Mirrors/juanfont.headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-10-28 10:51:44 +01:00
Code Issues Projects Releases Wiki Activity
6b6509eeeb
juanfont.headscale/hscontrol/policy/matcher/matcher.go
Kristoffer Dalby 7891378f57
Redo route code (#2422) 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2025-02-26 16:22:55 +01:00

91 lines
1.5 KiB
Go
Raw Blame History

package matcher
import (
"net/netip"
"github.com/juanfont/headscale/hscontrol/util"
"go4.org/netipx"
"tailscale.com/tailcfg"
)
type Match struct {
srcs *netipx.IPSet
dests *netipx.IPSet
}
func MatchFromFilterRule(rule tailcfg.FilterRule) Match {
dests := []string{}
for _, dest := range rule.DstPorts {
dests = append(dests, dest.IP)
}
return MatchFromStrings(rule.SrcIPs, dests)
}
func MatchFromStrings(sources, destinations []string) Match {
srcs := new(netipx.IPSetBuilder)
dests := new(netipx.IPSetBuilder)
for _, srcIP := range sources {
set, _ := util.ParseIPSet(srcIP, nil)
srcs.AddSet(set)
}
for _, dest := range destinations {
set, _ := util.ParseIPSet(dest, nil)
dests.AddSet(set)
}
srcsSet, _ := srcs.IPSet()
destsSet, _ := dests.IPSet()
match := Match{
srcs: srcsSet,
dests: destsSet,
}
return match
}
func (m *Match) SrcsContainsIPs(ips ...netip.Addr) bool {
for _, ip := range ips {
if m.srcs.Contains(ip) {
return true
}
}
return false
}
func (m *Match) DestsContainsIP(ips ...netip.Addr) bool {
for _, ip := range ips {
if m.dests.Contains(ip) {
return true
}
}
return false
}
func (m *Match) SrcsOverlapsPrefixes(prefixes ...netip.Prefix) bool {
for _, prefix := range prefixes {
if m.srcs.ContainsPrefix(prefix) {
return true
}
}
return false
}
func (m *Match) DestsOverlapsPrefixes(prefixes ...netip.Prefix) bool {
for _, prefix := range prefixes {
if m.dests.ContainsPrefix(prefix) {
return true
}
}
return false
}
Reference in New Issue View Git Blame Copy Permalink