[M] Change in ...osmo-s1gw[master]: enft_kpi: use command/expression templates from enftables - gerrit-log

5 Jun 2025

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/erlang/osmo-s1gw/+/40439?usp=email )
Change subject: enft_kpi: use command/expression templates from enftables
......................................................................
enft_kpi: use command/expression templates from enftables
Change-Id: I421ba5ccc8956586136466d5eb50d6ace69eeb67
Related: SYS#7307
---
M src/enft_kpi.erl
1 file changed, 22 insertions(+), 116 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/erlang/osmo-s1gw refs/changes/39/40439/1

diff --git a/src/enft_kpi.erl b/src/enft_kpi.erl
index d5d5ce3..3afe9d5 100644
--- a/src/enft_kpi.erl
+++ b/src/enft_kpi.erl
@@ -147,15 +147,17 @@
     TName = maps:get(table_name, Cfg, "osmo-s1gw"),
     Interval = maps:get(interval, Cfg, 3000),
     %% ignore (accept) anything but GTPU @ udp/2152
-    R1 = [nft_expr_match_ip_proto("udp", ?OP_NEQ), nft_expr_accept()],
-    R2 = [nft_expr_match_udp_dport(?GTPU_PORT, ?OP_NEQ), nft_expr_accept()],
-    Cmds = [nft_cmd_add_table(TName),
+    R1 = [enftables:nft_expr_match_ip_proto("udp", ?OP_NEQ),
+          enftables:nft_expr_accept()],
+    R2 = [enftables:nft_expr_match_udp_dport(?GTPU_PORT, ?OP_NEQ),
+          enftables:nft_expr_accept()],
+    Cmds = [enftables:nft_cmd_add_table(TName, [<< "owner" >>]),
             nft_cmd_add_chain(TName, "gtpu-ul", "prerouting"),
             nft_cmd_add_chain(TName, "gtpu-dl", "postrouting"),
-            nft_cmd_add_rule(TName, "gtpu-ul", R1),
-            nft_cmd_add_rule(TName, "gtpu-dl", R1),
-            nft_cmd_add_rule(TName, "gtpu-ul", R2),
-            nft_cmd_add_rule(TName, "gtpu-dl", R2)
+            enftables:nft_cmd_add_rule(TName, "gtpu-ul", R1),
+            enftables:nft_cmd_add_rule(TName, "gtpu-dl", R1),
+            enftables:nft_cmd_add_rule(TName, "gtpu-ul", R2),
+            enftables:nft_cmd_add_rule(TName, "gtpu-dl", R2)
            ],
     case nft_exec(Cmds) of
         ok ->
@@ -221,7 +223,7 @@
 handle_call(fetch_counters, _From,
             #state{cfg = #{table_name := TName}} = S) ->
     ?LOG_DEBUG("Fetching NFT counters"),
-    Cmds = [nft_cmd_list_counters(TName)],
+    Cmds = [enftables:nft_cmd_list_counters(TName)],
     case nft_exec(Cmds) of
         {ok, Res} ->
             Ctrs = parse_nft_counters(Res),
@@ -272,7 +274,7 @@
             #state{cfg = #{table_name := TName},
                    registry = R0} = S) ->
     ?LOG_DEBUG("Fetching and reporting NFT counters"),
-    Cmds = [nft_cmd_list_counters(TName)],
+    Cmds = [enftables:nft_cmd_list_counters(TName)],
     case nft_exec(Cmds) of
         {ok, Res} ->
             Ctrs = parse_nft_counters(Res),
@@ -312,7 +314,7 @@
     ?LOG_NOTICE("Terminating, reason ~p", [Reason]),
     case Cfg of
         #{enable := true, table_name := TName} ->
-            nft_exec([nft_cmd_del_table(TName)]), %% delete the table
+            nft_exec([enftables:nft_cmd_del_table(TName)]), %% delete the table
             ok;
         _ -> ok %% stub mode
     end.
@@ -377,10 +379,11 @@
                     #{table_name := TName}) ->
     CName = enb_nft_counter_name(ULDL, GlobalENBId),
     RName = enb_nft_rule_name(ULDL),
+    Counter = enftables:nft_counter(TName, CName),
     Rule = [nft_expr_match_ip_addr({ULDL, Addr}),
-            nft_expr_counter(CName)],
-    Cmds = [nft_cmd_add_counter(TName, CName),
-            nft_cmd_add_rule(TName, RName, Rule)
+            enftables:nft_expr_counter(CName)],
+    Cmds = [enftables:nft_cmd_add_counter(Counter),
+            enftables:nft_cmd_add_rule(TName, RName, Rule)
            ],
     case nft_exec(Cmds) of
         ok ->
@@ -419,8 +422,9 @@
                [Pid, GlobalENBId, ULDL]),
     CName = enb_nft_counter_name(ULDL, GlobalENBId),
     RName = enb_nft_rule_name(ULDL),
-    Cmds = [nft_cmd_del_rule(TName, RName, Handle),
-            nft_cmd_del_counter(TName, CName)
+    Counter = enftables:nft_counter(TName, CName),
