Hello,
Im running traefik:v2.11.0 and im currently trying to enable the tcp middleware for ipAllowlist for my zeromq service.
Funnily enough when looking at the dashboard i see the middleware for the tcp ingress but its not doing what its supposed to do.
And i also see that its doing something in the traefik logs but its not what is expected as its doing it for random connections and not the one defined in the ingress definition...
time="2024-03-04T21:16:07Z" level=error msg="Connection from 10.0.0.2:60082 rejected: \"10.0.0.2:60082\" matched none of the trusted IPs" middlewareName=test-customallowlist@kubernetescrd middlewareType=IPAllowListerTCP
time="2024-03-04T21:16:07Z" level=error msg="Connection from 10.0.0.2:37130 rejected: \"10.0.0.2:37130\" matched none of the trusted IPs" middlewareName=test-customallowlist@kubernetescrd middlewareType=IPAllowListerTCP
time="2024-03-04T21:16:22Z" level=error msg="Connection from 10.0.0.2:61500 rejected: \"10.0.0.2:61500\" matched none of the trusted IPs" middlewareName=test-customallowlist@kubernetescrd middlewareType=IPAllowListerTCP
time="2024-03-04T21:16:22Z" level=error msg="Connection from 10.0.0.2:51442 rejected: \"10.0.0.2:51442\" matched none of the trusted IPs" middlewareName=test-customallowlist@kubernetescrd middlewareType=IPAllowListerTCP
My Definitions look as follows (everything is in the test namespace)
apiVersion: traefik.io/v1alpha1
kind: MiddlewareTCP
metadata:
name: customallowlist
spec:
ipAllowList:
sourceRange:
- 1.1.1.1/32
---
apiVersion: v1
kind: Service
metadata:
name: zeromq-test-service
spec:
selector:
job-name: zeromq-test-service
ports:
- port: 5555
targetPort: 5555
type: LoadBalancer
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: zeromq-test-service
labels:
name: zeromq-test-service
spec:
routes:
- match: HostSNI(`*`)
middlewares:
- name: customallowlist
services:
- name: zeromq-test-service
port: 5555
and for the service it is defined for its not doing anything at all.