dynamic_modules: add examples for network & listener modules

Signed-off-by: Rohit Agrawal <rohit.agrawal@databricks.com>

Author: agrawroh

go/gosdk/abi.go

@@ -22,11 +22,15 @@ typedef enum {
     envoy_dynamic_module_type_http_header_type_ResponseTrailer = 3,
 } envoy_dynamic_module_type_http_header_type;
 
+// envoy_dynamic_module_type_envoy_buffer is a struct representing a buffer owned by Envoy.
+// Uses const char* because this receives data FROM Envoy.
 typedef struct {
-    uintptr_t ptr;
+    const char* ptr;
     size_t length;
 } envoy_dynamic_module_type_envoy_buffer;
 
+// envoy_dynamic_module_type_module_buffer is a struct representing a buffer owned by the module.
+// Uses uintptr_t because this sends data TO Envoy.
 typedef struct {
     uintptr_t ptr;
     size_t length;
@@ -85,8 +89,7 @@ size_t envoy_dynamic_module_callback_http_get_body_chunks_size(
     int body_type);
 
 #cgo noescape envoy_dynamic_module_callback_http_send_response
-// Uncomment once https://github.com/envoyproxy/envoy/pull/39206 is merged.
-// #cgo nocallback envoy_dynamic_module_callback_http_send_response
+#cgo nocallback envoy_dynamic_module_callback_http_send_response
 void envoy_dynamic_module_callback_http_send_response(
     uintptr_t filter_envoy_ptr, uint32_t status_code,
     uintptr_t headers_vector, size_t headers_vector_size,
@@ -164,13 +167,11 @@ func envoy_dynamic_module_on_program_init() uintptr {
 //export envoy_dynamic_module_on_http_filter_config_new
 func envoy_dynamic_module_on_http_filter_config_new(
 	_ uintptr,
-	namePtr *C.char,
-	nameSize C.size_t,
-	configPtr *C.char,
-	configSize C.size_t,
+	nameBuffer C.envoy_dynamic_module_type_envoy_buffer,
+	configBuffer C.envoy_dynamic_module_type_envoy_buffer,
 ) uintptr {
-	name := C.GoStringN(namePtr, C.int(nameSize))
-	config := C.GoBytes(unsafe.Pointer(configPtr), C.int(configSize))
+	name := C.GoStringN(nameBuffer.ptr, C.int(nameBuffer.length))
+	config := C.GoBytes(unsafe.Pointer(configBuffer.ptr), C.int(configBuffer.length))
 	filterConfig := NewHttpFilterConfig(name, config)
 	if filterConfig == nil {
 		return 0
@@ -389,7 +390,7 @@ func (e envoyFilter) GetRequestHeader(key string) (string, bool) {
 		return "", false
 	}
 
-	result := unsafe.Slice((*byte)(unsafe.Pointer(uintptr(resultBuf.ptr))), resultBuf.length)
+	result := unsafe.Slice((*byte)(unsafe.Pointer(resultBuf.ptr)), resultBuf.length)
 	runtime.KeepAlive(key)
 	return string(result), true
 }
@@ -415,7 +416,7 @@ func (e envoyFilter) GetResponseHeader(key string) (string, bool) {
 		return "", false
 	}
 
-	result := unsafe.Slice((*byte)(unsafe.Pointer(uintptr(resultBuf.ptr))), resultBuf.length)
+	result := unsafe.Slice((*byte)(unsafe.Pointer(resultBuf.ptr)), resultBuf.length)
 	runtime.KeepAlive(key)
 	return string(result), true
 }
@@ -563,7 +564,7 @@ func (e envoyFilter) getStringAttribute(id int) string {
 	if !ret {
 		return ""
 	}
-	return string(unsafe.Slice((*byte)(unsafe.Pointer(uintptr(result.ptr))), result.length)) // Copy the result to a Go string.
+	return string(unsafe.Slice((*byte)(unsafe.Pointer(result.ptr)), result.length)) // Copy the result to a Go string.
 }
 
