Skip to content

Commit

Permalink
Merge pull request #10 from netfoundry/v0.4.0_candidate
Browse files Browse the repository at this point in the history 
added support for zitiX tun interface name change
  • Loading branch information
@r-caamano
r-caamano committed Jun 30, 2023
2 parents 394f1f1 + f283818 commit eaad8e8
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 13 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@
All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

---
# [0.4.0] - 2023-06-29

###

- Added support for upcoming ziti-edge-tunnel interface name change from tunX to zitiX.

# [0.3.10] - 2023-06-28

###
Expand Down
55 changes: 42 additions & 13 deletions src/zfw.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ static char *tun_interface;
static char *tc_interface;
static char *object_file;
static char *direction_string;
const char *argp_program_version = "0.3.10";
const char *argp_program_version = "0.4.0";

static __u8 if_list[MAX_IF_LIST_ENTRIES];
int ifcount = 0;
Expand Down Expand Up @@ -976,14 +976,24 @@ void interface_tc()
address = address->ifa_next;
continue;
}
if(!strncmp(address->ifa_name,"tun", 3) || idx >= MAX_IF_ENTRIES)
if (all_interface)
{
tc_interface = address->ifa_name;
}
if(!strncmp(address->ifa_name,"tun", 3) || !strncmp(address->ifa_name,"ziti", 4))
{
if(!strncmp(tc_interface,"tun", 3)){
printf("zfw does not allow tc filters on tun interfaces!\n");
if(!strncmp(tc_interface,"tun", 3) || !strncmp(tc_interface,"ziti", 4)){
printf("%s:zfw does not allow tc filters on tun interfaces!\n", address->ifa_name);
}
address = address->ifa_next;
continue;
}
if(idx >= MAX_IF_ENTRIES)
{
printf("%s:zfw does not allow tc filters interfaces with an ifindex above %d!\n", address->ifa_name, MAX_IF_ENTRIES -1);
address = address->ifa_next;
continue;
}
if (!strncmp(address->ifa_name, "lo", 2))
{
lo_count++;
Expand All @@ -992,10 +1002,6 @@ void interface_tc()
continue;
}
}
if (all_interface)
{
tc_interface = address->ifa_name;
}
if (tc || tcfilter)
{
if (!strcmp(tc_interface, address->ifa_name))
Expand Down Expand Up @@ -1070,7 +1076,8 @@ void interface_diag()
address = address->ifa_next;
continue;
}
if(idx >= MAX_IF_ENTRIES && strncmp(address->ifa_name,"tun", 3)){
if(idx >= MAX_IF_ENTRIES && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)){
printf("%s:zfw does not support interfaces with an ifindex above %d!\n", address->ifa_name, MAX_IF_ENTRIES -1);
address = address->ifa_next;
continue;
}
Expand Down Expand Up @@ -1107,7 +1114,23 @@ void interface_diag()
address = address->ifa_next;
continue;
}
if (echo && strncmp(address->ifa_name,"tun", 3))
if(!strncmp(address->ifa_name, "ziti", 4) && (tun || per_interface || ssh_disable || echo)){
if(per_interface && !strncmp(prefix_interface, "ziti", 4)){
printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name);
}
if(tun && !strncmp(tun_interface, "ziti", 4)){
printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name);
}
if(ssh_disable && !strncmp(ssh_interface, "ziti", 4)){
printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name);
}
if(echo && !strncmp(echo_interface, "ziti", 4)){
printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name);
}
address = address->ifa_next;
continue;
}
if (echo && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4))
{
if (!strcmp(echo_interface, address->ifa_name))
{
Expand All @@ -1120,6 +1143,9 @@ void interface_diag()
if(!strncmp(address->ifa_name, "tun", 3) && !strncmp(verbose_interface,"tun", 3)){
set_tun_diag();
}
else if(!strncmp(address->ifa_name, "ziti", 4) && !strncmp(verbose_interface,"ziti", 4)){
set_tun_diag();
}
else if(!strcmp(verbose_interface, address->ifa_name))
{
set_diag(&idx);
Expand Down Expand Up @@ -1147,6 +1173,9 @@ void interface_diag()
if(!strncmp(address->ifa_name, "tun", 3) && !strncmp(diag_interface,"tun", 3)){
set_tun_diag();
}
else if(!strncmp(address->ifa_name, "ziti", 4) && !strncmp(verbose_interface,"ziti", 4)){
set_tun_diag();
}
else if (!strcmp(diag_interface, address->ifa_name))
{
set_diag(&idx);
Expand Down Expand Up @@ -1287,7 +1316,7 @@ bool interface_map()
address = address->ifa_next;
continue;
}
if((idx >= MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3)){
if((idx >= MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)){
address = address->ifa_next;
continue;
}
Expand All @@ -1312,11 +1341,11 @@ bool interface_map()
continue;
}
}
if((idx < MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3)){
if((idx < MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)){
add_if_index(&idx, ifip, address->ifa_name);
}

if(ifip == tunip)
if((ifip == tunip) && (!strncmp(address->ifa_name,"tun", 3) || !strncmp(address->ifa_name,"ziti", 4)))
{
bool change_detected =true;
struct ifindex_tun o_iftun;
Expand Down

0 comments on commit eaad8e8

Please sign in to comment.