Documentation ¶
Index ¶
- func RuleBasePriority[ruleT ruleTypeKind](_ ruleT) int16
- func SeparateNetworks(nws []Network, scopeIPs ...net.IP) (netIPv4, netIPv6 []net.IPNet)
- type CidrSgRules
- type IECidrSgIcmpRules
- type LocalData
- type LocalDataLoader
- type Network
- type Networks
- type ResolvedFQDN
- type SG
- type SG2FQDNRules
- type SG2SGRules
- func (rules SG2SGRules) AllRules() []model.SGRule
- func (rules SG2SGRules) In(sgTo string) (ret []model.SGRule)
- func (rules *SG2SGRules) IsEq(other SG2SGRules) bool
- func (rules *SG2SGRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)
- func (rules SG2SGRules) Out(sgFrom string) (ret []model.SGRule)
- type SGClient
- type SGs
- type SGsNetworks
- func (sgsNws *SGsNetworks) Add(sg SgName, nws ...Network)
- func (sgsNws *SGsNetworks) IsEq(other SGsNetworks) bool
- func (sgsNws *SGsNetworks) IterateNetworks(f func(SgName, []Network) bool)
- func (sgsNws *SGsNetworks) Load(ctx context.Context, client SGClient, localSG SGs) error
- func (sgsNws *SGsNetworks) LoadFromSGNames(ctx context.Context, client SGClient, sgNames []string) error
- type SgIcmpRules
- type SgIeSgIcmpRules
- type SgIeSgRules
- type SgName
- type SgSgIcmpRules
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RuleBasePriority ¶ added in v1.14.0
func RuleBasePriority[ruleT ruleTypeKind](_ ruleT) int16
RuleBasePriority -
Types ¶
type CidrSgRules ¶
type CidrSgRules struct {
Rules dict.RBDict[model.IECidrSgRuleIdenity, *model.IECidrSgRule]
}
CidrSgRules -
func (*CidrSgRules) GetRulesForTrafficAndSG ¶
func (rules *CidrSgRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) []*model.IECidrSgRule
GetRulesForTrafficAndSG -
type IECidrSgIcmpRules ¶ added in v1.13.0
type IECidrSgIcmpRules struct {
Rules dict.RBDict[model.IECidrSgIcmpRuleID, *model.IECidrSgIcmpRule]
}
IECidrSgIcmpRules -
func (*IECidrSgIcmpRules) GetRulesForTrafficAndSG ¶ added in v1.13.0
func (rules *IECidrSgIcmpRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) (ret []*model.IECidrSgIcmpRule)
GetRulesForTrafficAndSG -
func (IECidrSgIcmpRules) IsEq ¶ added in v1.13.0
func (o IECidrSgIcmpRules) IsEq(other IECidrSgIcmpRules) bool
IsEq -
type LocalData ¶
type LocalData struct { LocalSGs SGs SG2SGRules SG2SGRules SG2FQDNRules SG2FQDNRules SgIcmpRules SgIcmpRules SgSgIcmpRules SgSgIcmpRules SgIeSgIcmpRules SgIeSgIcmpRules CidrSgRules CidrSgRules SgIeSgRules SgIeSgRules IECidrSgIcmpRules IECidrSgIcmpRules Networks SGsNetworks ResolvedFQDN *ResolvedFQDN SyncStatus model.SyncStatus }
LocalData are used by agent to build Host Based Firewall rules
type LocalDataLoader ¶
type LocalDataLoader struct { SyncStatus model.SyncStatus MaxLoadDiration time.Duration }
LocalDataLoader
type ResolvedFQDN ¶
type ResolvedFQDN struct { sync.RWMutex A dict.RBDict[model.FQDN, internal.DomainAddresses] AAAA dict.RBDict[model.FQDN, internal.DomainAddresses] }
