Skip to content

Commit

Permalink
Import external network prefixes to shared DMZ networks (#47)
Browse files Browse the repository at this point in the history 
* resolve #46 by importing internet prefixes to the DMZ VRF

* use golangci/golangci-lint-action instead of actions-contrib which was deprecated

* use golangci/golangci-lint-action instead of actions-contrib which was deprecated
  • Loading branch information
@mwindower
mwindower authored Apr 26, 2021
1 parent 14f4135 commit fdd79ac
Show file tree
Hide file tree
Showing 6 changed files with 7 additions and 10 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/master.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2
- name: Lint
uses: actions-contrib/golangci-lint@master
with:
args: run
uses: golangci/golangci-lint-action@v2
- name: Set up Go 1.15
uses: actions/[email protected]
with:
Expand Down
4 changes: 1 addition & 3 deletions .github/workflows/pr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@master
- name: Lint
uses: actions-contrib/golangci-lint@master
with:
args: run
uses: golangci/golangci-lint-action@v2
- name: Set up Go 1.15
uses: actions/[email protected]
with:
Expand Down
4 changes: 1 addition & 3 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@master
- name: Lint
uses: actions-contrib/golangci-lint@master
with:
args: run
uses: golangci/golangci-lint-action@v2
- name: Set up Go 1.15
uses: actions/[email protected]
with:
Expand Down
1 change: 1 addition & 0 deletions pkg/netconf/routemap.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ func importRulesForNetwork(kb KnowledgeBase, network models.V1MachineNetwork) *i
}
if importExternalNet {
i.importVRFs = append(i.importVRFs, vrfNameOf(e))
i.importPrefixes = append(i.importPrefixes, prefixesOfNetwork(e)...)
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/netconf/routemap_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ func Test_importRulesForNetwork(t *testing.T) {
{
targetVRF: dmz.vrf,
importVRFs: []string{private.vrf, inet.vrf},
importPrefixes: concatPfxSlices(private.prefixes, dmz.prefixes, dmz.destinations),
importPrefixes: concatPfxSlices(private.prefixes, dmz.prefixes, dmz.destinations, inet.prefixes),
},
{
targetVRF: inet.vrf,
Expand Down
2 changes: 2 additions & 0 deletions pkg/netconf/testdata/frr.conf.firewall_dmz
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,8 @@ route-map vrf3981-import-map deny 20
ip prefix-list vrf3983-import-prefixes seq 100 permit 10.0.16.0/22 le 32
ip prefix-list vrf3983-import-prefixes seq 101 permit 10.0.20.0/22 le 32
ip prefix-list vrf3983-import-prefixes seq 102 permit 0.0.0.0/0
ip prefix-list vrf3983-import-prefixes seq 103 permit 185.1.2.0/24 le 32
ip prefix-list vrf3983-import-prefixes seq 104 permit 185.27.0.0/22 le 32
route-map vrf3983-import-map permit 10
match ip address prefix-list vrf3983-import-prefixes
route-map vrf3983-import-map deny 20
Expand Down

0 comments on commit fdd79ac

Please sign in to comment.