kumahq · bartsmykla · Jul 15, 2024 · Jul 12, 2024 · Jul 12, 2024 · Jul 12, 2024
@@ -5802,10 +5802,6 @@ _kumactl_install_transparent-proxy()
     flags_with_completion=()
     flags_completion=()
 
-    flags+=("--comments-prefix=")
-    two_word_flags+=("--comments-prefix")
-    local_nonpersistent_flags+=("--comments-prefix")
-    local_nonpersistent_flags+=("--comments-prefix=")
     flags+=("--disable-comments")
     local_nonpersistent_flags+=("--disable-comments")
     flags+=("--drop-invalid-packets")

@@ -184,7 +184,9 @@ runuser -u kuma-dp -- \
 			}
 
 			if !initializedConfig.DryRun {
-				initializedConfig.Logger.Info("Tansparent proxy set up successfully, you can now run kuma-dp using transparent-proxy.")
+				initializedConfig.Logger.Info(
+					"transparent proxy setup completed successfully. You can now run kuma-dp with the transparent-proxy feature enabled",
+				)
 			}
 
 			return nil
@@ -230,7 +232,6 @@ runuser -u kuma-dp -- \
 	cmd.Flags().BoolVar(&cfg.Log.Enabled, "iptables-logs", cfg.Log.Enabled, "enable logs for iptables rules using the LOG chain. This option activates kernel logging for packets matching the rules, where details about the IP/IPv6 headers are logged. This information can be accessed via dmesg(1) or syslog.")
 
 	cmd.Flags().BoolVar(&cfg.Comment.Disabled, "disable-comments", cfg.Comment.Disabled, "Disable the addition of comments to iptables rules")
-	cmd.Flags().StringVar(&cfg.Comment.Prefix, "comments-prefix", cfg.Comment.Prefix, "Prefix for comments added to iptables rules")
 
 	cmd.Flags().StringArrayVar(&cfg.Redirect.Inbound.ExcludePortsForIPs, "exclude-inbound-ips", []string{}, "specify IP addresses (IPv4 or IPv6, with or without CIDR notation) to be excluded from transparent proxy inbound redirection. Examples: '10.0.0.1', '192.168.0.0/24', 'fe80::1', 'fd00::/8'. This flag can be specified multiple times or with multiple addresses separated by commas to exclude multiple IP addresses or ranges.")
 	cmd.Flags().StringArrayVar(&cfg.Redirect.Outbound.ExcludePortsForIPs, "exclude-outbound-ips", []string{}, "specify IP addresses (IPv4 or IPv6, with or without CIDR notation) to be excluded from transparent proxy outbound redirection. Examples: '10.0.0.1', '192.168.0.0/24', 'fe80::1', 'fd00::/8'. This flag can be specified multiple times or with multiple addresses separated by commas to exclude multiple IP addresses or ranges.")

@@ -37,19 +37,14 @@ func newUninstallTransparentProxy() *cobra.Command {
 				return errors.Wrap(err, "failed to initialize config")
 			}
 
-			output, err := transparentproxy.Cleanup(initializedConfig)
-			if err != nil {
+			if err := transparentproxy.Cleanup(cmd.Context(), initializedConfig); err != nil {
 				return errors.Wrap(err, "transparent proxy cleanup failed")
 			}
 
 			if cfg.Ebpf.Enabled {
 				return nil
 			}
 
-			if cfg.DryRun {
-				fmt.Fprintln(cfg.RuntimeStdout, output)
-			}
-
 			if _, err := os.Stat("/etc/resolv.conf.kuma-backup"); !os.IsNotExist(err) {
 				content, err := os.ReadFile("/etc/resolv.conf.kuma-backup")
 				if err != nil {
@@ -66,7 +61,9 @@ func newUninstallTransparentProxy() *cobra.Command {
 				fmt.Fprintln(cfg.RuntimeStdout, string(content))
 			}
 
-			fmt.Fprintln(cfg.RuntimeStdout, "Transparent proxy cleaned up successfully")
+			if !initializedConfig.DryRun {
+				initializedConfig.Logger.InfoWithoutPrefix("transparent proxy cleanup completed successfully")
+			}
 
 			return nil
 		},

@@ -381,14 +381,9 @@ type RetryConfig struct {
 }
 
 // Comment struct contains the configuration for iptables rule comments.
-// It includes options to enable or disable comments and a prefix to use
-// for comment text.
+// It includes an option to enable or disable comments.
 type Comment struct {
 	Disabled bool
-	// Prefix defines the prefix to be used for comments on iptables rules,
-	// aiding in identifying and organizing rules created by the transparent
-	// proxy.
-	Prefix string
 }
 
 // InitializedComment struct contains the processed configuration for iptables
@@ -415,12 +410,12 @@ type InitializedComment struct {
 //
 // Returns:
 //   - InitializedComment: The struct containing the processed comment
-//     configuration, indicating whether comments are enabled and the prefix to
-//     use for comments.
+//     configuration, indicating whether comments are enabled and the prefix
+//     to use for comments ("kuma/mesh/transparent/proxy").
 func (c Comment) Initialize(e InitializedExecutablesIPvX) InitializedComment {
 	return InitializedComment{
 		Enabled: !c.Disabled && e.Functionality.Modules.Comment,
-		Prefix:  c.Prefix,
+		Prefix:  IptablesRuleCommentPrefix,
 	}
 }
 
@@ -584,7 +579,7 @@ func (c Config) Initialize(ctx context.Context) (InitializedConfig, error) {
 		Logger: l,
 		IPv4: InitializedConfigIPvX{
 			Config:                 c,
-			Logger:                 l,
+			Logger:                 l.WithPrefix(IptablesCommandByFamily[false]),
 			LocalhostCIDR:          LocalhostCIDRIPv4,
 			InboundPassthroughCIDR: InboundPassthroughSourceAddressCIDRIPv4,
 			enabled:                true,
@@ -625,7 +620,7 @@ func (c Config) Initialize(ctx context.Context) (InitializedConfig, error) {
 	if c.IPv6 {
 		initialized.IPv6 = InitializedConfigIPvX{
 			Config:                 c,
-			Logger:                 l,
+			Logger:                 l.WithPrefix(IptablesCommandByFamily[true]),
 			Executables:            e.IPv6,
 			LoopbackInterfaceName:  loopbackInterfaceName,
 			LocalhostCIDR:          LocalhostCIDRIPv6,
@@ -688,7 +683,7 @@ func DefaultConfig() Config {
 			ProgramsSourcePath: "/tmp/kuma-ebpf",
 		},
 		DropInvalidPackets: false,
-		IPv6:               false,
+		IPv6:               true,
 		RuntimeStdout:      os.Stdout,
 		RuntimeStderr:      os.Stderr,
 		Verbose:            false,
@@ -708,7 +703,6 @@ func DefaultConfig() Config {
 		Executables: NewExecutablesNftLegacy(),
 		Comment: Comment{
 			Disabled: false,
-			Prefix:   IptablesRuleCommentPrefix,
 		},
 	}
 }