← Back to branch summary

~themue/juju-core/go-firewaller-global-mode

« back to all changes in this revision

Viewing changes to worker/firewaller/firewaller.go

  • Committer: Frank Mueller
  • Date: 2012-10-08 15:40:31 UTC
  • Revision ID: themue@gmail.com-20121008154031-oak3mjf6xr3qnbvo
firewaller: added port counter for global mode

Show diffs side-by-side

added added

removed removed

Lines of Context:
worker/firewaller/firewaller.go
3
3
import (
4
4
        "fmt"
5
5
        "launchpad.net/juju-core/environs"
 
6
        "launchpad.net/juju-core/environs/config"
6
7
        "launchpad.net/juju-core/log"
7
8
        "launchpad.net/juju-core/state"
8
9
        "launchpad.net/juju-core/state/watcher"
22
23
        unitsChange     chan *unitsChange
23
24
        unitds          map[string]*unitData
24
25
        portsChange     chan *portsChange
 
26
        globalPorts     map[state.Port]int
25
27
        serviceds       map[string]*serviceData
26
28
        exposedChange   chan *exposedChange
27
29
}
36
38
                unitsChange:     make(chan *unitsChange),
37
39
                unitds:          make(map[string]*unitData),
38
40
                portsChange:     make(chan *portsChange),
 
41
                globalPorts:     make(map[state.Port]int),
39
42
                serviceds:       make(map[string]*serviceData),
40
43
                exposedChange:   make(chan *exposedChange),
41
44
        }
160
163
        }
161
164
        toOpen := diff(want, machined.ports)
162
165
        toClose := diff(machined.ports, want)
 
166
        toOpen, toClose = fw.filterGlobalPorts(toOpen, toClose)
163
167
        machined.ports = want
164
168
 
165
169
        // If there's nothing to do, do nothing.
206
210
        return nil
207
211
}
208
212
 
 
213
// filterGlobalPorts checks in case of the global firewall mode, which ports are
 
214
// already open (for opening) and which are still needed (for closing).
 
215
func (fw *Firewaller) filterGlobalPorts(openIn, closeIn []state.Port) (openOut, closeOut []state.Port) {
 
216
        if fw.environ.Config().FirewallMode() == config.FwDefault {
 
217
                return openIn, closeIn
 
218
        }
 
219
        // Global mode, so filter and count.
 
220
        openOut = []state.Port{}
 
221
        closeOut = []state.Port{}
 
222
        for _, port := range openIn {
 
223
                if fw.globalPorts[port] == 0 {
 
224
                        // Open only the first one.
 
225
                        openOut = append(openOut, port)
 
226
                }
 
227
                fw.globalPorts[port]++
 
228
        }
 
229
        for _, port := range closeIn {
 
230
                if fw.globalPorts[port] == 1 {
 
231
                        // Close only the last one.
 
232
                        closeOut = append(closeOut, port)
 
233
                        delete(fw.globalPorts, port)
 
234
                }
 
235
                fw.globalPorts[port]--
 
236
        }
 
237
        return
 
238
}
 
239
 
209
240
// machineLifeChanged starts watching new machines when the firewaller
210
241
// is starting, or when new machines come to life, and stops watching
211
242
// machines that are dying.