netrules

package

v0.0.0-...-5a39a95 Latest Latest Go to latest Published: Jan 8, 2025 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cloudfoundry/winc

Documentation ¶

Index ¶

func FirewallRuleIPRange(networks []IPRange) string
func FirewallRulePortRange(ports []PortRange) string
func IPRangeToCIDRs(iprange IPRange) []string
type Applier
- func NewApplier(netSh NetShRunner, containerId string, portAllocator PortAllocator) *Applier
type IPRange
- func (ir IPRange) String() string
type NetIn
type NetOut
type NetShRunner
type PortAllocator
type PortMapping
type PortRange
- func (pr PortRange) String() string
type Protocol

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FirewallRuleIPRange ¶

func FirewallRuleIPRange(networks []IPRange) string

FirewallRuleIPRange create a valid ip range for windows firewall

func FirewallRulePortRange ¶

func FirewallRulePortRange(ports []PortRange) string

FirewallRulePortRange create a valid port range for windows firewall

func IPRangeToCIDRs ¶

func IPRangeToCIDRs(iprange IPRange) []string

Types ¶

type Applier ¶

type Applier struct {
	// contains filtered or unexported fields
}

func NewApplier ¶

func NewApplier(netSh NetShRunner, containerId string, portAllocator PortAllocator) *Applier

func (*Applier) Cleanup ¶

func (a *Applier) Cleanup() error

func (*Applier) In ¶

func (a *Applier) In(rule NetIn, containerIP string) (*hcsshim.NatPolicy, *hcsshim.ACLPolicy, error)

func (*Applier) OpenPort ¶

func (a *Applier) OpenPort(port uint32) error

func (*Applier) Out ¶

func (a *Applier) Out(rule NetOut, containerIP string) (*hcsshim.ACLPolicy, error)

type IPRange ¶

type IPRange struct {
	Start net.IP `json:"start,omitempty"`
	End   net.IP `json:"end,omitempty"`
}

func (IPRange) String ¶

func (ir IPRange) String() string

type NetIn ¶

type NetIn struct {
	HostPort      uint16 `json:"host_port"`
	ContainerPort uint16 `json:"container_port"`
}

type NetOut ¶

type NetOut struct {
	// the protocol to be whitelisted
	Protocol Protocol `json:"protocol,omitempty"`

	// a list of ranges of IP addresses to whitelist; Start to End inclusive; default all
	Networks []IPRange `json:"networks,omitempty"`

	// a list of ranges of ports to whitelist; Start to End inclusive; ignored if Protocol is ICMP; default all
	Ports []PortRange `json:"ports,omitempty"`
}

type NetShRunner ¶

type NetShRunner interface {
	RunContainer([]string) error
}

type PortAllocator ¶

type PortAllocator interface {
	AllocatePort(handle string, port uint16) (uint16, error)
	ReleaseAllPorts(handle string) error
}

type PortMapping ¶

type PortMapping struct {
	HostPort      uint16
	ContainerPort uint16
}

type PortRange ¶

type PortRange struct {
	Start uint16 `json:"start,omitempty"`
	End   uint16 `json:"end,omitempty"`
}

func (PortRange) String ¶

func (pr PortRange) String() string

type Protocol ¶

type Protocol uint8

const (
	ProtocolAll Protocol = iota
	ProtocolTCP
	ProtocolUDP
	ProtocolICMP
)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
fakes Code generated by counterfeiter.	Code generated by counterfeiter.
firewallapplier
fakes Code generated by counterfeiter.	Code generated by counterfeiter.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL