Add interface whitelist by name (#591)

* Refs #19780: Update whitelist doc to allow using interface names Signed-off-by: elianalf <[email protected]> * Refs #19780: Fix problem with failed test Signed-off-by: elianalf <[email protected]> * Refs #19780: Change 'warning' into 'important' Signed-off-by: elianalf <[email protected]> * Refs #19780: Apply suggestion Signed-off-by: elianalf <[email protected]> * Refs #19780: Fix problem with failed test Signed-off-by: elianalf <[email protected]> * Update docs/fastdds/transport/whitelist.rst Co-authored-by: juanlofer-eprosima <[email protected]> Signed-off-by: elianalf <[email protected]> * Refs #19780: Fix changes Signed-off-by: elianalf <[email protected]> * Refs #19780: Apply suggestions Signed-off-by: elianalf <[email protected]> * Refs #19780: fix line too long Signed-off-by: elianalf <[email protected]> --------- Signed-off-by: elianalf <[email protected]> Co-authored-by: juanlofer-eprosima <[email protected]>
eProsima · Dec 5, 2023 · 41a6728 · 41a6728
1 parent 12cb668
commit 41a6728
Show file tree

Hide file tree

Showing 3 changed files with 93 additions and 21 deletions.
diff --git a/code/DDSCodeTester.cpp b/code/DDSCodeTester.cpp
@@ -4746,7 +4746,7 @@ void dds_transport_examples ()
         // Create a descriptor for the new transport.
         auto tcp_transport = std::make_shared<TCPv4TransportDescriptor>();
 
-        // Add loopback to the whitelist
+        // Add loopback to the whitelist by IP address
         tcp_transport->interfaceWhiteList.emplace_back("127.0.0.1");
 
         // Link the Transport Layer to the Participant.
@@ -4757,6 +4757,24 @@ void dds_transport_examples ()
         //!--
     }
 
+    {
+        //WHITELIST-NAME
+        DomainParticipantQos qos;
+
+        // Create a descriptor for the new transport.
+        auto tcp_transport = std::make_shared<TCPv4TransportDescriptor>();
+
+        // Add loopback to the whitelist by interface name
+        tcp_transport->interfaceWhiteList.emplace_back("lo");
+
+        // Link the Transport Layer to the Participant.
+        qos.transport().user_transports.push_back(tcp_transport);
+
+        // Avoid using the builtin transports
+        qos.transport().use_builtin_transports = false;
+        //!--
+    }
+
     {
         //CONF-DISABLE-MULTICAST
         DomainParticipantQos qos;

diff --git a/code/XMLTester.xml b/code/XMLTester.xml
@@ -802,19 +802,44 @@
 -->
     <transport_descriptors>
         <transport_descriptor>
-            <transport_id>CustomTcpTransport</transport_id>
+            <transport_id>CustomTcpTransportWhitelistAddress</transport_id>
             <type>TCPv4</type>
             <interfaceWhiteList>
                 <address>127.0.0.1</address>
             </interfaceWhiteList>
         </transport_descriptor>
     </transport_descriptors>
 
-    <participant profile_name="CustomTcpTransportParticipant">
+    <participant profile_name="CustomTcpTransportWhitelistAddressParticipant">
         <rtps>
             <useBuiltinTransports>false</useBuiltinTransports>
             <userTransports>
-                <transport_id>CustomTcpTransport</transport_id>
+                <transport_id>CustomTcpTransportWhitelistAddress</transport_id>
+            </userTransports>
+        </rtps>
+    </participant>
+<!--><-->
+
+<!-->WHITELIST-NAME<-->
+<!--
+<?xml version="1.0" encoding="UTF-8" ?>
+<profiles xmlns="http://www.eprosima.com/XMLSchemas/fastRTPS_Profiles">
+-->
+    <transport_descriptors>
+        <transport_descriptor>
+            <transport_id>CustomTcpTransportWhitelistName</transport_id>
+            <type>TCPv4</type>
+            <interfaceWhiteList>
+                <interface>lo</interface>
+            </interfaceWhiteList>
+        </transport_descriptor>
+    </transport_descriptors>
+
+    <participant profile_name="CustomTcpTransportWhitelistNameParticipant">
+        <rtps>
+            <useBuiltinTransports>false</useBuiltinTransports>
+            <userTransports>
+                <transport_id>CustomTcpTransportWhitelistName</transport_id>
             </userTransports>
         </rtps>
     </participant>

diff --git a/docs/fastdds/transport/whitelist.rst b/docs/fastdds/transport/whitelist.rst
@@ -9,32 +9,61 @@ Interface Whitelist
 
 Using *Fast DDS*, it is possible to limit the network interfaces used by :ref:`transport_tcp_tcp` and
 :ref:`transport_udp_udp`.
-This is achieved by adding the interfaces' IP addresses to the |SocketTransportDescriptor::interfaceWhiteList-api|
+This is achieved by adding the interfaces to the |SocketTransportDescriptor::interfaceWhiteList-api|
 field in the :ref:`transport_tcp_transportDescriptor` or :ref:`transport_udp_transportDescriptor`.
 Thus, the communication interfaces used by the |DomainParticipants| whose |TransportDescriptorInterface-api| defines an
-|SocketTransportDescriptor::interfaceWhiteList-api| is limited to the interfaces' IP addresses defined in that list,
+|SocketTransportDescriptor::interfaceWhiteList-api| is limited to the interfaces' addresses defined in that list,
 therefore avoiding the use of the rest of the network interfaces available in the system.
-The values on this list should match the IPs of your machine in that networks.
+The interfaces in |SocketTransportDescriptor::interfaceWhiteList-api| can be specified both by IP address or interface
+name.
 For example:
 
-.. tabs::
+* Interface whitelist filled with IP address:
 
-  .. tab:: C++
+  .. tabs::
 
-    .. literalinclude:: /../code/DDSCodeTester.cpp
-      :language: c++
-      :start-after: //TRANSPORT-DESCRIPTORS
-      :end-before: //!--
-      :dedent: 8
+    .. tab:: C++
 
-  .. tab:: XML
+      .. literalinclude:: /../code/DDSCodeTester.cpp
+        :language: c++
+        :start-after: //TRANSPORT-DESCRIPTORS
+        :end-before: //!--
+        :dedent: 8
 
-    .. literalinclude:: /../code/XMLTester.xml
-      :language: xml
-      :start-after: <!-->TRANSPORT-DESCRIPTORS
-      :end-before: <!--><-->
-      :lines: 2-3,5-
-      :append: </profiles>
+    .. tab:: XML
+
+      .. literalinclude:: /../code/XMLTester.xml
+        :language: xml
+        :start-after: <!-->TRANSPORT-DESCRIPTORS
+        :end-before: <!--><-->
+        :lines: 2-3,5-
+        :append: </profiles>
+
+* Interface whitelist filled with interface names:
+
+  .. tabs::
+
+    .. tab:: C++
+
+      .. literalinclude:: /../code/DDSCodeTester.cpp
+        :language: c++
+        :start-after: //WHITELIST-NAME
+        :end-before: //!--
+        :dedent: 8
+
+    .. tab:: XML
+
+      .. literalinclude:: /../code/XMLTester.xml
+        :language: xml
+        :start-after: <!-->WHITELIST-NAME
+        :end-before: <!--><-->
+        :lines: 2-3,5-
+        :append: </profiles>
+
+.. important::
+
+  If none of the values in the transport descriptor's whitelist match the interfaces on the host,
+  then all the interfaces in the whitelist are filtered out and therefore no communication will be established through that transport.
 
 .. warning::