snat

package

v1.6.1-hotfix20241024A... Latest Latest Go to latest Published: Oct 23, 2024 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Azure/azure-container-networking

Documentation ¶

Index ¶

Constants
type Client
- func NewSnatClient(hostIfName string, contIfName string, localIP string, snatBridgeIP string, ...) Client

Constants ¶

View Source

const (
	SnatBridgeName = "azSnatbr"
	ImdsIP         = "169.254.169.254/32"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	SnatBridgeIP           string
	SkipAddressesFromBlock []string
	// contains filtered or unexported fields
}

func NewSnatClient ¶

func NewSnatClient(hostIfName string,
	contIfName string,
	localIP string,
	snatBridgeIP string,
	hostPrimaryMac string,
	skipAddressesFromBlock []string,
	enableProxyArpOnBridge bool,
	nl netlink.NetlinkInterface,
	plClient platform.ExecClient,
	iptc ipTablesClient,
) Client

func (*Client) AllowIPAddressesOnSnatBridge ¶

func (client *Client) AllowIPAddressesOnSnatBridge() error

AllowIPAddressesOnSnatBridge adds iptables rules that allows only specific Private IPs via linux bridge

func (*Client) AllowInboundFromHostToNC ¶

func (client *Client) AllowInboundFromHostToNC() error

This function adds iptables rules that allows only host to NC communication and not the other way

func (*Client) AllowInboundFromNCToHost ¶

func (client *Client) AllowInboundFromNCToHost() error

This function adds iptables rules that allows only NC to Host communication and not the other way

func (*Client) BlockIPAddressesOnSnatBridge ¶

func (client *Client) BlockIPAddressesOnSnatBridge() error

BlockIPAddressesOnSnatBridge adds iptables rules that blocks all private IPs flowing via linux bridge

func (*Client) ConfigureSnatContainerInterface ¶

func (client *Client) ConfigureSnatContainerInterface() error

Configures Local IP Address for container Veth

func (*Client) CreateSnatEndpoint ¶

func (client *Client) CreateSnatEndpoint() error

func (*Client) DeleteInboundFromHostToNC ¶

func (client *Client) DeleteInboundFromHostToNC() error

func (*Client) DeleteInboundFromNCToHost ¶

func (client *Client) DeleteInboundFromNCToHost() error

func (*Client) DeleteSnatEndpoint ¶

func (client *Client) DeleteSnatEndpoint() error

func (*Client) DropArpForSnatBridgeApipaRange ¶

func (client *Client) DropArpForSnatBridgeApipaRange(snatBridgeIP, azSnatVethIfName string) error

func (*Client) EnableIPForwarding ¶ added in v1.5.17

func (client *Client) EnableIPForwarding() error

This function enables ip forwarding in VM and allow forwarding packets from the interface

func (*Client) MoveSnatEndpointToContainerNS ¶

func (client *Client) MoveSnatEndpointToContainerNS(netnsPath string, nsID uintptr) error

Move container veth inside container network namespace

func (*Client) SetupSnatContainerInterface ¶

func (client *Client) SetupSnatContainerInterface() error

Configure Routes and setup name for container veth

Source Files ¶

View all Source files

snat_linux.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL