Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/259.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# 如何自动确定ASP.NET核心应用程序的KnownNetworks,该应用程序在Kubernetes中运行,并带有集群内反向代理?_C#_Asp.net Core_Kubernetes - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# 如何自动确定ASP.NET核心应用程序的KnownNetworks,该应用程序在Kubernetes中运行,并带有集群内反向代理?

C# 如何自动确定ASP.NET核心应用程序的KnownNetworks,该应用程序在Kubernetes中运行,并带有集群内反向代理?

c# asp.net-core kubernetes

C# 如何自动确定ASP.NET核心应用程序的KnownNetworks,该应用程序在Kubernetes中运行,并带有集群内反向代理?,c#,asp.net-core,kubernetes,C#,Asp.net Core,Kubernetes,我正在Kubernetes的反向代理后面运行ASP.NET核心API,该代理发送X-Forwarded-For、X-Forwarded-Proto、和X-Forwarded-Host头 我发现我需要使用UseForwardedHeaders()来接受来自代理的值,因此我编写了以下代码: var forwardedOptions = new ForwardedHeadersOptions() { ForwardedHeaders = Microsoft.AspNetCore.HttpOve

我正在Kubernetes的反向代理后面运行ASP.NET核心API,该代理发送
X-Forwarded-For
X-Forwarded-Proto
、和
X-Forwarded-Host

我发现我需要使用
UseForwardedHeaders()
来接受来自代理的值,因此我编写了以下代码:

var forwardedOptions = new ForwardedHeadersOptions()
{
    ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.All
};
forwardedOptions.KnownNetworks.Add(new IPNetwork(IPAddress.Parse(configuration["network:address"]), int.Parse(configuration["network:cidrMask"])));
app.UseForwardedHeaders(forwardedOptions);
我正在Kubernetes中运行我的API和反向代理,并且该API仅在集群中可见。因此,我不担心集群网络上有人伪造报头。我想做的是自动检测集群的内部子网,并将其添加到
KnownNetworks
列表中。这可能吗?如果是,如何计算?

我创建了一个方法,用于计算范围内的起始值和每个活动接口的CIDR子网掩码:

private static IEnumerable<IPNetwork> GetNetworks(NetworkInterfaceType type)
{

    foreach (var item in NetworkInterface.GetAllNetworkInterfaces()
        .Where(n => n.NetworkInterfaceType == type && n.OperationalStatus == OperationalStatus.Up)  // get all operational networks of a given type
        .Select(n => n.GetIPProperties())   // get the IPs
        .Where(n => n.GatewayAddresses.Any())) // where the IPs have a gateway defined
    {
        var ipInfo = item.UnicastAddresses.FirstOrDefault(i => i.Address.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork); // get the first cluster-facing IP address
        if (ipInfo == null) { continue; }

        // convert the mask to bits
        var maskBytes = ipInfo.IPv4Mask.GetAddressBytes();
        if (!BitConverter.IsLittleEndian)
        {
            Array.Reverse(maskBytes);
        }
        var maskBits = new BitArray(maskBytes);

        // count the number of "true" bits to get the CIDR mask
        var cidrMask = maskBits.Cast<bool>().Count(b => b); 

        // convert my application's ip address to bits
        var ipBytes = ipInfo.Address.GetAddressBytes();
        if (!BitConverter.IsLittleEndian)
        {
            Array.Reverse(maskBytes);
        }
        var ipBits = new BitArray(ipBytes);

        // and the bits with the mask to get the start of the range
        var maskedBits = ipBits.And(maskBits);

        // Convert the masked IP back into an IP address
        var maskedIpBytes = new byte[4];
        maskedBits.CopyTo(maskedIpBytes, 0);
        if (!BitConverter.IsLittleEndian)
        {
            Array.Reverse(maskedIpBytes);
        }
        var rangeStartIp = new IPAddress(maskedIpBytes);

        // return the start IP and CIDR mask
        yield return new IPNetwork(rangeStartIp, cidrMask);
    }
}

var forwardedOptions = new ForwardedHeadersOptions()
{
    ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.All
};
foreach (var network in GetNetworks(NetworkInterfaceType.Ethernet))
{
    forwardedOptions.KnownNetworks.Add(network);
}
app.UseForwardedHeaders(forwardedOptions);