executeAction executes the action specified by a rule.
(ctx *InjectionContext, rule *Rule)
| 226 | |
| 227 | // executeAction executes the action specified by a rule. |
| 228 | func (e *Engine) executeAction(ctx *InjectionContext, rule *Rule) (*ActionResult, error) { |
| 229 | // Update action stats (atomic for counter, mutex for map) |
| 230 | e.stats.ActionsExecuted.Add(1) |
| 231 | e.stats.mu.Lock() |
| 232 | e.stats.ActionCounts[rule.Action]++ |
| 233 | e.stats.mu.Unlock() |
| 234 | |
| 235 | // Handle simple verdict actions |
| 236 | switch rule.Action { |
| 237 | case ActionAccept: |
| 238 | return &ActionResult{ |
| 239 | Action: ActionAccept, |
| 240 | Success: true, |
| 241 | Timestamp: time.Now(), |
| 242 | }, nil |
| 243 | |
| 244 | case ActionDrop: |
| 245 | e.stats.PacketsDropped.Add(1) |
| 246 | |
| 247 | return &ActionResult{ |
| 248 | Action: ActionDrop, |
| 249 | Success: true, |
| 250 | Drop: true, |
| 251 | Timestamp: time.Now(), |
| 252 | }, nil |
| 253 | } |
| 254 | |
| 255 | // Get action handler for complex actions |
| 256 | handler, err := GetActionHandler(rule.Action) |
| 257 | if err != nil { |
| 258 | return nil, err |
| 259 | } |
| 260 | |
| 261 | if handler == nil { |
| 262 | return nil, fmt.Errorf("no handler for action: %s", rule.Action) |
| 263 | } |
| 264 | |
| 265 | // Execute the action |
| 266 | result, err := handler.Execute(ctx, rule.ActionConfig) |
| 267 | if err != nil { |
| 268 | return nil, err |
| 269 | } |
| 270 | |
| 271 | // Update statistics based on result (all atomic) |
| 272 | if result != nil { |
| 273 | if result.Drop { |
| 274 | e.stats.PacketsDropped.Add(1) |
| 275 | } |
| 276 | if result.ModifiedPacket != nil { |
| 277 | e.stats.PacketsModified.Add(1) |
| 278 | } |
| 279 | if len(result.InjectPackets) > 0 { |
| 280 | e.stats.PacketsInjected.Add(uint64(len(result.InjectPackets))) |
| 281 | } |
| 282 | } |
| 283 | |
| 284 | return result, nil |
| 285 | } |
no test coverage detected