extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-06-20 09:47:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix lint issues

Browse Source
This commit is contained in:
Viktor Liu 2025-06-17 03:07:28 +02:00
parent 49bbd90557
commit 50ac3d437e
5 changed files with 35 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
client/internal/routemanager/common/params.go
View File

@ -24,5 +24,5 @@ type HandlerParams struct {
PeerStore *peerstore.Store
UseNewDNSRoute bool
Firewall manager.Manager
FakeIPManager *fakeip.FakeIPManager
FakeIPManager *fakeip.Manager
}

31
client/internal/routemanager/dnsinterceptor/handler.go
View File

@ -50,7 +50,7 @@ type DnsInterceptor struct {
wgInterface wgInterface
peerStore *peerstore.Store
firewall firewall.Manager
fakeIPManager *fakeip.FakeIPManager
fakeIPManager *fakeip.Manager
}
func New(params common.HandlerParams) *DnsInterceptor {
@ -428,7 +428,7 @@ func (d *DnsInterceptor) updateDomainPrefixes(resolvedDomain, originalDomain dom
}
}
d.removeDNATMappingsForRealIPs(toRemove)
d.removeDNATMappings(toRemove)
}
// Update domain prefixes using resolved domain as key - store real IPs
@ -449,8 +449,8 @@ func (d *DnsInterceptor) updateDomainPrefixes(resolvedDomain, originalDomain dom
return nberrors.FormatErrorOrNil(merr)
}
// removeDNATMappingsForRealIPs removes DNAT mappings from the firewall for real IP prefixes
func (d *DnsInterceptor) removeDNATMappingsForRealIPs(realPrefixes []netip.Prefix) {
// removeDNATMappings removes DNAT mappings from the firewall for real IP prefixes
func (d *DnsInterceptor) removeDNATMappings(realPrefixes []netip.Prefix) {
if len(realPrefixes) == 0 {
return
}
@ -501,27 +501,6 @@ func (d *DnsInterceptor) addDNATMappings(mappings map[netip.Addr]netip.Addr) {
}
}
// removeDNATMappings removes DNAT mappings from the firewall for removed prefixes
func (d *DnsInterceptor) removeDNATMappings(prefixes []netip.Prefix) {
if len(prefixes) == 0 {
return
}
dnatFirewall, ok := d.internalDnatFw()
if !ok {
return
}
for _, prefix := range prefixes {
fakeIP := prefix.Addr()
if err := dnatFirewall.RemoveInternalDNATMapping(fakeIP); err != nil {
log.Errorf("Failed to remove DNAT mapping for %s: %v", fakeIP, err)
} else {
log.Debugf("Removed DNAT mapping for: %s", fakeIP)
}
}
}
// cleanupDNATMappings removes all DNAT mappings for this interceptor
func (d *DnsInterceptor) cleanupDNATMappings() {
if _, ok := d.internalDnatFw(); !ok {
@ -529,7 +508,7 @@ func (d *DnsInterceptor) cleanupDNATMappings() {
}
for _, prefixes := range d.interceptedDomains {
d.removeDNATMappingsForRealIPs(prefixes)
d.removeDNATMappings(prefixes)
}
}

