Documentation ¶
Index ¶
- Constants
- Variables
- func AreRulePortsEq(l, r []SGRulePorts) bool
- func ValidatePortRange(pr PortRange, canBeNull bool) error
- type ChainDefaultAction
- type CidrSgRule
- type CidrSgRuleIdenity
- type FQDN
- type FQDNRule
- type FQDNRuleIdentity
- type ICMP
- type IESgSgIcmpRule
- type IESgSgIcmpRuleID
- type Network
- type NetworkName
- type NetworkTransport
- type PortNumber
- type PortRange
- type PortRanges
- type PortSource
- func (ps *PortSource) FromPortRange(r PortRange) error
- func (ps *PortSource) FromPortRanges(rr PortRanges) error
- func (ps PortSource) IsEq(other PortSource) bool
- func (ps PortSource) IsValid() bool
- func (ps PortSource) ToPortRange() (PortRange, error)
- func (ps PortSource) ToPortRanges() (PortRanges, error)
- type SGRule
- type SGRuleIdentity
- type SGRulePorts
- type SecurityGroup
- type SgIcmpRule
- type SgIcmpRuleID
- type SgSgIcmpRule
- type SgSgIcmpRuleID
- type SgSgRule
- type SgSgRuleIdentity
- type SyncStatus
- type Traffic
- type Validatable
Constants ¶
const ( // IPv4 IP family v4 IPv4 = 4 // IPv6 IP family v6 IPv6 = 6 )
Variables ¶
var ( // ErrSPortsAreOverlapped - ErrSPortsAreOverlapped = errors.New("source ports have overlapped regions") // ErrUnexpectedNullPortRange - ErrUnexpectedNullPortRange = errors.New("unexpected null port range") // ErrInvalidFQDN - ErrInvalidFQDN = errors.New("invalid FQDN") )
var PortRangeFactory = ranges.IntsFactory(PortNumber(0))
PortRangeFactory ...
var PortRangeFull = PortRangeFactory.Range(0, false, ^PortNumber(0), false)
PortRangeFull port range [0, 65535]
Functions ¶
func ValidatePortRange ¶
ValidatePortRange portrange model validate
Types ¶
type ChainDefaultAction ¶
type ChainDefaultAction uint8
ChainDefaultAction default action for SG {DROP|ACCEPT}
const ( // DEFAULT is mean default action DEFAULT ChainDefaultAction = iota // DROP drop action net packet DROP // ACCEPT accept action net packet ACCEPT )
func (*ChainDefaultAction) FromString ¶
func (a *ChainDefaultAction) FromString(s string) error
FromString inits from string
func (ChainDefaultAction) Validate ¶
func (a ChainDefaultAction) Validate() error
Validate ChainDefaultAction validator
type CidrSgRule ¶
type CidrSgRule = ruleT[CidrSgRuleIdenity]
CidrSgRule proto:CIDR:SG:[INGRESS|EGRESS] rule
type CidrSgRuleIdenity ¶
type CidrSgRuleIdenity struct { Transport NetworkTransport Traffic Traffic SG string CIDR net.IPNet }
CidrSgRuleIdenity -
func (CidrSgRuleIdenity) IdentityHash ¶
func (o CidrSgRuleIdenity) IdentityHash() string
IdentityHash -
func (CidrSgRuleIdenity) IsEq ¶
func (o CidrSgRuleIdenity) IsEq(other CidrSgRuleIdenity) bool
IsEq -
func (CidrSgRuleIdenity) Validate ¶
func (o CidrSgRuleIdenity) Validate() error
Validate validate of CidrSgRuleIdenity
type FQDNRule ¶
type FQDNRule struct { NdpiProtocols dict.RBSet[dict.StringCiKey] // contains filtered or unexported fields }
FQDNRule rule for from SG to FQDN
type FQDNRuleIdentity ¶
type FQDNRuleIdentity struct { Transport NetworkTransport SgFrom string FqdnTo FQDN }
FQDNRuleIdentity -
func (FQDNRuleIdentity) IdentityHash ¶
func (sgRuleKey FQDNRuleIdentity) IdentityHash() string
IdentityHash makes ID as hash for FQDNRuleIdentity
func (FQDNRuleIdentity) IsEq ¶
func (sgRuleKey FQDNRuleIdentity) IsEq(other FQDNRuleIdentity) bool
IsEq -
func (FQDNRuleIdentity) String ¶
func (sgRuleKey FQDNRuleIdentity) String() string
String impl Stringer
func (FQDNRuleIdentity) Validate ¶
func (o FQDNRuleIdentity) Validate() error
Validate validate of FQDNRuleIdentity
