fixeria has uploaded this change for review. (
https://gerrit.osmocom.org/c/erlang/osmo-s1gw/+/40439?usp=email )
Change subject: enft_kpi: use command/expression templates from enftables
......................................................................
enft_kpi: use command/expression templates from enftables
Change-Id: I421ba5ccc8956586136466d5eb50d6ace69eeb67
Related: SYS#7307
---
M src/enft_kpi.erl
1 file changed, 22 insertions(+), 116 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/erlang/osmo-s1gw
refs/changes/39/40439/1
diff --git a/src/enft_kpi.erl b/src/enft_kpi.erl
index d5d5ce3..3afe9d5 100644
--- a/src/enft_kpi.erl
+++ b/src/enft_kpi.erl
@@ -147,15 +147,17 @@
TName = maps:get(table_name, Cfg, "osmo-s1gw"),
Interval = maps:get(interval, Cfg, 3000),
%% ignore (accept) anything but GTPU @ udp/2152
- R1 = [nft_expr_match_ip_proto("udp", ?OP_NEQ), nft_expr_accept()],
- R2 = [nft_expr_match_udp_dport(?GTPU_PORT, ?OP_NEQ), nft_expr_accept()],
- Cmds = [nft_cmd_add_table(TName),
+ R1 = [enftables:nft_expr_match_ip_proto("udp", ?OP_NEQ),
+ enftables:nft_expr_accept()],
+ R2 = [enftables:nft_expr_match_udp_dport(?GTPU_PORT, ?OP_NEQ),
+ enftables:nft_expr_accept()],
+ Cmds = [enftables:nft_cmd_add_table(TName, [<< "owner" >>]),
nft_cmd_add_chain(TName, "gtpu-ul", "prerouting"),
nft_cmd_add_chain(TName, "gtpu-dl", "postrouting"),
- nft_cmd_add_rule(TName, "gtpu-ul", R1),
- nft_cmd_add_rule(TName, "gtpu-dl", R1),
- nft_cmd_add_rule(TName, "gtpu-ul", R2),
- nft_cmd_add_rule(TName, "gtpu-dl", R2)
+ enftables:nft_cmd_add_rule(TName, "gtpu-ul", R1),
+ enftables:nft_cmd_add_rule(TName, "gtpu-dl", R1),
+ enftables:nft_cmd_add_rule(TName, "gtpu-ul", R2),
+ enftables:nft_cmd_add_rule(TName, "gtpu-dl", R2)
],
case nft_exec(Cmds) of
ok ->
@@ -221,7 +223,7 @@
handle_call(fetch_counters, _From,
#state{cfg = #{table_name := TName}} = S) ->
?LOG_DEBUG("Fetching NFT counters"),
- Cmds = [nft_cmd_list_counters(TName)],
+ Cmds = [enftables:nft_cmd_list_counters(TName)],
case nft_exec(Cmds) of
{ok, Res} ->
Ctrs = parse_nft_counters(Res),
@@ -272,7 +274,7 @@
#state{cfg = #{table_name := TName},
registry = R0} = S) ->
?LOG_DEBUG("Fetching and reporting NFT counters"),
- Cmds = [nft_cmd_list_counters(TName)],
+ Cmds = [enftables:nft_cmd_list_counters(TName)],
case nft_exec(Cmds) of
{ok, Res} ->
Ctrs = parse_nft_counters(Res),
@@ -312,7 +314,7 @@
?LOG_NOTICE("Terminating, reason ~p", [Reason]),
case Cfg of
#{enable := true, table_name := TName} ->
- nft_exec([nft_cmd_del_table(TName)]), %% delete the table
+ nft_exec([enftables:nft_cmd_del_table(TName)]), %% delete the table
ok;
_ -> ok %% stub mode
end.
@@ -377,10 +379,11 @@
#{table_name := TName}) ->
CName = enb_nft_counter_name(ULDL, GlobalENBId),
RName = enb_nft_rule_name(ULDL),
+ Counter = enftables:nft_counter(TName, CName),
Rule = [nft_expr_match_ip_addr({ULDL, Addr}),
- nft_expr_counter(CName)],
- Cmds = [nft_cmd_add_counter(TName, CName),
- nft_cmd_add_rule(TName, RName, Rule)
+ enftables:nft_expr_counter(CName)],
+ Cmds = [enftables:nft_cmd_add_counter(Counter),
+ enftables:nft_cmd_add_rule(TName, RName, Rule)
],
case nft_exec(Cmds) of
ok ->
@@ -419,8 +422,9 @@
[Pid, GlobalENBId, ULDL]),
CName = enb_nft_counter_name(ULDL, GlobalENBId),
RName = enb_nft_rule_name(ULDL),
- Cmds = [nft_cmd_del_rule(TName, RName, Handle),
- nft_cmd_del_counter(TName, CName)
+ Counter = enftables:nft_counter(TName, CName),
+ Cmds = [enftables:nft_cmd_del_rule(TName, RName, Handle),
+ enftables:nft_cmd_del_counter(Counter)
],
case nft_exec(Cmds) of
ok -> ok;
@@ -525,7 +529,7 @@
nft_chain_last_handle(TName, CName) ->
- Cmds = [nft_cmd_list_chain(TName, CName)],
+ Cmds = [enftables:nft_cmd_list_chain(TName, CName)],
case nft_exec(Cmds) of
{ok, Res} ->
#{<< "rule" >> := Rule} = lists:last(Res),
@@ -536,21 +540,6 @@
end.
