Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(*) add transparent-proxy firewalld support #1702

Merged
merged 9 commits into from
Mar 29, 2021
Merged

chore(*) add transparent-proxy firewalld support #1702

merged 9 commits into from
Mar 29, 2021

Conversation

nickolaev
Copy link
Contributor

@nickolaev nickolaev commented Mar 18, 2021
edited
Loading

Summary

Add support for firewalld persistent storage of iptables

Issues resolved

Fix #1692

Documentation

Nikolay Nikolaev added 4 commits March 18, 2021 22:46
chore(*) firewalld translation from iptables
f057156 
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
chore(*) kumactl install with firewalld
b3d0628 
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
chore(*) make sure to not repeat rules in firewalld
0b5cd1d 
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
chore(*) fix completion
c03b28c 
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
@nickolaev nickolaev requested a review from a team as a code owner March 18, 2021 22:52
test(*) fix testing
8534703 
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
lobkovilya
lobkovilya reviewed Mar 23, 2021
View reviewed changes
app/kumactl/cmd/install/install_transparent_proxy.go Outdated
parser := regexp.MustCompile(`\* (?P<table>\w*)`)
rules := map[string][]string{}

lines := strings.Split(output, "\n")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd better use bufio.Scanner and bufio.ScanLines to read line by line in a platform-agnostic way

app/kumactl/cmd/install/install_transparent_proxy.go Outdated

matches := parser.FindStringSubmatch(line)
if len(matches) > 1 {
table = matches[0]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

matches[0] contains the most matched part of line like * nat for example, since you have named captured group table you can use matches[parser.SubexpIndex("table")]

@nickolaev
Merge remote-tracking branch 'origin/master' into chore/kumactl_tp_im…
8fa0132 
…provements
@nickolaev
fix(*) review
3fc0de1 
Signed-off-by: Nikolay Nikolaev <nicknickolaev@gmail.com>
jakubdyszkiewicz
jakubdyszkiewicz approved these changes Mar 29, 2021
View reviewed changes
pkg/transparentproxy/transparentproxy.go Outdated
type IptablesTranslator interface {
// store iptables rules
// accepts a map of slices, the map key is the iptables table
// and the slices aare the list of the iptables rules in that table
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

aare -> are

@nickolaev
Copy link
Contributor Author

@Mergifyio update

@mergify
Copy link
Contributor

mergify bot commented Mar 29, 2021

Command update: success

Branch has been successfully updated

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ nickolaev
❌ mergify[bot]
You have signed the CLA already but the status is still pending? Let us recheck it.

@nickolaev nickolaev merged commit 47009e1 into master Mar 29, 2021
@nickolaev nickolaev deleted the chore/kumactl_tp_improvements branch March 29, 2021 11:55
mergify bot pushed a commit that referenced this pull request Mar 29, 2021
chore(*) add transparent-proxy firewalld support (#1702)
39a3b18 
* chore(*) firewalld translation from iptables

* chore(*) kumactl install with firewalld

Signed-off-by: Nikolay Nikolaev <nicknickolaev@gmail.com>
(cherry picked from commit 47009e1)
@mergify mergify bot mentioned this pull request Mar 29, 2021
Merged
nickolaev pushed a commit that referenced this pull request Mar 29, 2021
@mergify
chore(*) add transparent-proxy firewalld support (#1702) (#1736)
730f1d5 
* chore(*) firewalld translation from iptables

* chore(*) kumactl install with firewalld

Signed-off-by: Nikolay Nikolaev <nicknickolaev@gmail.com>
(cherry picked from commit 47009e1)

Co-authored-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lobkovilya lobkovilya lobkovilya approved these changes

@jakubdyszkiewicz jakubdyszkiewicz jakubdyszkiewicz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

support persistence of transparent mode firewalld rules
4 participants
@nickolaev @CLAassistant @jakubdyszkiewicz @lobkovilya