Skip to content

Commit

Permalink
Modify kernel mechanism to save iptables rules as an array
Browse files Browse the repository at this point in the history 
Signed-off-by: Sergey Shlyanin <sergey.shlyanin@xored.com>
  • Loading branch information
Sergey Shlyanin committed May 12, 2022
1 parent c57fd26 commit 68a2533
Showing 1 changed file with 20 additions and 12 deletions.
32 changes: 20 additions & 12 deletions pkg/api/networkservice/mechanisms/kernel/helpers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ package kernel
import (
"bytes"
"strconv"
"strings"
"text/template"

"github.com/networkservicemesh/api/pkg/api/networkservice"
Expand Down Expand Up @@ -178,24 +179,25 @@ func (m *Mechanism) SetRouteLocalNet(routeLocalNet bool) *Mechanism {
}

// GetIPTables4NatTemplate - return IP Table chain/rules template, empty string if unset
func (m *Mechanism) GetIPTables4NatTemplate() string {
value, ok := m.GetParameters()[IPTables4NatTemplate]
func (m *Mechanism) GetIPTables4NatTemplate() []string {
rulesString, ok := m.GetParameters()[IPTables4NatTemplate]
if !ok {
return ""
return []string{}
}

return value
return strings.Split(rulesString, ";")
}

// SetIPTables4NatTemplate - set IP Table chain/rules template
func (m *Mechanism) SetIPTables4NatTemplate(tmpl string) *Mechanism {
m.GetParameters()[IPTables4NatTemplate] = tmpl
func (m *Mechanism) SetIPTables4NatTemplate(rules []string) *Mechanism {
rulesString := strings.Join(rules, ";")
m.GetParameters()[IPTables4NatTemplate] = rulesString

return m
}

// EvaluateIPTables4NatTemplate - evaluate IP Table chain/rules template with connection parameters
func (m *Mechanism) EvaluateIPTables4NatTemplate(conn *networkservice.Connection) (string, error) {
func (m *Mechanism) EvaluateIPTables4NatTemplate(conn *networkservice.Connection) ([]string, error) {
type TemplateData struct {
NsmInterfaceName string
NsmSrcIPs []string
Expand All @@ -208,16 +210,22 @@ func (m *Mechanism) EvaluateIPTables4NatTemplate(conn *networkservice.Connection
NsmDstIPs: conn.GetContext().GetIpContext().GetDstIpAddrs(),
}

templateOutput := new(bytes.Buffer)
rulesString, ok := m.GetParameters()[IPTables4NatTemplate]
if !ok {
return []string{}, nil
}

tmpl, err := template.New("").Parse(m.GetIPTables4NatTemplate())
templateOutput := new(bytes.Buffer)
tmpl, err := template.New("").Parse(rulesString)
if err != nil {
return "", err
return []string{}, err
}
err = tmpl.Execute(templateOutput, data)
if err != nil {
return "", err
return []string{}, err
}

return templateOutput.String(), nil
evaluatedRules := strings.Split(templateOutput.String(), ";")

return evaluatedRules, nil
}

0 comments on commit 68a2533

Please sign in to comment.