baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Add missing TCP IPAllowList middleware constructor

Browse source 
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
This commit is contained in:
Baptiste Mayelle 2024-01-04 14:58:05 +01:00 committed by GitHub
parent 9adf0fb638
commit eff294829f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
integration/fixtures/tcp/ip-whitelist.toml → integration/fixtures/tcp/ip-allowlist.toml
View file

@ -23,7 +23,7 @@
entryPoints = ["tcp"] entryPoints = ["tcp"]
rule = "HostSNI(`whoami-a.test`)" rule = "HostSNI(`whoami-a.test`)"
service = "whoami-a" service = "whoami-a"
middlewares = ["blocking-ipwhitelist"] middlewares = ["blocking-allowlist"]
[tcp.routers.to-whoami-a.tls] [tcp.routers.to-whoami-a.tls]
passthrough = true passthrough = true
@ -31,7 +31,7 @@
entryPoints = ["tcp"] entryPoints = ["tcp"]
rule = "HostSNI(`whoami-b.test`)" rule = "HostSNI(`whoami-b.test`)"
service = "whoami-b" service = "whoami-b"
middlewares = ["allowing-ipwhitelist"] middlewares = ["allowing-allowlist"]
[tcp.routers.to-whoami-b.tls] [tcp.routers.to-whoami-b.tls]
passthrough = true passthrough = true
@ -45,7 +45,7 @@
address = "{{ .WhoamiB }}" address = "{{ .WhoamiB }}"
[tcp.middlewares] [tcp.middlewares]
[tcp.middlewares.allowing-ipwhitelist.ipWhiteList] [tcp.middlewares.allowing-allowlist.ipAllowList]
sourceRange = ["127.0.0.1/32"] sourceRange = ["127.0.0.1/32"]
[tcp.middlewares.blocking-ipwhitelist.ipWhiteList] [tcp.middlewares.blocking-allowlist.ipAllowList]
sourceRange = ["127.127.127.127/32"] sourceRange = ["127.127.127.127/32"]

4
integration/tcp_test.go
View file

@ -249,8 +249,8 @@ func (s *TCPSuite) TestCatchAllNoTLSWithHTTPS(c *check.C) {
c.Assert(err, checker.IsNil) c.Assert(err, checker.IsNil)
} }
func (s *TCPSuite) TestMiddlewareWhiteList(c *check.C) { func (s *TCPSuite) TestMiddlewareAllowList(c *check.C) {
file := s.adaptFile(c, "fixtures/tcp/ip-whitelist.toml", struct { file := s.adaptFile(c, "fixtures/tcp/ip-allowlist.toml", struct {
WhoamiA string WhoamiA string
WhoamiB string WhoamiB string
}{ }{

10
pkg/server/middleware/tcp/middlewares.go
View file

@ -6,7 +6,9 @@ import (
"strings" "strings"
"github.com/traefik/traefik/v2/pkg/config/runtime" "github.com/traefik/traefik/v2/pkg/config/runtime"
"github.com/traefik/traefik/v2/pkg/log"
inflightconn "github.com/traefik/traefik/v2/pkg/middlewares/tcp/inflightconn" inflightconn "github.com/traefik/traefik/v2/pkg/middlewares/tcp/inflightconn"
"github.com/traefik/traefik/v2/pkg/middlewares/tcp/ipallowlist"
ipwhitelist "github.com/traefik/traefik/v2/pkg/middlewares/tcp/ipwhitelist" ipwhitelist "github.com/traefik/traefik/v2/pkg/middlewares/tcp/ipwhitelist"
"github.com/traefik/traefik/v2/pkg/server/provider" "github.com/traefik/traefik/v2/pkg/server/provider"
"github.com/traefik/traefik/v2/pkg/tcp" "github.com/traefik/traefik/v2/pkg/tcp"
@ -94,8 +96,16 @@ func (b *Builder) buildConstructor(ctx context.Context, middlewareName string) (
} }
} }
// IPAllowList
if config.IPAllowList != nil {
middleware = func(next tcp.Handler) (tcp.Handler, error) {
return ipallowlist.New(ctx, next, *config.IPAllowList, middlewareName)
}
}
// IPWhiteList // IPWhiteList
if config.IPWhiteList != nil { if config.IPWhiteList != nil {
log.FromContext(ctx).Warn("IPWhiteList is deprecated, please use IPAllowList instead.")
middleware = func(next tcp.Handler) (tcp.Handler, error) { middleware = func(next tcp.Handler) (tcp.Handler, error) {
return ipwhitelist.New(ctx, next, *config.IPWhiteList, middlewareName) return ipwhitelist.New(ctx, next, *config.IPWhiteList, middlewareName)
} }