github.com/cilium/cilium@v1.16.2/pkg/maps/ctmap/utils.go (about) 1 // SPDX-License-Identifier: Apache-2.0 2 // Copyright Authors of Cilium 3 4 package ctmap 5 6 import ( 7 "errors" 8 9 "golang.org/x/sys/unix" 10 11 "github.com/cilium/cilium/pkg/bpf" 12 "github.com/cilium/cilium/pkg/maps/nat" 13 "github.com/cilium/cilium/pkg/tuple" 14 ) 15 16 // NOTE: the function does NOT copy addr fields, so it's not safe to 17 // reuse the returned ctKey. 18 func dsrCTKeyFromEgressNatKey(k nat.NatKey) bpf.MapKey { 19 natKey, ok := k.(*nat.NatKey4) 20 if ok { // ipv4 21 t := tuple.TupleKey4{ 22 SourceAddr: natKey.DestAddr, 23 SourcePort: natKey.DestPort, 24 DestAddr: natKey.SourceAddr, 25 DestPort: natKey.SourcePort, 26 NextHeader: natKey.NextHeader, 27 Flags: tuple.TUPLE_F_OUT, 28 } 29 30 // Workaround #5848 31 t.SwapAddresses() 32 33 return &tuple.TupleKey4Global{TupleKey4: t} 34 } 35 36 { // ipv6 37 natKey := k.(*nat.NatKey6) 38 39 t := tuple.TupleKey6{ 40 SourceAddr: natKey.DestAddr, 41 SourcePort: natKey.DestPort, 42 DestAddr: natKey.SourceAddr, 43 DestPort: natKey.SourcePort, 44 NextHeader: natKey.NextHeader, 45 Flags: tuple.TUPLE_F_OUT, 46 } 47 48 // Workaround #5848 49 t.SwapAddresses() 50 51 return &tuple.TupleKey6Global{TupleKey6: t} 52 } 53 } 54 55 // NOTE: the function does NOT copy addr fields, so it's not safe to 56 // reuse the returned ctKey. 57 func egressCTKeyFromIngressNatKeyAndVal(k nat.NatKey, v nat.NatEntry) bpf.MapKey { 58 natKey, ok := k.(*nat.NatKey4) 59 if ok { // ipv4 60 natVal := v.(*nat.NatEntry4) 61 62 t := tuple.TupleKey4{ 63 SourceAddr: natVal.Addr, 64 SourcePort: natVal.Port, 65 DestAddr: natKey.SourceAddr, 66 DestPort: natKey.SourcePort, 67 NextHeader: natKey.NextHeader, 68 Flags: tuple.TUPLE_F_OUT, 69 } 70 71 // Workaround #5848 72 t.SwapAddresses() 73 74 return &tuple.TupleKey4Global{TupleKey4: t} 75 } 76 77 { // ipv6 78 natKey := k.(*nat.NatKey6) 79 natVal := v.(*nat.NatEntry6) 80 81 t := tuple.TupleKey6{ 82 SourceAddr: natVal.Addr, 83 SourcePort: natVal.Port, 84 DestAddr: natKey.SourceAddr, 85 DestPort: natKey.SourcePort, 86 NextHeader: natKey.NextHeader, 87 Flags: tuple.TUPLE_F_OUT, 88 } 89 90 // Workaround #5848 91 t.SwapAddresses() 92 93 return &tuple.TupleKey6Global{TupleKey6: t} 94 } 95 } 96 97 // NOTE: the function does NOT copy addr fields, so it's not safe to 98 // reuse the returned ctKey. 99 func egressCTKeyFromEgressNatKey(k nat.NatKey) bpf.MapKey { 100 natKey, ok := k.(*nat.NatKey4) 101 if ok { // ipv4 102 t := tuple.TupleKey4{ 103 SourceAddr: natKey.SourceAddr, 104 SourcePort: natKey.SourcePort, 105 DestAddr: natKey.DestAddr, 106 DestPort: natKey.DestPort, 107 NextHeader: natKey.NextHeader, 108 Flags: tuple.TUPLE_F_OUT, 109 } 110 111 // Workaround #5848 112 t.SwapAddresses() 113 114 return &tuple.TupleKey4Global{TupleKey4: t} 115 } 116 117 { // ipv6 118 natKey := k.(*nat.NatKey6) 119 120 t := tuple.TupleKey6{ 121 SourceAddr: natKey.SourceAddr, 122 SourcePort: natKey.SourcePort, 123 DestAddr: natKey.DestAddr, 124 DestPort: natKey.DestPort, 125 NextHeader: natKey.NextHeader, 126 Flags: tuple.TUPLE_F_OUT, 127 } 128 129 // Workaround #5848 130 t.SwapAddresses() 131 132 return &tuple.TupleKey6Global{TupleKey6: t} 133 } 134 } 135 136 func ctEntryExist(ctMap *Map, ctKey bpf.MapKey, f func(*CtEntry) bool) bool { 137 v, err := ctMap.Lookup(ctKey) 138 139 if err != nil { 140 return !errors.Is(err, unix.ENOENT) 141 } 142 143 if f == nil { 144 return true 145 } 146 147 return f(v.(*CtEntry)) 148 }