Merge pull request #139 from r-caamano/v0.5.7_release_candidate

V0.5.7 release candidate
r-caamano · Jan 22, 2024 · 304bce1 · 304bce1
2 parents 69b741e + f39d64c
commit 304bce1
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 7 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ---
+
+# [0.5.7] - 2024-01-21
+
+###
+
+-- Modified the "zfw -F" system call in start_ebpf_py.py to "zfw -F -r" to ensure that any ziti created loopback routes are also
+   cleared when restarting ziti-router.  
+-- Removed deprecated sed entries in start_ebpf_router.py that are no longer required
+-- Fixed inaccurate string parse check in start_ebpf_router.py set_local_rules()
+
 # [0.5.6] - 2024-01-19
 
 ###

diff --git a/files/scripts/start_ebpf_router.py b/files/scripts/start_ebpf_router.py
@@ -190,14 +190,13 @@ def get_if_ip(intf):
                return ""
 
 def set_local_rules(resolver):
-        default_cidr = '0.0.0.0/0'
         default_ip = '0.0.0.0'
         default_mask = '0'
-        if(len(resolver.split('/'))):
+        if(len(resolver.split('/')) == 2):
             lan_ip = resolver.split('/')[0]
             lan_mask = '32'
         else:
-            lan_ip = default_cidr
+            lan_ip = default_ip
             lan_mask = default_mask
         add_edge_listener_rules(lan_ip, lan_mask)
         add_link_listener_rules(lan_ip, lan_mask)
@@ -369,7 +368,7 @@ def set_local_rules(resolver):
         os.system("/opt/openziti/bin/user/user_rules.sh")
 else:
     print("ebpf already running!");
-    os.system("/usr/sbin/zfw -F")
+    os.system("/usr/sbin/zfw -F -r")
     print("Flushed Table")
     for i in internal_list:
         if(not tc_status(i, "ingress")):
@@ -417,8 +416,6 @@ def set_local_rules(resolver):
 if(os.path.exists('/etc/systemd/system/ziti-router.service') and router_config):
     unconfigured = os.system("grep -r 'ExecStartPre\=\-\/opt/openziti\/bin\/start_ebpf_router.py' /etc/systemd/system/ziti-router.service")
     if(unconfigured):
-        os.system("sed -i 's/ExecStartPre\=\-\/opt\/netfoundry\/ebpf\/objects\/etables \-F \-r/#ExecStartPre\=-\/opt\/netfoundry\/ebpf\/objects\/etables \-F \-r/g' /etc/systemd/system/ziti-router.service")
-        os.system("sed -i 's/ExecStartPre\=\-\/opt\/netfoundry\/ebpf\/scripts\/tproxy_splicer_startup.sh/#ExecStartPre\=\-\/opt\/netfoundry\/ebpf\/scripts\/tproxy_splicer_startup.sh/g' /etc/systemd/system/ziti-router.service")
         test1 = 1
         test1 = os.system("sed -i '/ExecStart=/i ExecStartPre\=\-\/opt\/openziti\/bin\/start_ebpf_router.py' /etc/systemd/system/ziti-router.service")
         if(not test1):

diff --git a/src/zfw.c b/src/zfw.c
@@ -152,7 +152,7 @@ char *tc_interface;
 char *log_file_name;
 char *object_file;
 char *direction_string;
-const char *argp_program_version = "0.5.6";
+const char *argp_program_version = "0.5.7";
 struct ring_buffer *ring_buffer;
 
 __u8 if_list[MAX_IF_LIST_ENTRIES];