+    Cmds = [enftables:nft_cmd_del_rule(TName, RName, Handle),
+            enftables:nft_cmd_del_counter(Counter)
            ],
     case nft_exec(Cmds) of
         ok -> ok;
@@ -525,7 +529,7 @@
nft_chain_last_handle(TName, CName) ->
-    Cmds = [nft_cmd_list_chain(TName, CName)],
+    Cmds = [enftables:nft_cmd_list_chain(TName, CName)],
     case nft_exec(Cmds) of
         {ok, Res} ->
             #{<< "rule" >> := Rule} = lists:last(Res),
@@ -536,21 +540,6 @@
     end.
-nft_cmd_add_table(TName) ->
-    T = #{family => << "inet" >>,
-          name => list_to_binary(TName),
-          flags => [<< "owner" >>]
-         },
-    #{add => #{table => T}}.
-
-
-nft_cmd_del_table(TName) ->
-    T = #{family => << "inet" >>,
-          name => list_to_binary(TName)
-         },
-    #{delete => #{table => T}}.
-
-
 nft_cmd_add_chain(TName, CName, Hook) ->
     C = #{family => << "inet" >>,
           table => list_to_binary(TName),
@@ -563,95 +552,12 @@
     #{add => #{chain => C}}.
-nft_cmd_add_rule(TName, CName, Expr) ->
-    R = #{family => << "inet" >>,
-          table => list_to_binary(TName),
-          chain => list_to_binary(CName),
-          expr => Expr
-         },
-    #{add => #{rule => R}}.
-
-
-nft_cmd_del_rule(TName, CName, Handle) ->
-    R = #{family => << "inet" >>,
-          table => list_to_binary(TName),
-          chain => list_to_binary(CName),
-          handle => Handle
-         },
-    #{delete => #{rule => R}}.
-
-
-nft_counter(TName, Name) ->
-    #{family => << "inet" >>,
-      table => list_to_binary(TName),
-      name => list_to_binary(Name)
-     }.
-
-nft_cmd_add_counter(TName, Name) ->
-    #{add => #{counter => nft_counter(TName, Name)}}.
-
-nft_cmd_del_counter(TName, Name) ->
-    #{delete => #{counter => nft_counter(TName, Name)}}.
-
-
--spec nft_expr_match_payload({Proto, Field}, Value, Op) -> map()
-    when Proto :: string(),
-         Field :: string(),
-         Value :: term(),
-         Op :: string().
-nft_expr_match_payload({Proto, Field}, Value, Op) ->
-    Left = #{payload => #{protocol => list_to_binary(Proto),
-                          field => list_to_binary(Field)}},
-    #{match => #{left => Left,
-                 right => Value,
-                 op => list_to_binary(Op)}}.
-
-
-nft_expr_match_ip_proto(Proto, Op) ->
-    nft_expr_match_payload({"ip", "protocol"},
-                           list_to_binary(Proto), Op).
-
-nft_expr_match_ip_saddr(Addr, Op) ->
-    nft_expr_match_payload({"ip", "saddr"},
-                           list_to_binary(Addr), Op).
-
-nft_expr_match_ip_daddr(Addr, Op) ->
-    nft_expr_match_payload({"ip", "daddr"},
-                           list_to_binary(Addr), Op).
-
-nft_expr_match_udp_dport(Port, Op) ->
-    nft_expr_match_payload({"udp", "dport"}, Port, Op).
-
-
 -spec nft_expr_match_ip_addr(uldl_addr()) -> map().
 nft_expr_match_ip_addr({ul, Addr}) ->
-    nft_expr_match_ip_saddr(Addr, ?OP_EQ);
+    enftables:nft_expr_match_ip_saddr(Addr, ?OP_EQ);
nft_expr_match_ip_addr({dl, Addr}) ->
-    nft_expr_match_ip_daddr(Addr, ?OP_EQ).
-
-
-nft_expr_accept() ->
-    #{accept => null}.
-
-
-nft_expr_counter(Name) ->
-    #{counter => list_to_binary(Name)}.
-
-
-nft_cmd_list_chain(TName, CName) ->
-    C = #{family => << "inet" >>,
-          table => list_to_binary(TName),
-          name => list_to_binary(CName)
-         },
-    #{list => #{chain => C}}.
-
-
-nft_cmd_list_counters(TName) ->
-    T = #{family => << "inet" >>,
-          name => list_to_binary(TName)
-         },
-    #{list => #{counters => #{table => T}}}.
+    enftables:nft_expr_match_ip_daddr(Addr, ?OP_EQ).
-spec heartbeat(timeout()) -> no_return().
-- 
To view, visit https://gerrit.osmocom.org/c/erlang/osmo-s1gw/+/40439?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email

Gerrit-MessageType: newchange
Gerrit-Project: erlang/osmo-s1gw
Gerrit-Branch: master
Gerrit-Change-Id: I421ba5ccc8956586136466d5eb50d6ace69eeb67
Gerrit-Change-Number: 40439
Gerrit-PatchSet: 1
Gerrit-Owner: fixeria vyanitskiy@sysmocom.de



    