in network/policy/policy_windows.go [485:539]
func GetHcnEndpointPolicies(policyType CNIPolicyType, policies []Policy, epInfoData map[string]interface{}, enableSnatForDns, enableMultiTenancy bool, natInfo []NATInfo) ([]hcn.EndpointPolicy, error) {
var hcnEndPointPolicies []hcn.EndpointPolicy
for _, policy := range policies {
if policy.Type == policyType {
var err error
var endpointPolicy hcn.EndpointPolicy
var isOutboundNatPolicy bool
switch GetPolicyType(policy) {
case OutBoundNatPolicy:
endpointPolicy, err = GetHcnOutBoundNATPolicy(policy, epInfoData)
isOutboundNatPolicy = true
case RoutePolicy:
endpointPolicy, err = GetHcnRoutePolicy(policy)
case PortMappingPolicy:
endpointPolicy, err = GetHcnPortMappingPolicy(policy)
case ACLPolicy:
endpointPolicy, err = GetHcnACLPolicy(policy)
case L4WFPProxyPolicy:
endpointPolicy, err = GetHcnL4WFPProxyPolicy(policy)
case LoopbackDSRPolicy:
endpointPolicy, err = GetHcnLoopbackDSRPolicy(policy)
default:
// return error as we should be able to parse all the policies specified
return hcnEndPointPolicies, fmt.Errorf("Failed to set Policy: Type: %s, Data: %s", policy.Type, policy.Data)
}
if err != nil {
logger.Error("Failed to parse policy", zap.Any("data", policy.Data), zap.Error(err))
return hcnEndPointPolicies, err
}
if !(isOutboundNatPolicy && enableMultiTenancy && !enableSnatForDns) {
hcnEndPointPolicies = append(hcnEndPointPolicies, endpointPolicy)
logger.Info("Successfully retrieve endpoint policy", zap.Any("type", endpointPolicy.Type))
}
}
}
if ValidWinVerForDnsNat {
for _, natRule := range natInfo {
natPolicy, err := AddNATPolicyV2(natRule.VirtualIP, natRule.Destinations)
if err != nil {
logger.Error("Failed to retrieve NAT endpoint policy due to error", zap.Error(err))
return hcnEndPointPolicies, err
}
hcnEndPointPolicies = append(hcnEndPointPolicies, natPolicy)
logger.Info("Successfully retrieve natInfo policy", zap.Any("type", natPolicy.Type))
}
}
return hcnEndPointPolicies, nil
}