diff --git a/common/net.go b/common/net.go index 3d41a7b..0e2f9d6 100644 --- a/common/net.go +++ b/common/net.go @@ -17,14 +17,16 @@ var ( ) func init() { - if flags.ExternalNetworksWhitelist != nil { - for _, prefix := range *flags.ExternalNetworksWhitelist { - p, err := netaddr.ParseIPPrefix(prefix) - if err != nil { - klog.Fatalf("invalid network %s: %s", prefix, err) - } - ConnectionFilter.WhitelistPrefix(p) + klog.Infoln("whitelisted public IPs:", *flags.ExternalNetworksWhitelist) + for _, prefix := range *flags.ExternalNetworksWhitelist { + if prefix == "" { + continue } + p, err := netaddr.ParseIPPrefix(prefix) + if err != nil { + klog.Fatalf("invalid network %s: %s", prefix, err) + } + ConnectionFilter.WhitelistPrefix(p) } if r := flags.EphemeralPortRange; r != nil && *r != "" { klog.Infoln("ephemeral-port-range:", *r) diff --git a/flags/flags.go b/flags/flags.go index f6f11ac..3ece4b6 100644 --- a/flags/flags.go +++ b/flags/flags.go @@ -14,8 +14,12 @@ var ( DisablePinger = kingpin.Flag("disable-pinger", "Don't ping upstreams").Default("false").Envar("DISABLE_PINGER").Bool() DisableL7Tracing = kingpin.Flag("disable-l7-tracing", "Disable L7 tracing").Default("false").Envar("DISABLE_L7_TRACING").Bool() - ExternalNetworksWhitelist = kingpin.Flag("track-public-network", "Allow track connections to the specified IP networks, all private networks are allowed by default (e.g., Y.Y.Y.Y/mask)").Envar("TRACK_PUBLIC_NETWORK").Strings() - EphemeralPortRange = kingpin.Flag("ephemeral-port-range", "Destination and Listen TCP ports from this range will be skipped").Default("32768-60999").Envar("EPHEMERAL_PORT_RANGE").String() + ExternalNetworksWhitelist = kingpin. + Flag("track-public-network", "Allow track connections to the specified IP networks, all private networks are allowed by default (e.g., Y.Y.Y.Y/mask)"). + Envar("TRACK_PUBLIC_NETWORK"). + Default("0.0.0.0/0"). + Strings() + EphemeralPortRange = kingpin.Flag("ephemeral-port-range", "Destination and Listen TCP ports from this range will be skipped").Default("32768-60999").Envar("EPHEMERAL_PORT_RANGE").String() Provider = kingpin.Flag("provider", "`provider` label for `node_cloud_info` metric").Envar("PROVIDER").String() Region = kingpin.Flag("region", "`region` label for `node_cloud_info` metric").Envar("REGION").String()