RFC: Add index to srcPort acl

Author: thomasjpfan

proxy/ha_proxy_test.go

@@ -1195,8 +1195,8 @@ func (s HaProxyTestSuite) Test_CreateConfigFromTemplates_AddsMultipleFrontends()
 	expectedData := fmt.Sprintf(
 		`%s
     acl url_my-service-12222_0 path_beg /path
-    acl srcPort_my-service-11111 dst_port 1111
-    use_backend my-service-1-be2222_0 if url_my-service-12222_0 srcPort_my-service-11111
+    acl srcPort_my-service-11111_0 dst_port 1111
+    use_backend my-service-1-be2222_0 if url_my-service-12222_0 srcPort_my-service-11111_0
 
 frontend tcpFE_3333
     bind *:3333
@@ -1366,8 +1366,8 @@ frontend service_1234
     tcp-request inspect-delay 5s
     tcp-request content accept if { req_ssl_hello_type 1 }
     acl sni_my-service-14321-1
-    acl srcPort_my-service-11234 dst_port 1234
-    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234%s`,
+    acl srcPort_my-service-11234_3 dst_port 1234
+    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234_3%s`,
 		tmpl,
 		s.ServicesContent,
 	)
@@ -1405,8 +1405,8 @@ frontend service_1234
     tcp-request inspect-delay 5s
     tcp-request content accept if { req_ssl_hello_type 1 }
     acl sni_my-service-14321-1
-    acl srcPort_my-service-11234 dst_port 1234
-    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234%s`,
+    acl srcPort_my-service-11234_3 dst_port 1234
+    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234_3%s`,
 		tmpl,
 		s.ServicesContent,
 	)
@@ -1444,8 +1444,8 @@ frontend service_1234
     tcp-request inspect-delay 5s
     tcp-request content accept if { req_ssl_hello_type 1 }
     acl sni_my-service-14321-1
-    acl srcPort_my-service-11234 dst_port 1234
-    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234%s`,
+    acl srcPort_my-service-11234_3 dst_port 1234
+    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234_3%s`,
 		tmpl,
 		s.ServicesContent,
 	)
@@ -1483,8 +1483,8 @@ frontend service_1234
     tcp-request inspect-delay 5s
     tcp-request content accept if { req_ssl_hello_type 1 }
     acl sni_my-service-14321-1
-    acl srcPort_my-service-11234 dst_port 1234
-    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234%s`,
+    acl srcPort_my-service-11234_3 dst_port 1234
+    use_backend my-service-1-be4321_3 if sni_my-service-14321-1 srcPort_my-service-11234_3%s`,
 		tmpl,
 		s.ServicesContent,
 	)
@@ -1526,8 +1526,8 @@ frontend service_443
     tcp-request inspect-delay 5s
     tcp-request content accept if { req_ssl_hello_type 1 }
     acl sni_my-service-14321-1
-    acl srcPort_my-service-1443 dst_port 443
-    use_backend my-service-1-be4321_0 if sni_my-service-14321-1 srcPort_my-service-1443%s`,
+    acl srcPort_my-service-1443_0 dst_port 443
+    use_backend my-service-1-be4321_0 if sni_my-service-14321-1 srcPort_my-service-1443_0%s`,
 		tmpl,
 		s.ServicesContent,
 	)
@@ -1648,10 +1648,10 @@ func (s HaProxyTestSuite) Test_CreateConfigFromTemplates_AddsDomainsForEachServi
     acl url_my-service1111_1 path_beg /path
     acl domain_my-service1111_1 hdr_beg(host) -i domain-1-1.com domain-1-2.com
     acl url_my-service2222_45 path_beg /path
-    acl srcPort_my-service4321 dst_port 4321
+    acl srcPort_my-service4321_45 dst_port 4321
     acl domain_my-service2222_45 hdr_beg(host) -i domain-2-1.com domain-2-2.com
     use_backend my-service-be1111_1 if url_my-service1111_1 domain_my-service1111_1
-    use_backend my-service-be2222_45 if url_my-service2222_45 domain_my-service2222_45 srcPort_my-service4321%s`,
+    use_backend my-service-be2222_45 if url_my-service2222_45 domain_my-service2222_45 srcPort_my-service4321_45%s`,
 		tmpl,
 		s.ServicesContent,
 	)

proxy/template.go

@@ -290,11 +290,11 @@ backend {{$.AclName}}-be{{.Port}}_{{.Index}}
     {{- end}}
 {{- end}}
 {{- end}}
-    {{- if ne $.BackendExtra ""}}
+{{- if ne $.BackendExtra ""}}
     {{ $.BackendExtra }}
-    {{- end}}
-{{- if gt .HttpsPort 0}}
-    {{- range $sd := .ServiceDest}}
+{{- end}}
+{{- range $sd := .ServiceDest}}
+    {{- if gt $.HttpsPort 0}}
 backend https-{{$.AclName}}-be{{.Port}}_{{.Index}}
     mode {{.ReqModeFormatted}}
             {{- if eq .ReqModeFormatted "http"}}
@@ -356,11 +356,11 @@ backend https-{{$.AclName}}-be{{.Port}}_{{.Index}}
     http-request del-header Authorization
                 {{- end}}
             {{- end}}
-        {{- end}}
-        {{- if ne $.BackendExtra ""}}
+            {{- if ne $.BackendExtra ""}}
     {{ $.BackendExtra }}
-        {{- end}}
-    {{- end}}`
+            {{- end}}
+    {{- end}}
+{{- end}}`
 
 	return tmpl
 }
@@ -383,10 +383,11 @@ func FormatServiceForTemplates(sr *Service) {
 		if len(sr.ServiceDest[i].ReqMode) == 0 {
 			sr.ServiceDest[i].ReqMode = "http"
 		}
+
 		if sd.SrcPort > 0 {
-			sr.ServiceDest[i].SrcPortAclName = fmt.Sprintf(" srcPort_%s%d", sr.ServiceName, sd.SrcPort)
-			sr.ServiceDest[i].SrcPortAcl = fmt.Sprintf("\n    acl srcPort_%s%d dst_port %d",
-				sr.ServiceName, sd.SrcPort, sd.SrcPort)
+			sr.ServiceDest[i].SrcPortAclName = fmt.Sprintf(" srcPort_%s%d_%d", sr.ServiceName, sd.SrcPort, sd.Index)
+			sr.ServiceDest[i].SrcPortAcl = fmt.Sprintf("\n    acl srcPort_%s%d_%d dst_port %d",
+				sr.ServiceName, sd.SrcPort, sd.Index, sd.SrcPort)
 		}
 	}
 }

proxy/template_test.go

@@ -69,7 +69,7 @@ func (s *TemplateTestSuite) Test_FormatData_SrcPort_DefinesSrcPortAclNameAndSrcP
 	s.Require().Len(service.ServiceDest, 1)
 	sd := service.ServiceDest[0]
 
-	s.Equal(" srcPort_my-service-14480", sd.SrcPortAclName)
-	s.Equal("\n    acl srcPort_my-service-14480 dst_port 4480", sd.SrcPortAcl)
+	s.Equal(" srcPort_my-service-14480_0", sd.SrcPortAclName)
+	s.Equal("\n    acl srcPort_my-service-14480_0 dst_port 4480", sd.SrcPortAcl)
 
 }