Also, remove unnecessary imports.
Signed-off-by: Balazs Lecz <[email protected]>
---
daemons/ganeti-nld | 20 ++++++++++++++++++++
lib/config.py | 10 +++++++++-
lib/constants.py | 1 +
lib/nflog_dispatcher.py | 3 +--
4 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/daemons/ganeti-nld b/daemons/ganeti-nld
index 8805155..04c84cd 100755
--- a/daemons/ganeti-nld
+++ b/daemons/ganeti-nld
@@ -36,6 +36,7 @@ Ganeti, on the cluster hmac key and master candidate list
being available.
import os
import sys
import logging
+import ip
from optparse import OptionParser
@@ -374,6 +375,20 @@ class NLDPeriodicUpdater(object):
self.confd_client.SendRequest(req)
+class MisroutedPacketHandler(object):
+ """Callback called when a packet is received via the NFLOG target.
+
+ """
+ def __call__(self, i, nflog_payload):
+ ip_packet = ip.disassemble(nflog_payload.get_data())
+ logging.debug("misrouted packet detected. source IP: %s", ip_packet.src)
+ # TODO: notify the endpoint(s) via an NLD request (preferably by iterating
+ # over the private IPs of the endpoints)
+ # TODO: look up the source IP in the peer list and if found, notify the
+ # relevant node
+ return 1
+
+
class NetworkLookupDaemon(object):
"""Main Ganeti NLD class
@@ -435,6 +450,11 @@ class NetworkLookupDaemon(object):
NLDPeriodicUpdater(cluster_name, mainloop, self.config,
hmac_key, mc_list, peer_set_manager)
)
+
+ misrouted_packet_callback = MisroutedPacketHandler()
+ nflog_dispatcher.AsyncNFLog(misrouted_packet_callback,
+ log_group=self.config.nflog_queue)
+
mainloop.Run()
diff --git a/lib/config.py b/lib/config.py
index 51f66ed..0607b5a 100644
--- a/lib/config.py
+++ b/lib/config.py
@@ -39,6 +39,7 @@ DEFAULT_SECTION = "default"
ENDPOINT_EXTIP_KEY = "endpoint_external_ip"
INTERFACE_KEY = "gre_interface"
TABLE_KEY = "routing_table"
+NFLOG_QUEUE_KEY = "nflog_queue"
# Cluster-specific configuration keys
CLUSTER_NAME_KEY = "cluster_name"
@@ -101,6 +102,7 @@ class NLDConfig(objects.ConfigObject):
"out_mc_file",
"tables_tunnels",
"clusters",
+ "nflog_queue",
]
@classmethod
@@ -148,6 +150,11 @@ class NLDConfig(objects.ConfigObject):
interface = constants.DEFAULT_NEIGHBOUR_INTERFACE
has_interface = False
+ if parser.has_option(DEFAULT_SECTION, NFLOG_QUEUE_KEY):
+ nflog_queue = int(parser.get(DEFAULT_SECTION, NFLOG_QUEUE_KEY))
+ else:
+ nflog_queue = constants.DEFAULT_NFLOG_QUEUE
+
if (has_table or has_interface) and table not in tables_map:
tables_map[table] = interface
elif (has_table or has_interface) and tables_map[table] != interface:
@@ -188,4 +195,5 @@ class NLDConfig(objects.ConfigObject):
return NLDConfig(endpoints=endpoints,
tables_tunnels=tables_map,
- clusters=clusters)
+ clusters=clusters,
+ nflog_queue=nflog_queue)
diff --git a/lib/constants.py b/lib/constants.py
index 1954d5f..c1277f6 100644
--- a/lib/constants.py
+++ b/lib/constants.py
@@ -31,3 +31,4 @@ DEFAULT_CONF_FILE = CONF_DIR + "/common.conf"
DEFAULT_ROUTING_TABLE = "100"
DEFAULT_NEIGHBOUR_INTERFACE = "gtun0"
+DEFAULT_NFLOG_QUEUE = 0
diff --git a/lib/nflog_dispatcher.py b/lib/nflog_dispatcher.py
index 857bac0..fb67559 100644
--- a/lib/nflog_dispatcher.py
+++ b/lib/nflog_dispatcher.py
@@ -26,9 +26,8 @@
import asyncore
import logging
import nflog
-import sys
-from socket import AF_INET, inet_ntoa
+from socket import AF_INET
def NFLogLoggingCallback(i, payload):
logging.debug("NFLogLoggingCallback() called. i: %s payload length: %s",
--
1.7.0.1
