@ -15,7 +15,7 @@ type fakeIpsetMgr struct { ip6s []net.IP } -// Add implements the aghnet.IpsetManager inteface for *fakeIpsetMgr. +// Add implements the aghnet.IpsetManager interface for *fakeIpsetMgr. func (m *fakeIpsetMgr) Add(host string, ip4s, ip6s []net.IP) (n int, err error) { m.ip4s = append(m.ip4s, ip4s...) m.ip6s = append(m.ip6s, ip6s...) diff --git a/internal/home/home.go b/internal/home/home.go index d383692074b..6dceb1fdf84 100644 --- a/internal/home/home.go +++ b/internal/home/home.go @@ -69,7 +69,7 @@ type homeContext struct { configFilename string // Config filename (can be overridden via the command line arguments) workDir string // Location of our directory, used to protect against CWD being somewhere else - firstRun bool // if set to true, don't run any services except HTTP web inteface, and serve only first-run html + firstRun bool // if set to true, don't run any services except HTTP web interface, and serve only first-run html pidFileName string // PID file name. Empty if no PID file was created. disableUpdate bool // If set, don't check for updates controlLock sync.Mutex