Beispiel #1
0
func (f *fakeFirewallRules) UpdateFirewall(name, msgTag string, srcRange netset.IPNet, ports []int64, hosts []string) error {
	var exists bool
	strPorts := []string{}
	for _, p := range ports {
		strPorts = append(strPorts, fmt.Sprintf("%v", p))
	}

	// To accurately mimic the cloudprovider we need to add the k8s-fw
	// prefix to the given rule name.
	name = f.namer.FrName(name)
	for i := range f.fw {
		if f.fw[i].Name == name {
			exists = true
			f.fw[i] = &compute.Firewall{
				Name:         name,
				SourceRanges: srcRange.StringSlice(),
				Allowed:      []*compute.FirewallAllowed{{Ports: strPorts}},
			}
		}
	}
	if exists {
		return nil
	}
	return fmt.Errorf("Update failed for rule %v, srcRange %v ports %v, rule not found", name, srcRange, ports)
}
Beispiel #2
0
// IsAllowAll checks whether the netsets.IPNet allows traffic from 0.0.0.0/0
func IsAllowAll(ipnets netsets.IPNet) bool {
	for _, s := range ipnets.StringSlice() {
		if s == "0.0.0.0/0" {
			return true
		}
	}
	return false
}
Beispiel #3
0
func (f *fakeFirewallRules) CreateFirewall(name, msgTag string, srcRange netset.IPNet, ports []int64, hosts []string) error {
	strPorts := []string{}
	for _, p := range ports {
		strPorts = append(strPorts, fmt.Sprintf("%v", p))
	}
	f.fw = append(f.fw, &compute.Firewall{
		// To accurately mimic the cloudprovider we need to add the k8s-fw
		// prefix to the given rule name.
		Name:         f.namer.FrName(name),
		SourceRanges: srcRange.StringSlice(),
		Allowed:      []*compute.FirewallAllowed{{Ports: strPorts}},
	})
	return nil
}