apps/kubevpn
1
0
Fork 0
mirror of https://github.com/kubenetworks/kubevpn.git synced 2025-09-27 03:36:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

hotfix: handle not found route packet with gVisor instead of drop it

Browse Source
This commit is contained in:
naison
2025-05-12 07:33:45 +00:00
parent b28eaef6a7
commit a1117dee62
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/core/gvisortunendpoint.go
View File

@@ -88,7 +88,11 @@ func (h *gvisorTCPHandler) readFromTCPConnWriteToEndpoint(ctx context.Context, c
h.addToRouteMapTCP(ctx, src, conn)
// inner ip like 198.19.0.100/102/103 connect each other
if config.CIDR.Contains(dst) || config.CIDR6.Contains(dst) {
// for issue 594, sometimes k8s service network CIDR also use CIDR 198.19.151.170
// if we can find dst in route map, just trade packet as inner communicate
// if not find dst in route map, just trade packet as k8s service/pod ip
_, found := h.routeMapTCP.Load(dst.String())
if found && (config.CIDR.Contains(dst) || config.CIDR6.Contains(dst)) {
err = h.handlePacket(ctx, buf, read, src, dst, layers.IPProtocol(ipProtocol).String())
if err != nil {
plog.G(ctx).Errorf("[TCP-GVISOR] Failed to handle packet: %v", err)