From 74a8324c2ed10037d16f2b7b1ab615a6b3d2be90 Mon Sep 17 00:00:00 2001
From: Trekkie Coder <trekkie@netlox.io>
Date: Tue, 2 Jan 2024 23:45:44 +0900
Subject: [PATCH 1/3] Add loopback to blacklist by default

---
 api/loxinlp/nlp.go |  3 +++
 loxinet/layer3.go  | 28 ++++++++++++++++++++++++----
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/api/loxinlp/nlp.go b/api/loxinlp/nlp.go
index 59880d2e..ee25862c 100644
--- a/api/loxinlp/nlp.go
+++ b/api/loxinlp/nlp.go
@@ -95,6 +95,9 @@ func NlpRegister(hook cmn.NetHookInterface) {
 }
 
 func iSBlackListedIntf(name string, masterIdx int) bool {
+	if name == "lo" {
+		return true
+	}
 	filter := nNl.BLRgx.MatchString(name)
 	return filter
 }
diff --git a/loxinet/layer3.go b/loxinet/layer3.go
index a6bb3b3a..e861867f 100644
--- a/loxinet/layer3.go
+++ b/loxinet/layer3.go
@@ -100,8 +100,18 @@ func (l3 *L3H) IfaAdd(Obj string, Cidr string) (int, error) {
 		ra := RtAttr{0, 0, false, ifObjID}
 		_, err = mh.zr.Rt.RtAdd(*network, RootZone, ra, nil)
 		if err != nil {
-			tk.LogIt(tk.LogDebug, "ifa add - %s:%s self-rt error\n", addr.String(), Obj)
-			return L3AddrErr, errors.New("self-route add error")
+			tk.LogIt(tk.LogDebug, "ifa add - %s:%s subnet-rt error\n", addr.String(), Obj)
+			return L3AddrErr, errors.New("subnet-route add error")
+		} else {
+			myAddr, myNet, err := net.ParseCIDR(addr.String() + "/32")
+			if err != nil {
+				return L3AddrErr, errors.New("myip address parse error")
+			}
+			_, err = mh.zr.Rt.RtAdd(*myNet, RootZone, ra, nil)
+			if err != nil {
+				tk.LogIt(tk.LogDebug, " - %s:%s my-self-rt error\n", myAddr.String(), Obj)
+				return L3AddrErr, errors.New("my-self-route add error")
+			}
 		}
 
 		ifa.DP(DpCreate)
@@ -140,8 +150,18 @@ func (l3 *L3H) IfaAdd(Obj string, Cidr string) (int, error) {
 	ra := RtAttr{0, 0, false, ifObjID}
 	_, err = mh.zr.Rt.RtAdd(*network, RootZone, ra, nil)
 	if err != nil {
-		tk.LogIt(tk.LogDebug, " - %s:%s self-rt error\n", addr.String(), Obj)
-		return L3AddrErr, errors.New("self-route add error")
+		tk.LogIt(tk.LogDebug, " - %s:%s subnet-rt error\n", addr.String(), Obj)
+		return L3AddrErr, errors.New("subnet-route add error")
+	} else {
+		myAddr, myNet, err := net.ParseCIDR(addr.String() + "/32")
+		if err != nil {
+			return L3AddrErr, errors.New("myip address parse error")
+		}
+		_, err = mh.zr.Rt.RtAdd(*myNet, RootZone, ra, nil)
+		if err != nil {
+			tk.LogIt(tk.LogDebug, " - %s:%s my-self-rt error\n", myAddr.String(), Obj)
+			return L3AddrErr, errors.New("my-self-route add error")
+		}
 	}
 
 	ifa.DP(DpCreate)

From 666d2adbe2789d1b475e31d71463f693e21a3eb4 Mon Sep 17 00:00:00 2001
From: Trekkie Coder <trekkie@netlox.io>
Date: Tue, 2 Jan 2024 23:46:13 +0900
Subject: [PATCH 2/3] Updated to latest submodule

---
 loxilb-ebpf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/loxilb-ebpf b/loxilb-ebpf
index 083b53b5..f6c89456 160000
--- a/loxilb-ebpf
+++ b/loxilb-ebpf
@@ -1 +1 @@
-Subproject commit 083b53b51a53a0dd0436a28ba720372dc4e40e29
+Subproject commit f6c894567348efcdbe76643866b73d09b82fda1f

From f518a0ddfe1e2c71cedb805c044c3a24d0451969 Mon Sep 17 00:00:00 2001
From: Trekkie Coder <trekkie@netlox.io>
Date: Wed, 3 Jan 2024 00:15:40 +0900
Subject: [PATCH 3/3] changes to ifa handling

---
 loxinet/layer3.go | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/loxinet/layer3.go b/loxinet/layer3.go
index e861867f..1bcee3ef 100644
--- a/loxinet/layer3.go
+++ b/loxinet/layer3.go
@@ -102,7 +102,7 @@ func (l3 *L3H) IfaAdd(Obj string, Cidr string) (int, error) {
 		if err != nil {
 			tk.LogIt(tk.LogDebug, "ifa add - %s:%s subnet-rt error\n", addr.String(), Obj)
 			return L3AddrErr, errors.New("subnet-route add error")
-		} else {
+		} else if sz, _ := net.IPMask(network.Mask).Size(); sz != 32 && sz != 128 {
 			myAddr, myNet, err := net.ParseCIDR(addr.String() + "/32")
 			if err != nil {
 				return L3AddrErr, errors.New("myip address parse error")
@@ -152,7 +152,7 @@ func (l3 *L3H) IfaAdd(Obj string, Cidr string) (int, error) {
 	if err != nil {
 		tk.LogIt(tk.LogDebug, " - %s:%s subnet-rt error\n", addr.String(), Obj)
 		return L3AddrErr, errors.New("subnet-route add error")
-	} else {
+	} else if sz, _ := net.IPMask(network.Mask).Size(); sz != 32 && sz != 128 {
 		myAddr, myNet, err := net.ParseCIDR(addr.String() + "/32")
 		if err != nil {
 			return L3AddrErr, errors.New("myip address parse error")
@@ -205,13 +205,23 @@ func (l3 *L3H) IfaDelete(Obj string, Cidr string) (int, error) {
 		}
 	}
 
-	if found == true {
+	if found {
 		// delete self-routes related to this ifa
 		_, err = mh.zr.Rt.RtDelete(*network, RootZone)
 		if err != nil {
-			tk.LogIt(tk.LogError, "ifa delete %s:%s self-rt error\n", addr.String(), Obj)
+			tk.LogIt(tk.LogError, "ifa delete %s:%s subnet-rt error\n", addr.String(), Obj)
 			// Continue after logging error because there is noway to fallback
 		}
+		if sz, _ := net.IPMask(network.Mask).Size(); sz != 32 && sz != 128 {
+			myAddr, myNet, err := net.ParseCIDR(addr.String() + "/32")
+			if err == nil {
+				_, err = mh.zr.Rt.RtDelete(*myNet, RootZone)
+				if err != nil {
+					tk.LogIt(tk.LogError, "ifa delete %s:%s my-self-rt error\n", myAddr.String(), Obj)
+					// Continue after logging error because there is noway to fallback
+				}
+			}
+		}
 		if len(ifa.Ifas) == 0 {
 			delete(l3.IfaMap, ifa.Key)