Revision 9368f21c53b7aa96b8743a0b8b79a0ab44d963c6 authored by Jarno Rajahalme on 20 June 2024, 21:26:05 UTC, committed by Nathan Sweet on 21 June 2024, 15:57:37 UTC
AllowsIdentity is only used for testing, move it there. Add the missing InvertedPortMask field on the wildcard port lookup. Signed-off-by: Jarno Rajahalme <jarno@isovalent.com>
1 parent d97069c
ip_linux.go
// SPDX-License-Identifier: Apache-2.0
// Copyright Authors of Cilium
package node
import (
"strings"
"github.com/vishvananda/netlink"
)
func init() {
initExcludedIPs()
}
func initExcludedIPs() {
// We exclude below bad device prefixes from address selection ...
prefixes := []string{
"docker",
}
links, err := netlink.LinkList()
if err != nil {
return
}
for _, l := range links {
// ... also all down devices since they won't be reachable.
//
// We need to check for both "up" and "unknown" state, as some
// drivers may not implement operstate handling, and just report
// their state as unknown even though they are operational.
if l.Attrs().OperState == netlink.OperUp ||
l.Attrs().OperState == netlink.OperUnknown {
skip := true
for _, p := range prefixes {
if strings.HasPrefix(l.Attrs().Name, p) {
skip = false
break
}
}
if skip {
continue
}
}
addr, err := netlink.AddrList(l, netlink.FAMILY_ALL)
if err != nil {
continue
}
for _, a := range addr {
excludedIPs = append(excludedIPs, a.IP)
}
}
}
Computing file changes ...