ResolvedFQDN -
func (*ResolvedFQDN) Resolve ¶
func (r *ResolvedFQDN) Resolve(ctx context.Context, rules SG2FQDNRules, dnsRes internal.DomainAddressQuerier)
Resolve -
func (*ResolvedFQDN) UpdA ¶
func (r *ResolvedFQDN) UpdA(domain model.FQDN, addr internal.DomainAddresses)
UpdA -
func (*ResolvedFQDN) UpdAAAA ¶
func (r *ResolvedFQDN) UpdAAAA(domain model.FQDN, addr internal.DomainAddresses)
UpdAAAA -
type SG2FQDNRules ¶
SG2FQDNRules -
func (SG2FQDNRules) RulesForSG ¶
func (rules SG2FQDNRules) RulesForSG(sgName string) []model.FQDNRule
SelectForSG -
type SGs ¶
SGs Security Groups dictionary indexed by its names
func (*SGs) LoadFromIPs ¶
LoadFromIPs it loads Local SGs by IPs
func (*SGs) LoadFromNames ¶
LoadFromNames load SG from its names
type SGsNetworks ¶
SGsNetworks Secuurity Group Networks dictionary indexed by Name from SG
func (*SGsNetworks) Add ¶ added in v1.11.0
func (sgsNws *SGsNetworks) Add(sg SgName, nws ...Network)
Add -
func (*SGsNetworks) IterateNetworks ¶ added in v1.11.0
func (sgsNws *SGsNetworks) IterateNetworks(f func(SgName, []Network) bool)
IterateNetworks -
func (*SGsNetworks) LoadFromSGNames ¶
func (sgsNws *SGsNetworks) LoadFromSGNames(ctx context.Context, client SGClient, sgNames []string) error
LoadFromSGNames -
type SgIcmpRules ¶
type SgIcmpRules struct {
Rules dict.HDict[model.SgIcmpRuleID, *model.SgIcmpRule]
}
SgIcmpRules -
func (SgIcmpRules) Rules4Sg ¶
func (rules SgIcmpRules) Rules4Sg(sgName string) (ret []model.SgIcmpRule)
Rules4Sg -
type SgIeSgIcmpRules ¶ added in v1.11.0
type SgIeSgIcmpRules struct {
Rules dict.HDict[model.IESgSgIcmpRuleID, *model.IESgSgIcmpRule]
}
SgIeSgIcmpRules -
func (*SgIeSgIcmpRules) GetRulesForTrafficAndSG ¶ added in v1.11.0
func (rules *SgIeSgIcmpRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) (ret []*model.IESgSgIcmpRule)
GetRulesForTrafficAndSG -
func (*SgIeSgIcmpRules) IsEq ¶ added in v1.11.0
func (rules *SgIeSgIcmpRules) IsEq(other SgIeSgIcmpRules) bool
type SgIeSgRules ¶ added in v1.10.0
type SgIeSgRules struct {
Rules dict.HDict[model.IESgSgRuleIdentity, *model.IESgSgRule]
}
SgIeSgRules -
func (*SgIeSgRules) GetRulesForTrafficAndSG ¶ added in v1.10.0
func (rules *SgIeSgRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) (ret []*model.IESgSgRule)
GetRulesForTrafficAndSG -
func (*SgIeSgRules) IsEq ¶ added in v1.10.0
func (rules *SgIeSgRules) IsEq(other SgIeSgRules) bool
IsEq -
type SgSgIcmpRules ¶
type SgSgIcmpRules struct {
Rules dict.HDict[model.SgSgIcmpRuleID, *model.SgSgIcmpRule]
}
SgSgIcmpRules -
func (SgSgIcmpRules) In ¶
func (rules SgSgIcmpRules) In(sgTo string) (ret []model.SgSgIcmpRule)
In -
func (SgSgIcmpRules) Out ¶
func (rules SgSgIcmpRules) Out(sgFrom string) (ret []model.SgSgIcmpRule)
Out -
Click to show internal directories.
Click to hide internal directories.