mirror of
https://github.com/juanfont/headscale.git
synced 2025-01-22 00:11:47 +01:00
ToStringSlice will lead to high CPU usage, early conversion can reduce cpu usage
This commit is contained in:
parent
26282b7a54
commit
a6c8718a97
16
machine.go
16
machine.go
@ -194,6 +194,7 @@ func getFilteredByACLPeers(
|
|||||||
peers := make(map[uint64]Machine)
|
peers := make(map[uint64]Machine)
|
||||||
// Aclfilter peers here. We are itering through machines in all namespaces and search through the computed aclRules
|
// Aclfilter peers here. We are itering through machines in all namespaces and search through the computed aclRules
|
||||||
// for match between rule SrcIPs and DstPorts. If the rule is a match we allow the machine to be viewable.
|
// for match between rule SrcIPs and DstPorts. If the rule is a match we allow the machine to be viewable.
|
||||||
|
machineIPs := machine.IPAddresses.ToStringSlice()
|
||||||
for _, peer := range machines {
|
for _, peer := range machines {
|
||||||
if peer.ID == machine.ID {
|
if peer.ID == machine.ID {
|
||||||
continue
|
continue
|
||||||
@ -203,22 +204,23 @@ func getFilteredByACLPeers(
|
|||||||
for _, d := range rule.DstPorts {
|
for _, d := range rule.DstPorts {
|
||||||
dst = append(dst, d.IP)
|
dst = append(dst, d.IP)
|
||||||
}
|
}
|
||||||
|
peerIPs := peer.IPAddresses.ToStringSlice()
|
||||||
if matchSourceAndDestinationWithRule(
|
if matchSourceAndDestinationWithRule(
|
||||||
rule.SrcIPs,
|
rule.SrcIPs,
|
||||||
dst,
|
dst,
|
||||||
machine.IPAddresses.ToStringSlice(),
|
machineIPs,
|
||||||
peer.IPAddresses.ToStringSlice(),
|
peerIPs,
|
||||||
) || // match source and destination
|
) || // match source and destination
|
||||||
matchSourceAndDestinationWithRule(
|
matchSourceAndDestinationWithRule(
|
||||||
rule.SrcIPs,
|
rule.SrcIPs,
|
||||||
dst,
|
dst,
|
||||||
peer.IPAddresses.ToStringSlice(),
|
peerIPs,
|
||||||
machine.IPAddresses.ToStringSlice(),
|
machineIPs,
|
||||||
) || // match return path
|
) || // match return path
|
||||||
matchSourceAndDestinationWithRule(
|
matchSourceAndDestinationWithRule(
|
||||||
rule.SrcIPs,
|
rule.SrcIPs,
|
||||||
dst,
|
dst,
|
||||||
machine.IPAddresses.ToStringSlice(),
|
machineIPs,
|
||||||
[]string{"*"},
|
[]string{"*"},
|
||||||
) || // match source and all destination
|
) || // match source and all destination
|
||||||
matchSourceAndDestinationWithRule(
|
matchSourceAndDestinationWithRule(
|
||||||
@ -231,13 +233,13 @@ func getFilteredByACLPeers(
|
|||||||
rule.SrcIPs,
|
rule.SrcIPs,
|
||||||
dst,
|
dst,
|
||||||
[]string{"*"},
|
[]string{"*"},
|
||||||
peer.IPAddresses.ToStringSlice(),
|
peerIPs,
|
||||||
) || // match source and all destination
|
) || // match source and all destination
|
||||||
matchSourceAndDestinationWithRule(
|
matchSourceAndDestinationWithRule(
|
||||||
rule.SrcIPs,
|
rule.SrcIPs,
|
||||||
dst,
|
dst,
|
||||||
[]string{"*"},
|
[]string{"*"},
|
||||||
machine.IPAddresses.ToStringSlice(),
|
machineIPs,
|
||||||
) { // match all sources and source
|
) { // match all sources and source
|
||||||
peers[peer.ID] = peer
|
peers[peer.ID] = peer
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user