52
client/internal/routemanager/fakeip/fakeip.go
View File

@ -6,8 +6,8 @@ import (
"sync"
)
// FakeIPManager manages allocation of fake IPs from the 240.0.0.0/8 block
type FakeIPManager struct {
// Manager manages allocation of fake IPs from the 240.0.0.0/8 block
type Manager struct {
mu sync.Mutex
nextIP netip.Addr // Next IP to allocate
allocated map[netip.Addr]netip.Addr // real IP -> fake IP
@ -17,11 +17,11 @@ type FakeIPManager struct {
}
// NewManager creates a new fake IP manager using 240.0.0.0/8 block
func NewManager() *FakeIPManager {
func NewManager() *Manager {
baseIP := netip.AddrFrom4([4]byte{240, 0, 0, 1})
maxIP := netip.AddrFrom4([4]byte{240, 255, 255, 254})
return &FakeIPManager{
return &Manager{
nextIP: baseIP,
allocated: make(map[netip.Addr]netip.Addr),
fakeToReal: make(map[netip.Addr]netip.Addr),
@ -32,62 +32,62 @@ func NewManager() *FakeIPManager {
// AllocateFakeIP allocates a fake IP for the given real IP
// Returns the fake IP, or existing fake IP if already allocated
func (f *FakeIPManager) AllocateFakeIP(realIP netip.Addr) (netip.Addr, error) {
func (m *Manager) AllocateFakeIP(realIP netip.Addr) (netip.Addr, error) {
if !realIP.Is4() {
return netip.Addr{}, fmt.Errorf("only IPv4 addresses supported")
}
f.mu.Lock()
defer f.mu.Unlock()
m.mu.Lock()
defer m.mu.Unlock()
if fakeIP, exists := f.allocated[realIP]; exists {
if fakeIP, exists := m.allocated[realIP]; exists {
return fakeIP, nil
}
startIP := f.nextIP
startIP := m.nextIP
for {
currentIP := f.nextIP
currentIP := m.nextIP
// Advance to next IP, wrapping at boundary
if f.nextIP.Compare(f.maxIP) >= 0 {
f.nextIP = f.baseIP
if m.nextIP.Compare(m.maxIP) >= 0 {
m.nextIP = m.baseIP
} else {
f.nextIP = f.nextIP.Next()
m.nextIP = m.nextIP.Next()
}
// Check if current IP is available
if _, inUse := f.fakeToReal[currentIP]; !inUse {
f.allocated[realIP] = currentIP
f.fakeToReal[currentIP] = realIP
if _, inUse := m.fakeToReal[currentIP]; !inUse {
m.allocated[realIP] = currentIP
m.fakeToReal[currentIP] = realIP
return currentIP, nil
}
// Prevent infinite loop if all IPs exhausted
if f.nextIP.Compare(startIP) == 0 {
if m.nextIP.Compare(startIP) == 0 {
return netip.Addr{}, fmt.Errorf("no more fake IPs available in 240.0.0.0/8 block")
}
}
}
// GetFakeIP returns the fake IP for a real IP if it exists
func (f *FakeIPManager) GetFakeIP(realIP netip.Addr) (netip.Addr, bool) {
f.mu.Lock()
defer f.mu.Unlock()
func (m *Manager) GetFakeIP(realIP netip.Addr) (netip.Addr, bool) {
m.mu.Lock()
defer m.mu.Unlock()
fakeIP, exists := f.allocated[realIP]
fakeIP, exists := m.allocated[realIP]
return fakeIP, exists
}
// GetRealIP returns the real IP for a fake IP if it exists, otherwise false
func (f *FakeIPManager) GetRealIP(fakeIP netip.Addr) (netip.Addr, bool) {
f.mu.Lock()
defer f.mu.Unlock()
func (m *Manager) GetRealIP(fakeIP netip.Addr) (netip.Addr, bool) {
m.mu.Lock()
defer m.mu.Unlock()
realIP, exists := f.fakeToReal[fakeIP]
realIP, exists := m.fakeToReal[fakeIP]
return realIP, exists
}
// GetFakeIPBlock returns the fake IP block used by this manager
func (f *FakeIPManager) GetFakeIPBlock() netip.Prefix {
func (m *Manager) GetFakeIPBlock() netip.Prefix {
return netip.MustParsePrefix("240.0.0.0/8")
}

6
client/internal/routemanager/fakeip/fakeip_test.go
View File

@ -87,8 +87,6 @@ func TestGetFakeIP(t *testing.T) {
}
}
func TestMultipleAllocations(t *testing.T) {
manager := NewManager()
@ -181,7 +179,7 @@ func TestConcurrentAccess(t *testing.T) {
func TestIPExhaustion(t *testing.T) {
// Create a manager with limited range for testing
manager := &FakeIPManager{
manager := &Manager{
nextIP: netip.AddrFrom4([4]byte{240, 0, 0, 1}),
allocated: make(map[netip.Addr]netip.Addr),
fakeToReal: make(map[netip.Addr]netip.Addr),
@ -212,7 +210,7 @@ func TestIPExhaustion(t *testing.T) {
func TestWrapAround(t *testing.T) {
// Create manager starting near the end of range
manager := &FakeIPManager{
manager := &Manager{
nextIP: netip.AddrFrom4([4]byte{240, 0, 0, 254}),
allocated: make(map[netip.Addr]netip.Addr),
fakeToReal: make(map[netip.Addr]netip.Addr),

12
client/internal/routemanager/manager.go
View File

@ -41,10 +41,6 @@ import (
"github.com/netbirdio/netbird/version"
)
type internalDNATer interface {
AddInternalDNATMapping(netip.Addr, netip.Addr) error
}
// Manager is a route manager interface
type Manager interface {
Init() (nbnet.AddHookFunc, nbnet.RemoveHookFunc, error)
@ -102,7 +98,7 @@ type DefaultManager struct {
disableClientRoutes bool
disableServerRoutes bool
activeRoutes map[route.HAUniqueID]client.RouteHandler
fakeIPManager *fakeip.FakeIPManager
fakeIPManager *fakeip.Manager
}
func NewManager(config ManagerConfig) *DefaultManager {
@ -546,12 +542,6 @@ func (m *DefaultManager) initialClientRoutes(initialRoutes []*route.Route) []*ro
return rs
}
// supportsInternalDNAT checks if the firewall supports internal DNAT
func (m *DefaultManager) supportsInternalDNAT(fw firewall.Manager) bool {
_, ok := fw.(internalDNATer)
return ok
}
func isRouteSupported(route *route.Route) bool {
if netstack.IsEnabled() || !nbnet.CustomRoutingDisabled() || route.IsDynamic() {
return true