|
@@ -46,11 +46,6 @@ func (n *Namespace) findNeighbor(dstIP net.IP, dstMac net.HardwareAddr) *neigh {
|
|
|
|
|
|
|
|
// DeleteNeighbor deletes neighbor entry from the sandbox.
|
|
// DeleteNeighbor deletes neighbor entry from the sandbox.
|
|
|
func (n *Namespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr) error {
|
|
func (n *Namespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr) error {
|
|
|
- var (
|
|
|
|
|
- iface netlink.Link
|
|
|
|
|
- err error
|
|
|
|
|
- )
|
|
|
|
|
-
|
|
|
|
|
nh := n.findNeighbor(dstIP, dstMac)
|
|
nh := n.findNeighbor(dstIP, dstMac)
|
|
|
if nh == nil {
|
|
if nh == nil {
|
|
|
return NeighborSearchError{dstIP, dstMac, false}
|
|
return NeighborSearchError{dstIP, dstMac, false}
|
|
@@ -60,28 +55,27 @@ func (n *Namespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr) error
|
|
|
nlh := n.nlHandle
|
|
nlh := n.nlHandle
|
|
|
n.Unlock()
|
|
n.Unlock()
|
|
|
|
|
|
|
|
|
|
+ var linkIndex int
|
|
|
if nh.linkDst != "" {
|
|
if nh.linkDst != "" {
|
|
|
- iface, err = nlh.LinkByName(nh.linkDst)
|
|
|
|
|
|
|
+ iface, err := nlh.LinkByName(nh.linkDst)
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
return fmt.Errorf("could not find interface with destination name %s: %v", nh.linkDst, err)
|
|
return fmt.Errorf("could not find interface with destination name %s: %v", nh.linkDst, err)
|
|
|
}
|
|
}
|
|
|
|
|
+ linkIndex = iface.Attrs().Index
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
nlnh := &netlink.Neigh{
|
|
nlnh := &netlink.Neigh{
|
|
|
- IP: dstIP,
|
|
|
|
|
- State: netlink.NUD_PERMANENT,
|
|
|
|
|
- Family: nh.family,
|
|
|
|
|
|
|
+ LinkIndex: linkIndex,
|
|
|
|
|
+ IP: dstIP,
|
|
|
|
|
+ State: netlink.NUD_PERMANENT,
|
|
|
|
|
+ Family: nh.family,
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- if nlnh.Family > 0 {
|
|
|
|
|
|
|
+ if nh.family > 0 {
|
|
|
nlnh.HardwareAddr = dstMac
|
|
nlnh.HardwareAddr = dstMac
|
|
|
nlnh.Flags = netlink.NTF_SELF
|
|
nlnh.Flags = netlink.NTF_SELF
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- if nh.linkDst != "" {
|
|
|
|
|
- nlnh.LinkIndex = iface.Attrs().Index
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
// If the kernel deletion fails for the neighbor entry still remove it
|
|
// If the kernel deletion fails for the neighbor entry still remove it
|
|
|
// from the namespace cache, otherwise kernel update can fail if the
|
|
// from the namespace cache, otherwise kernel update can fail if the
|
|
|
// neighbor moves back to the same host again.
|
|
// neighbor moves back to the same host again.
|
|
@@ -90,25 +84,21 @@ func (n *Namespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr) error
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// Delete the dynamic entry in the bridge
|
|
// Delete the dynamic entry in the bridge
|
|
|
- if nlnh.Family > 0 {
|
|
|
|
|
- nlnh := &netlink.Neigh{
|
|
|
|
|
- IP: dstIP,
|
|
|
|
|
- Family: nh.family,
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- nlnh.HardwareAddr = dstMac
|
|
|
|
|
- nlnh.Flags = netlink.NTF_MASTER
|
|
|
|
|
- if nh.linkDst != "" {
|
|
|
|
|
- nlnh.LinkIndex = iface.Attrs().Index
|
|
|
|
|
- }
|
|
|
|
|
- if err := nlh.NeighDel(nlnh); err != nil && !errors.Is(err, os.ErrNotExist) {
|
|
|
|
|
|
|
+ if nh.family > 0 {
|
|
|
|
|
+ if err := nlh.NeighDel(&netlink.Neigh{
|
|
|
|
|
+ LinkIndex: linkIndex,
|
|
|
|
|
+ IP: dstIP,
|
|
|
|
|
+ Family: nh.family,
|
|
|
|
|
+ HardwareAddr: dstMac,
|
|
|
|
|
+ Flags: netlink.NTF_MASTER,
|
|
|
|
|
+ }); err != nil && !errors.Is(err, os.ErrNotExist) {
|
|
|
log.G(context.TODO()).WithError(err).Warn("error while deleting neighbor entry")
|
|
log.G(context.TODO()).WithError(err).Warn("error while deleting neighbor entry")
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
n.Lock()
|
|
n.Lock()
|
|
|
- for i, nh := range n.neighbors {
|
|
|
|
|
- if nh.dstIP.Equal(dstIP) && bytes.Equal(nh.dstMac, dstMac) {
|
|
|
|
|
|
|
+ for i, neighbor := range n.neighbors {
|
|
|
|
|
+ if neighbor.dstIP.Equal(dstIP) && bytes.Equal(neighbor.dstMac, dstMac) {
|
|
|
n.neighbors = append(n.neighbors[:i], n.neighbors[i+1:]...)
|
|
n.neighbors = append(n.neighbors[:i], n.neighbors[i+1:]...)
|
|
|
break
|
|
break
|
|
|
}
|
|
}
|
Sebastiaan van Stijn