github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/internal/enforcer/dnsproxy/common.go

github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/internal/enforcer/dnsproxy/common.go (about)

     1  package dnsproxy
     2  
     3  import (
     4  	"net"
     5  	"strconv"
     6  
     7  	"go.aporeto.io/enforcerd/trireme-lib/controller/internal/enforcer/applicationproxy/serviceregistry"
     8  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/ipsetmanager"
     9  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/pucontext"
    10  	"go.uber.org/zap"
    11  )
    12  
    13  func configureDependentServices(puCtx *pucontext.PUContext, fqdn string, ips []string) {
    14  
    15  	dependentServicesModified := false
    16  
    17  	for _, dependentService := range puCtx.DependentServices(fqdn) {
    18  		min, max := dependentService.NetworkInfo.Ports.Range()
    19  
    20  		for _, ipString := range ips {
    21  			if ip := net.ParseIP(ipString); ip.To4() != nil {
    22  				if _, exists := dependentService.NetworkInfo.Addresses[ipString+"/32"]; exists {
    23  					continue
    24  				}
    25  				_, ipNet, _ := net.ParseCIDR(ipString + "/32")
    26  				for i := int(min); i <= int(max); i++ {
    27  					if err := ipsetmanager.V4().AddIPPortToDependentService(puCtx.ID(), ipNet, strconv.Itoa(i)); err != nil {
    28  						zap.L().Debug("dnsproxy: error adding dependent service ip port to ipset", zap.Error(err))
    29  					}
    30  				}
    31  				dependentServicesModified = true
    32  				dependentService.NetworkInfo.Addresses[ipNet.String()] = struct{}{}
    33  			} else {
    34  				if _, exists := dependentService.NetworkInfo.Addresses[ipString+"/128"]; exists {
    35  					continue
    36  				}
    37  				_, ipNet, _ := net.ParseCIDR(ipString + "/128")
    38  				for i := int(min); i <= int(max); i++ {
    39  					if err := ipsetmanager.V6().AddIPPortToDependentService(puCtx.ID(), ipNet, strconv.Itoa(i)); err != nil {
    40  						zap.L().Debug("dnsproxy: error adding dependent service ip port to ipset", zap.Error(err))
    41  					}
    42  				}
    43  				dependentServicesModified = true
    44  				dependentService.NetworkInfo.Addresses[ipNet.String()] = struct{}{}
    45  			}
    46  		}
    47  	}
    48  
    49  	if dependentServicesModified {
    50  		if err := serviceregistry.Instance().UpdateDependentServicesByID(puCtx.ID()); err != nil {
    51  			zap.L().Error("dnsproxy: error updating dependent services", zap.Error(err))
    52  		}
    53  	}
    54  }