func (svc *service) startRejecting(upd model.ServiceUpdate) (serviceState, error) { rule := []interface{}{ "-p", "tcp", "-d", upd.IP(), "--dport", upd.Port, "-j", "REJECT", } err := svc.config.addRule("filter", rule) if err != nil { return nil, err } return rejecting(func() { svc.config.deleteRule("filter", rule) }), nil }
func (srv *Server) doRequest(conn *net.UnixConn) error { var buf bytes.Buffer _, err := io.Copy(&buf, conn) if err != nil { return err } // XXX support service deletion commands parts := strings.Split(strings.TrimSpace(buf.String()), " ") if len(parts) <= 0 { return fmt.Errorf("service specification should begin with port:ip-address") } addr, err := net.ResolveTCPAddr("tcp", parts[0]) if err != nil { return err } var insts []model.Instance for _, inst := range parts[2:] { addr, err := net.ResolveTCPAddr("tcp", inst) if err != nil { return err } insts = append(insts, model.MakeInstance(addr.IP, addr.Port)) } var update model.ServiceUpdate update.ServiceKey = model.MakeServiceKey("tcp", addr.IP, addr.Port) update.ServiceInfo = &model.ServiceInfo{ Protocol: parts[1], Instances: insts, } select { case srv.updates <- update: case <-srv.closed: } return nil }
func (svc *service) startForwarding(upd model.ServiceUpdate) (serviceState, error) { bridgeIP, err := svc.config.bridgeIP() if err != nil { return nil, err } listener, err := net.ListenTCP("tcp", &net.TCPAddr{IP: bridgeIP}) if err != nil { return nil, err } success := false defer func() { if !success { listener.Close() } }() rule := []interface{}{ "-p", "tcp", "-d", upd.IP(), "--dport", upd.Port, "-j", "DNAT", "--to-destination", listener.Addr(), } err = svc.config.addRule("nat", rule) if err != nil { return nil, err } fwd := &forwarding{ service: svc, rule: rule, listener: listener, stopCh: make(chan struct{}), ServiceInfo: upd.ServiceInfo, } fwd.chooseShim() go fwd.run() success = true return fwd, nil }