1
0
mirror of https://github.com/juanfont/headscale.git synced 2025-01-22 00:11:47 +01:00

ToStringSlice will lead to high CPU usage, early conversion can reduce cpu usage

This commit is contained in:
Allen 2023-01-11 15:03:37 +08:00 committed by Juan Font
parent 26282b7a54
commit a6c8718a97

View File

@ -194,6 +194,7 @@ func getFilteredByACLPeers(
peers := make(map[uint64]Machine) peers := make(map[uint64]Machine)
// Aclfilter peers here. We are itering through machines in all namespaces and search through the computed aclRules // Aclfilter peers here. We are itering through machines in all namespaces and search through the computed aclRules
// for match between rule SrcIPs and DstPorts. If the rule is a match we allow the machine to be viewable. // for match between rule SrcIPs and DstPorts. If the rule is a match we allow the machine to be viewable.
machineIPs := machine.IPAddresses.ToStringSlice()
for _, peer := range machines { for _, peer := range machines {
if peer.ID == machine.ID { if peer.ID == machine.ID {
continue continue
@ -203,22 +204,23 @@ func getFilteredByACLPeers(
for _, d := range rule.DstPorts { for _, d := range rule.DstPorts {
dst = append(dst, d.IP) dst = append(dst, d.IP)
} }
peerIPs := peer.IPAddresses.ToStringSlice()
if matchSourceAndDestinationWithRule( if matchSourceAndDestinationWithRule(
rule.SrcIPs, rule.SrcIPs,
dst, dst,
machine.IPAddresses.ToStringSlice(), machineIPs,
peer.IPAddresses.ToStringSlice(), peerIPs,
) || // match source and destination ) || // match source and destination
matchSourceAndDestinationWithRule( matchSourceAndDestinationWithRule(
rule.SrcIPs, rule.SrcIPs,
dst, dst,
peer.IPAddresses.ToStringSlice(), peerIPs,
machine.IPAddresses.ToStringSlice(), machineIPs,
) || // match return path ) || // match return path
matchSourceAndDestinationWithRule( matchSourceAndDestinationWithRule(
rule.SrcIPs, rule.SrcIPs,
dst, dst,
machine.IPAddresses.ToStringSlice(), machineIPs,
[]string{"*"}, []string{"*"},
) || // match source and all destination ) || // match source and all destination
matchSourceAndDestinationWithRule( matchSourceAndDestinationWithRule(
@ -231,13 +233,13 @@ func getFilteredByACLPeers(
rule.SrcIPs, rule.SrcIPs,
dst, dst,
[]string{"*"}, []string{"*"},
peer.IPAddresses.ToStringSlice(), peerIPs,
) || // match source and all destination ) || // match source and all destination
matchSourceAndDestinationWithRule( matchSourceAndDestinationWithRule(
rule.SrcIPs, rule.SrcIPs,
dst, dst,
[]string{"*"}, []string{"*"},
machine.IPAddresses.ToStringSlice(), machineIPs,
) { // match all sources and source ) { // match all sources and source
peers[peer.ID] = peer peers[peer.ID] = peer
} }