feat: add formatters for masked IP addresses #42969
Conversation
rudrakhp
force-pushed
the
masked_address_formatter
branch
from
e6f2a0f to
7d86db2
Compare
wbpcode
left a comment
wbpcode
left a comment
There was a problem hiding this comment.
Thanks so much for the update. This is very useful enhancement. I added some comments.
/assign
/wait
| ``%MASKED_UPSTREAM_LOCAL_ADDRESS_WITHOUT_PORT(prefix_len)%`` | ||
| Local address of the upstream connection (Envoy's source IP when connecting to upstream), masked to the | ||
| specified CIDR prefix length in CIDR notation. The ``prefix_len`` parameter is optional. | ||
|
|
||
| - If ``prefix_len`` is specified, the IP address is masked to that many bits. | ||
| - If ``prefix_len`` is omitted, defaults to ``/32`` for IPv4 and ``/128`` for IPv6 (full address). | ||
| - For IPv4, ``prefix_len`` must be between 0-32. | ||
| - For IPv6, ``prefix_len`` must be between 0-128. | ||
|
|
||
| Examples: | ||
|
|
||
| - ``%MASKED_UPSTREAM_LOCAL_ADDRESS_WITHOUT_PORT(16)%`` returns ``10.1.0.0/16`` for source IP ``10.1.10.23`` | ||
| - ``%MASKED_UPSTREAM_LOCAL_ADDRESS_WITHOUT_PORT(64)%`` returns ``2001:db8:1234:5678::/64`` for source IP ``2001:db8:1234:5678:9abc:def0:1234:5678`` | ||
| - ``%MASKED_UPSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%`` returns ``10.1.10.23/32`` for IPv4 source IP ``10.1.10.23`` or ``2001:db8:1234:5678:9abc:def0:1234:5678/128`` for IPv6 source IP ``2001:db8:1234:5678:9abc:def0:1234:5678`` | ||
|
|
There was a problem hiding this comment.
I think you can add the prefix_len parameter to the original UPSTREAM_LOCAL_ADDRESS_WITHOUT_PORT directly because you have the 32/128 default.
You can only append the /<prefix_len> at the end when the prefix_len < 32/128, then it will not change any previous behavior?
Or you still want /32 /128 as suffix even for the full address output?
There was a problem hiding this comment.
BTW, we may prefer full upper case like PREFIX or PREFIX_LEN. :)
There was a problem hiding this comment.
I think UPSTREAM_LOCAL_ADDRESS_WITHOUT_PORT(MASK_PREFIX_LEN) makes sense, where MASK_PREFIX_LEN is optional. When not passed will preserve existing behavior.
Or you still want /32 /128 as suffix even for the full address output?
I guess if someone wants this as a suffix they will have to pass it explicitly as a param, it would still work.
| ``%MASKED_UPSTREAM_REMOTE_ADDRESS_WITHOUT_PORT(prefix_len)%`` | ||
| Remote address of the upstream connection, masked to the specified CIDR prefix length in CIDR notation. | ||
| The ``prefix_len`` parameter is optional. | ||
|
|
||
| - If ``prefix_len`` is specified, the IP address is masked to that many bits. | ||
| - If ``prefix_len`` is omitted, defaults to ``/32`` for IPv4 and ``/128`` for IPv6 (full address). | ||
| - For IPv4, ``prefix_len`` must be between 0-32. | ||
| - For IPv6, ``prefix_len`` must be between 0-128. |
rudrakhp
force-pushed
the
masked_address_formatter
branch
from
7d86db2 to
a065d76
Compare
rudrakhp
force-pushed
the
masked_address_formatter
branch
2 times, most recently
from
7301fa2 to
f8465a9
Compare
Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com>
rudrakhp
force-pushed
the
masked_address_formatter
branch
from
f8465a9 to
d0f1773
Compare
2 participants
Commit Message: Add formatters for masked IP addresses
Additional Description: Added masked alternatives for supported substitution formatters that return IP addresses today
Risk Level: Low
Testing: Unit testing
Docs Changes: Added the new substitution formatters to docs
Release Notes: Yes
Platform Specific Features: N/A
Related: #42845 (comment)