5 changed files with 76 additions and 88 deletions
--- a/addr-map.go
+++ b/addr-map.go
@ -79,20 +79,13 @@ func addrMapGet(srcIp net.IP, dstCidr *net.IPNet, ttl uint32) net.IP {
 		log.Fatalf("addrMapGet(): src/dst size mismatch: %v vs %v", addrlen, len(dstCidr.IP))
 	}

-	var hkey any
-	switch addrlen {
-	case net.IPv4len:
-		hkey = binary.NativeEndian.Uint32(srcIp)
-	case net.IPv6len:
-		hkey = srcIp.To16().String()
-	}
-
 	var curr AddrMap
 	curr.SrcAddr = make([]byte, addrlen)
 	curr.DstAddr = make([]byte, addrlen)
 	copy(curr.DstAddr, srcIp)
 	curr.Ttl = ttl

+	for {
 		_, err := rand.Read(curr.SrcAddr)
 		if err != nil {
 			log.Fatalf("rand.Read(): error %v", err)
@ -109,12 +102,14 @@ func addrMapGet(srcIp net.IP, dstCidr *net.IPNet, ttl uint32) net.IP {

 		curr.Created = time.Now()

-	var xprev any
+		var hkey, xprev any
 		var loaded bool
 		switch addrlen {
 		case net.IPv4len:
+			hkey = binary.NativeEndian.Uint32(curr.SrcAddr)
 			xprev, loaded = addr4.LoadOrStore(hkey, curr)
 		case net.IPv6len:
+			hkey = binary.NativeEndian.Uint64(curr.SrcAddr[net.IPv6len/2:])
 			xprev, loaded = addr6.LoadOrStore(hkey, curr)
 		}
 		if !loaded {
@ -127,7 +122,15 @@ func addrMapGet(srcIp net.IP, dstCidr *net.IPNet, ttl uint32) net.IP {
 			log.Fatalf("addrMapGet(): wrong value type from sync.Map")
 		}

-	copy(curr.SrcAddr, prev.SrcAddr)
+		if !net.IP.Equal(curr.SrcAddr, prev.SrcAddr) {
+			// generate next random address
+			continue
+		}
+		if !net.IP.Equal(curr.DstAddr, prev.DstAddr) {
+			// generate next random address
+			continue
+		}
+
 		if prev.GetTtl() < int32(curr.Ttl) {
 			switch addrlen {
 			case net.IPv4len:
@ -137,5 +140,8 @@ func addrMapGet(srcIp net.IP, dstCidr *net.IPNet, ttl uint32) net.IP {
 			}
 		}

+		break
+	}
+
 	return curr.SrcAddr
 }
--- a/dns-remap.go
+++ b/dns-remap.go
@ -173,20 +173,36 @@ func dnsRemap(qname string, qtype uint16, orig *dns.Msg) ([]PowerDnsAnswer, erro

