iptables: rename ProxyPort -> ToPort and TargetPort -> FromPort

grafana · Jul 10, 2023 · 59345a4 · 59345a4
1 parent 13aef8c
commit 59345a4
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 31 deletions.
diff --git a/cmd/agent/commands/grpc.go b/cmd/agent/commands/grpc.go
@@ -51,8 +51,8 @@ func BuildGrpcCmd(env runtime.Environment, config *agent.Config) *cobra.Command
 			var redirector protocol.TrafficRedirector
 			if transparent {
 				tr := &iptables.TrafficRedirectionSpec{
-					TargetPort: targetPort,
-					ProxyPort:  port,
+					FromPort: targetPort, // Redirect traffic from the application (target) port...
+					ToPort:   port,       // to the proxy port.
 				}
 
 				redirector, err = iptables.NewTrafficRedirector(tr, env.Executor())

diff --git a/cmd/agent/commands/http.go b/cmd/agent/commands/http.go
@@ -50,8 +50,8 @@ func BuildHTTPCmd(env runtime.Environment, config *agent.Config) *cobra.Command
 			var redirector protocol.TrafficRedirector
 			if transparent {
 				tr := &iptables.TrafficRedirectionSpec{
-					TargetPort: targetPort,
-					ProxyPort:  port,
+					FromPort: targetPort, // Redirect traffic from the application (target) port...
+					ToPort:   port,       // to the proxy port.
 				}
 
 				redirector, err = iptables.NewTrafficRedirector(tr, env.Executor())

diff --git a/pkg/iptables/iptables.go b/pkg/iptables/iptables.go
@@ -87,10 +87,12 @@ const resetProxyRule = "INPUT " + // Traffic flowing through the INPUT chain
 
 // TrafficRedirectionSpec specifies the redirection of traffic to a destination
 type TrafficRedirectionSpec struct {
-	// ProxyPort is the port where the proxy is listening at.
-	ProxyPort uint
-	// TargetPort is the port of for the upstream application.
-	TargetPort uint
+	// ToPort is the port where the traffic should be redirected to.
+	// Typically, this would be where a transparent proxy is listening.
+	ToPort uint
+	// FromPort is the port of for the upstream application.
+	// Typically, this would be the original port where the application is listening.
+	FromPort uint
 }
 
 // trafficRedirect defines an instance of a TrafficRedirector
@@ -104,12 +106,12 @@ func NewTrafficRedirector(
 	tr *TrafficRedirectionSpec,
 	executor runtime.Executor,
 ) (protocol.TrafficRedirector, error) {
-	if tr.TargetPort == 0 || tr.ProxyPort == 0 {
-		return nil, fmt.Errorf("TargetPort and ProxyPort must be specified")
+	if tr.FromPort == 0 || tr.ToPort == 0 {
+		return nil, fmt.Errorf("FromPort and ToPort must be specified")
 	}
 
-	if tr.TargetPort == tr.ProxyPort {
-		return nil, fmt.Errorf("TargetPort (%d) and ProxyPort (%d) must be different", tr.TargetPort, tr.ProxyPort)
+	if tr.FromPort == tr.ToPort {
+		return nil, fmt.Errorf("FromPort (%d) and ToPort (%d) must be different", tr.FromPort, tr.ToPort)
 	}
 
 	return &redirector{
@@ -122,13 +124,13 @@ func (tr *redirector) redirectRules() []string {
 	return []string{
 		fmt.Sprintf(
 			redirectLocalRule,
-			tr.TargetPort,
-			tr.ProxyPort,
+			tr.FromPort,
+			tr.ToPort,
 		),
 		fmt.Sprintf(
 			redirectExternalRule,
-			tr.TargetPort,
-			tr.ProxyPort,
+			tr.FromPort,
+			tr.ToPort,
 		),
 	}
 }
@@ -137,17 +139,17 @@ func (tr *redirector) resetRules() []string {
 	return []string{
 		fmt.Sprintf(
 			resetLocalRule,
-			tr.TargetPort,
+			tr.FromPort,
 		),
 		fmt.Sprintf(
 			resetExternalRule,
-			tr.TargetPort,
+			tr.FromPort,
 		),
 	}
 }
 
 func (tr *redirector) resetProxyRule() string {
-	return fmt.Sprintf(resetProxyRule, tr.ProxyPort)
+	return fmt.Sprintf(resetProxyRule, tr.ToPort)
 }
 
 // execIptables runs performs the specified action ("-A" or "-D") for the supplied rule.

diff --git a/pkg/iptables/iptables_test.go b/pkg/iptables/iptables_test.go
@@ -20,16 +20,16 @@ func Test_validateTrafficRedirect(t *testing.T) {
 		{
 			title: "Valid redirect",
 			redirect: TrafficRedirectionSpec{
-				TargetPort: 80,
-				ProxyPort:  8080,
+				FromPort: 80,
+				ToPort:   8080,
 			},
 			expectError: false,
 		},
 		{
 			title: "Same target and proxy port",
 			redirect: TrafficRedirectionSpec{
-				TargetPort: 8080,
-				ProxyPort:  8080,
+				FromPort: 8080,
+				ToPort:   8080,
 			},
 			expectError: true,
 		},
@@ -77,8 +77,8 @@ func Test_Commands(t *testing.T) {
 		{
 			title: "Start valid redirect",
 			redirect: TrafficRedirectionSpec{
-				TargetPort: 80,
-				ProxyPort:  8080,
+				FromPort: 80,
+				ToPort:   8080,
 			},
 			testFunction: func(tr protocol.TrafficRedirector) error {
 				return tr.Start()
@@ -97,8 +97,8 @@ func Test_Commands(t *testing.T) {
 		{
 			title: "Stop active redirect",
 			redirect: TrafficRedirectionSpec{
-				TargetPort: 80,
-				ProxyPort:  8080,
+				FromPort: 80,
+				ToPort:   8080,
 			},
 			testFunction: func(tr protocol.TrafficRedirector) error {
 				return tr.Stop()
@@ -117,8 +117,8 @@ func Test_Commands(t *testing.T) {
 		{
 			title: "Error invoking iptables command in Start",
 			redirect: TrafficRedirectionSpec{
-				TargetPort: 80,
-				ProxyPort:  8080,
+				FromPort: 80,
+				ToPort:   8080,
 			},
 			testFunction: func(tr protocol.TrafficRedirector) error {
 				return tr.Start()
@@ -131,8 +131,8 @@ func Test_Commands(t *testing.T) {
 		{
 			title: "Error invoking iptables command in Stop",
 			redirect: TrafficRedirectionSpec{
-				TargetPort: 80,
-				ProxyPort:  8080,
+				FromPort: 80,
+				ToPort:   8080,
 			},
 			testFunction: func(tr protocol.TrafficRedirector) error {
 				return tr.Stop()