fix: [NPM] Windows Dataplane logic fix for src and dst ports

npm/pkg/dataplane/dataplane.go

@@ -256,7 +256,7 @@ func (dp *DataPlane) UpdatePolicy(policy *policies.NPMNetworkPolicy) error {
 	klog.Infof("[DataPlane] Update Policy called for %s", policy.PolicyKey)
 	ok := dp.policyMgr.PolicyExists(policy.PolicyKey)
 	if !ok {
-		klog.Infof("[DataPlane] Policy %s is not found. Might been deleted already", policy.PolicyKey)
+		klog.Infof("[DataPlane] Policy %s is not found.", policy.PolicyKey)
 		return dp.AddPolicy(policy)
 	}
 

npm/pkg/dataplane/dataplane_windows.go

@@ -112,7 +112,10 @@ func (dp *DataPlane) updatePod(pod *updateNPMPod) error {
 	// Check if pod is already present in cache
 	endpoint, ok := dp.endpointCache[pod.PodIP]
 	if !ok {
-		return fmt.Errorf("[DataPlane] did not find endpoint with IPaddress %s", pod.PodIP)
+		// ignore this err and pod endpoint will be deleted in ApplyDP
+		// if the endpoint is not found, it means the pod is not part of this node or pod got deleted.
+		klog.Warningf("[DataPlane] did not find endpoint with IPaddress %s", pod.PodIP)
+		return nil
 	}
 
 	if endpoint.IP != pod.PodIP {

npm/pkg/dataplane/policies/policy_windows.go

@@ -94,20 +94,34 @@ func (acl *ACLPolicy) convertToAclSettings() (*NPMACLPolSettings, error) {
 
 	// HNS has confusing Local and Remote address defintions
 	// For Traffic Direction INGRESS
-	// 		LocalAddresses = Source IPs
+	// 	    LocalAddresses  = Source Sets
+	// 	    RemoteAddresses = Destination Sets
+	//      LocalPorts      = Destination Ports
+	//      RemotePorts     = Source Ports
+
+	// For Traffic Direction EGRESS
+	// 	    LocalAddresses  = Source Sets
+	// 	    RemoteAddresses = Destination Sets
+	//      LocalPorts      = Source Ports
+	//      RemotePorts     = Destination Ports
+
+	// If we use IPs in ACLs, then INGRESS mapping is same, but EGRESS mapping will change to below
+	// For Traffic Direction INGRESS
+	// 		LocalAddresses  = Source IPs
 	// 		RemoteAddresses = Destination IPs
 	// For Traffic Direction EGRESS
-	// 		LocalAddresses = Destination IPs
+	// 		LocalAddresses  = Destination IPs
 	// 		RemoteAddresses = Source IPs
+
 	policySettings.LocalAddresses = srcListStr
 	policySettings.RemoteAddresses = dstListStr
-	policySettings.RemotePorts = dstPortStr
-	policySettings.LocalPorts = ""
+
+	// Switch ports based on direction
+	policySettings.RemotePorts = ""
+	policySettings.LocalPorts = dstPortStr
 	if policySettings.Direction == hcn.DirectionTypeOut {
-		policySettings.LocalAddresses = dstListStr
-		policySettings.LocalPorts = dstPortStr
-		policySettings.RemotePorts = ""
-		policySettings.RemoteAddresses = srcListStr
+		policySettings.LocalPorts = ""
+		policySettings.RemotePorts = dstPortStr
 	}
 
 	return policySettings, nil