 	// perform nftables assignment
 	if len(nft_ipv4) > 0 {
-		nftDoWithMap(cfgNftTable, cfgNftTableFamily, cfgNftMapV4, func(c *nft.Conn, t *nft.Table, m *nft.Set) error {
+		nftDoWithTable(cfgNftTable, cfgNftTableFamily, func(c *nft.Conn, t *nft.Table) error {
+			m, err := nftGetMapByName(c, t, cfgNftMapV4)
+			if err != nil {
+				return err
+			}
 			_ = c.SetDeleteElements(m, nft_ipv4)
 			return nil
 		})
-		nftDoWithMap(cfgNftTable, cfgNftTableFamily, cfgNftMapV4, func(c *nft.Conn, t *nft.Table, m *nft.Set) error {
+		nftDoWithTable(cfgNftTable, cfgNftTableFamily, func(c *nft.Conn, t *nft.Table) error {
+			m, err := nftGetMapByName(c, t, cfgNftMapV4)
+			if err != nil {
+				return err
+			}
 			return c.SetAddElements(m, nft_ipv4)
 		})
 	}
 	if len(nft_ipv6) > 0 {
-		nftDoWithMap(cfgNftTable, cfgNftTableFamily, cfgNftMapV6, func(c *nft.Conn, t *nft.Table, m *nft.Set) error {
+		nftDoWithTable(cfgNftTable, cfgNftTableFamily, func(c *nft.Conn, t *nft.Table) error {
+			m, err := nftGetMapByName(c, t, cfgNftMapV6)
+			if err != nil {
+				return err
+			}
 			_ = c.SetDeleteElements(m, nft_ipv6)
 			return nil
 		})
-		nftDoWithMap(cfgNftTable, cfgNftTableFamily, cfgNftMapV6, func(c *nft.Conn, t *nft.Table, m *nft.Set) error {
+		nftDoWithTable(cfgNftTable, cfgNftTableFamily, func(c *nft.Conn, t *nft.Table) error {
+			m, err := nftGetMapByName(c, t, cfgNftMapV6)
+			if err != nil {
+				return err
+			}
 			return c.SetAddElements(m, nft_ipv6)
 		})
 	}
--- a/go.mod
+++ b/go.mod
@ -41,11 +41,11 @@ require (
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.12 // indirect
 	golang.org/x/arch v0.8.0 // indirect
-	golang.org/x/crypto v0.25.0 // indirect
-	golang.org/x/mod v0.19.0 // indirect
-	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/crypto v0.24.0 // indirect
+	golang.org/x/mod v0.18.0 // indirect
+	golang.org/x/net v0.26.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/sys v0.21.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/tools v0.22.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
--- a/go.sum
+++ b/go.sum
@ -101,24 +101,16 @@ golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
 golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
 golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
 golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
-golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
-golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
 golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0=
 golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8=
-golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
 golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
-golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
-golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
 golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
 golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
-golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA=
--- a/prometheus.go
+++ b/prometheus.go
@ -16,35 +16,11 @@ var (
 	_promRegistry    *prometheus.Registry
 	_promHttpHandler http.Handler

-	promOpsProcessed = prometheus.NewCounter(prometheus.CounterOpts{
+	opsProcessed = prometheus.NewCounter(prometheus.CounterOpts{
 		Name: "processed_ops_total",
 		Help: "The total number of processed requests",
 	})

-	promAddr4Count = prometheus.NewGaugeFunc(prometheus.GaugeOpts{
-		Name: "ipv4_mapped_addr_count",
-		Help: "The total number of IPv4-mapped addresses",
-	}, func() float64 {
-		var x uint32
-		addr4.Range(func(key, value any) bool {
-			x++
-			return true
-		})
-		return float64(x)
-	})
-
-	promAddr6Count = prometheus.NewGaugeFunc(prometheus.GaugeOpts{
-		Name: "ipv6_mapped_addr_count",
-		Help: "The total number of IPv6-mapped addresses",
-	}, func() float64 {
-		var x uint32
-		addr6.Range(func(key, value any) bool {
-			x++
-			return true
-		})
-		return float64(x)
-	})
-
 	labelStringReplacer *strings.Replacer = strings.NewReplacer(
 		"\"", "",
 		"'", "",
@ -53,9 +29,7 @@ var (

 func setupPrometheus(r *gin.Engine) {
 	_promRegistry = prometheus.NewRegistry()
-	_promRegistry.MustRegister(promOpsProcessed)
-	_promRegistry.MustRegister(promAddr4Count)
-	_promRegistry.MustRegister(promAddr6Count)
+	_promRegistry.MustRegister(opsProcessed)

 	_promHttpHandler = promhttp.HandlerFor(_promRegistry, promhttp.HandlerOpts{
 		Registry:          _promRegistry,
@ -81,7 +55,7 @@ func promSanitizeLabel(str string, fallback string) string {
 }

 func promHttpHandler(c *gin.Context) {
-	promOpsProcessed.Inc()
+	opsProcessed.Inc()

 	_promHttpHandler.ServeHTTP(c.Writer, c.Request)
 }