 // GetRequestHeaders implements EnvoyHttpFilter.

rust/Cargo.lock

@@ -1,4 +1,3 @@
-
 [package]
 name = "envoy-proxy-dynamic-modules-rust-sdk-examples"
 version = "0.1.0"
@@ -17,7 +16,8 @@ matchers = "0.2.0"
 [dev-dependencies]
 tempfile = "3.16.0"
 
+# Main library - HTTP filters (backward compatible)
 [lib]
 name = "rust_module"
 path = "src/lib.rs"
-crate-type = ["cdylib"]
+crate-type = ["cdylib", "rlib"]

rust/Cargo.toml

@@ -126,7 +126,7 @@ mod tests {
     #[test]
     /// This demonstrates how to write a test without Envoy using a mock provided by the SDK.
     fn test_filter() {
-        let mut filter_config = FilterConfig::new("Hello [Ww].+").unwrap();
+        let filter_config = FilterConfig::new("Hello [Ww].+").unwrap();
         let mut envoy_filter = MockEnvoyHttpFilter::new();
         let mut filter: Box<dyn HttpFilter<MockEnvoyHttpFilter>> =
             filter_config.new_http_filter(&mut envoy_filter);

rust/src/http_zero_copy_regex_waf.rs

@@ -1,12 +1,65 @@
+//! Envoy Dynamic Modules Rust SDK Examples
+//!
+//! This crate contains example implementations of Envoy dynamic modules using the Rust SDK.
+//!
+//! # HTTP Filters
+//!
+//! The main library exports HTTP filter examples that work with `declare_init_functions!`:
+//! - `passthrough` - A minimal filter that passes all data through unchanged.
+//! - `access_logger` - Logs request/response information.
+//! - `random_auth` - Randomly rejects requests (for testing).
+//! - `zero_copy_regex_waf` - Zero-copy regex-based WAF filter.
+//! - `header_mutation` - Adds/removes/modifies headers.
+//! - `metrics` - Collects request/response metrics.
+//!
+//! # Network Filters
+//!
+//! Network filter examples are provided as public modules. To use them, create a separate
+//! crate that includes this library and uses `declare_network_filter_init_functions!` with
+//! the module's `new_filter_config` function.
+//!
+//! Available network filters:
+//! - [`network_echo`] - Echoes data back to the client.
+//! - [`network_rate_limiter`] - Limits concurrent connections.
+//! - [`network_protocol_logger`] - Logs protocol information.
+//! - [`network_redis`] - Redis RESP protocol parser and command filter.
+//!
+//! # Listener Filters
+//!
+//! Listener filter examples are provided as public modules. To use them, create a separate
+//! crate that includes this library and uses `declare_listener_filter_init_functions!` with
+//! the module's `new_filter_config` function.
+//!
+//! Available listener filters:
+//! - [`listener_ip_allowlist`] - IP allowlist/blocklist filter.
+//! - [`listener_tls_detector`] - TLS protocol detection filter.
+//! - [`listener_sni_router`] - SNI-based routing filter.
+
 use envoy_proxy_dynamic_modules_rust_sdk::*;
 
+// HTTP filter examples.
 mod http_access_logger;
 mod http_header_mutation;
 mod http_metrics;
 mod http_passthrough;
 mod http_random_auth;
 mod http_zero_copy_regex_waf;
 
+// Network filter examples.
+// These modules can be used to create standalone network filter cdylibs.
+// See each module's documentation for usage instructions.
+pub mod network_echo;
+pub mod network_protocol_logger;
+pub mod network_rate_limiter;
+pub mod network_redis;
+
+// Listener filter examples.
+// These modules can be used to create standalone listener filter cdylibs.
+// See each module's documentation for usage instructions.
+pub mod listener_ip_allowlist;
+pub mod listener_sni_router;
+pub mod listener_tls_detector;
+
 declare_init_functions!(init, new_http_filter_config_fn);
 
 /// This implements the [`envoy_proxy_dynamic_modules_rust_sdk::ProgramInitFunction`].