feat(firewall): add support for int type in sets

Author: riccardotornesello

apis/networking/v1beta1/firewall/set_types.go

@@ -15,12 +15,13 @@
 package firewall
 
 // SetDataType is the type of a set element
-// +kubebuilder:validation:Enum="ipv4_addr"
+// +kubebuilder:validation:Enum=integer;ipv4_addr
 type SetDataType string
 
 // Possible SetDataType values.
 const (
-	SetDataTypeIPAddr SetDataType = "ipv4_addr"
+	SetDataTypeInteger SetDataType = "integer"
+	SetDataTypeIPAddr  SetDataType = "ipv4_addr"
 )
 
 // Set represents a nftables set

pkg/firewall/set.go

@@ -232,6 +232,8 @@ func getSetDataType(dataType *firewallapi.SetDataType) (nftables.SetDatatype, er
 	switch *dataType {
 	case firewallapi.SetDataTypeIPAddr:
 		return nftables.TypeIPAddr, nil
+	case firewallapi.SetDataTypeInteger:
+		return nftables.TypeInteger, nil
 	default:
 		return nftables.SetDatatype{}, fmt.Errorf("unsupported set data type: %s", *dataType)
 	}

pkg/firewall/utils/set.go

@@ -17,6 +17,7 @@ package utils
 import (
 	"fmt"
 	"net"
+	"strconv"
 
 	firewallapi "github.com/liqotech/liqo/apis/networking/v1beta1/firewall"
 )
@@ -41,6 +42,18 @@ func ConvertSetData(data *string, dataType *firewallapi.SetDataType) ([]byte, er
 		}
 		return ip.To4(), nil
 
+	case firewallapi.SetDataTypeInteger:
+		intValue, err := strconv.Atoi(*data)
+		if err != nil {
+			return nil, fmt.Errorf("set element has invalid integer value %s", *data)
+		}
+		return []byte{
+			byte((intValue >> 24) & 0xFF),
+			byte((intValue >> 16) & 0xFF),
+			byte((intValue >> 8) & 0xFF),
+			byte(intValue & 0xFF),
+		}, nil
+
 	default:
 		return nil, fmt.Errorf("invalid set value type %s", *dataType)
 	}