-nft_cmd_add_table(TName) ->
- T = #{family => << "inet" >>,
- name => list_to_binary(TName),
- flags => [<< "owner" >>]
- },
- #{add => #{table => T}}.
-
-
-nft_cmd_del_table(TName) ->
- T = #{family => << "inet" >>,
- name => list_to_binary(TName)
- },
- #{delete => #{table => T}}.
-
-
nft_cmd_add_chain(TName, CName, Hook) ->
C = #{family => << "inet" >>,
table => list_to_binary(TName),
@@ -563,95 +552,12 @@
#{add => #{chain => C}}.
-nft_cmd_add_rule(TName, CName, Expr) ->
- R = #{family => << "inet" >>,
- table => list_to_binary(TName),
- chain => list_to_binary(CName),
- expr => Expr
- },
- #{add => #{rule => R}}.
-
-
-nft_cmd_del_rule(TName, CName, Handle) ->
- R = #{family => << "inet" >>,
- table => list_to_binary(TName),
- chain => list_to_binary(CName),
- handle => Handle
- },
- #{delete => #{rule => R}}.
-
-
-nft_counter(TName, Name) ->
- #{family => << "inet" >>,
- table => list_to_binary(TName),
- name => list_to_binary(Name)
- }.
-
-nft_cmd_add_counter(TName, Name) ->
- #{add => #{counter => nft_counter(TName, Name)}}.
-
-nft_cmd_del_counter(TName, Name) ->
- #{delete => #{counter => nft_counter(TName, Name)}}.
-
-
--spec nft_expr_match_payload({Proto, Field}, Value, Op) -> map()
- when Proto :: string(),
- Field :: string(),
- Value :: term(),
- Op :: string().
-nft_expr_match_payload({Proto, Field}, Value, Op) ->
- Left = #{payload => #{protocol => list_to_binary(Proto),
- field => list_to_binary(Field)}},
- #{match => #{left => Left,
- right => Value,
- op => list_to_binary(Op)}}.
-
-
-nft_expr_match_ip_proto(Proto, Op) ->
- nft_expr_match_payload({"ip", "protocol"},
- list_to_binary(Proto), Op).
-
-nft_expr_match_ip_saddr(Addr, Op) ->
- nft_expr_match_payload({"ip", "saddr"},
- list_to_binary(Addr), Op).
-
-nft_expr_match_ip_daddr(Addr, Op) ->
- nft_expr_match_payload({"ip", "daddr"},
- list_to_binary(Addr), Op).
-
-nft_expr_match_udp_dport(Port, Op) ->
- nft_expr_match_payload({"udp", "dport"}, Port, Op).
-
-
-spec nft_expr_match_ip_addr(uldl_addr()) -> map().
nft_expr_match_ip_addr({ul, Addr}) ->
- nft_expr_match_ip_saddr(Addr, ?OP_EQ);
+ enftables:nft_expr_match_ip_saddr(Addr, ?OP_EQ);
nft_expr_match_ip_addr({dl, Addr}) ->
- nft_expr_match_ip_daddr(Addr, ?OP_EQ).
-
-
-nft_expr_accept() ->
- #{accept => null}.
-
-
-nft_expr_counter(Name) ->
- #{counter => list_to_binary(Name)}.
-
-
-nft_cmd_list_chain(TName, CName) ->
- C = #{family => << "inet" >>,
- table => list_to_binary(TName),
- name => list_to_binary(CName)
- },
- #{list => #{chain => C}}.
-
-
-nft_cmd_list_counters(TName) ->
- T = #{family => << "inet" >>,
- name => list_to_binary(TName)
- },
- #{list => #{counters => #{table => T}}}.
+ enftables:nft_expr_match_ip_daddr(Addr, ?OP_EQ).
-spec heartbeat(timeout()) -> no_return().
--
To view, visit https://gerrit.osmocom.org/c/erlang/osmo-s1gw/+/40439?usp=email
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings?usp=email
Gerrit-MessageType: newchange
Gerrit-Project: erlang/osmo-s1gw
Gerrit-Branch: master
Gerrit-Change-Id: I421ba5ccc8956586136466d5eb50d6ace69eeb67
Gerrit-Change-Number: 40439
Gerrit-PatchSet: 1
Gerrit-Owner: fixeria <[email protected]>