type ICMP ¶
type ICMP struct { IPv uint8 // Use in IP net version 4 or 6 Types dict.RBSet[uint8] // Use ICMP message types set of [0-254] }
ICMP an ICMP proto spec
type IESgSgIcmpRule ¶ added in v1.11.0
type IESgSgIcmpRule struct { Traffic Traffic SgLocal string Sg string Icmp ICMP Logs bool Trace bool }
IESgSgIcmpRule <IN|E>GRESS:SG-SG:ICMP rule
type IESgSgIcmpRuleID ¶ added in v1.11.0
IESgSgIcmpRuleID <IN|E>GRESS:SG-SG:ICMP rule ID
func (IESgSgIcmpRuleID) IdentityHash ¶ added in v1.11.0
func (o IESgSgIcmpRuleID) IdentityHash() string
IdentityHash -
type NetworkTransport ¶
type NetworkTransport uint8
NetworkTransport net transport
const ( // TCP ... TCP NetworkTransport = iota // UDP ... UDP )
func (*NetworkTransport) FromString ¶
func (nt *NetworkTransport) FromString(s string) error
FromString init from string
func (NetworkTransport) Validate ¶
func (nt NetworkTransport) Validate() error
Validate net transport validator
type PortSource ¶
type PortSource string
func (*PortSource) FromPortRange ¶
func (ps *PortSource) FromPortRange(r PortRange) error
FromPortRange inits from PortRange
func (*PortSource) FromPortRanges ¶
func (ps *PortSource) FromPortRanges(rr PortRanges) error
FromPortRanges -
func (PortSource) IsValid ¶
func (ps PortSource) IsValid() bool
IsValid check string of port range is valid
func (PortSource) ToPortRange ¶
func (ps PortSource) ToPortRange() (PortRange, error)
ToPortRange string to port range
func (PortSource) ToPortRanges ¶
func (ps PortSource) ToPortRanges() (PortRanges, error)
ToPortRanges -
type SGRuleIdentity ¶
type SGRuleIdentity struct { Transport NetworkTransport SgFrom string SgTo string }
SGRuleIdentity security rule ID as key
func (SGRuleIdentity) IdentityHash ¶
func (sgRuleKey SGRuleIdentity) IdentityHash() string
IdentityHash makes ID as hash for SGRule
func (SGRuleIdentity) Validate ¶
func (sgRuleKey SGRuleIdentity) Validate() error
Validate validate of SGRuleIdentity
type SGRulePorts ¶
type SGRulePorts struct { S PortRanges D PortRanges }
SGRulePorts source and destination port ranges
func (SGRulePorts) Validate ¶
func (ports SGRulePorts) Validate() error
Validate SGRulePorts model validate
type SecurityGroup ¶
type SecurityGroup struct { Name string Networks []NetworkName Logs bool Trace bool DefaultAction ChainDefaultAction }
SecurityGroup security group for networks(s)
func (SecurityGroup) Validate ¶
func (sg SecurityGroup) Validate() error
Validate security grpoup model validate
type SgIcmpRule ¶
SgIcmpRule SG:ICMP default rule
type SgIcmpRuleID ¶
SgIcmpRuleID SG:ICMP rule ID
type SgSgIcmpRule ¶
SgSgIcmpRule SG-SG:ICMP default rule
type SgSgIcmpRuleID ¶
SgSgIcmpRuleID SG-SG:ICMP rule ID
type SgSgRule ¶ added in v1.10.0
type SgSgRule = ruleT[SgSgRuleIdentity]
SgSgRule proto:SG:SG:[INGRESS|EGRESS] rule
type SgSgRuleIdentity ¶ added in v1.10.0
type SgSgRuleIdentity struct { Transport NetworkTransport Traffic Traffic SgLocal string Sg string }
SgSgRuleIdentity -
func (SgSgRuleIdentity) IdentityHash ¶ added in v1.10.0
func (o SgSgRuleIdentity) IdentityHash() string
IdentityHash implements ruleID.
func (SgSgRuleIdentity) IsEq ¶ added in v1.10.0
func (o SgSgRuleIdentity) IsEq(other SgSgRuleIdentity) bool
IsEq implements ruleID.
func (SgSgRuleIdentity) String ¶ added in v1.10.0
func (o SgSgRuleIdentity) String() string
String implements ruleID.
func (SgSgRuleIdentity) Validate ¶ added in v1.10.0
func (o SgSgRuleIdentity) Validate() error
Validate implements ruleID.
type SyncStatus ¶
SyncStatus succeeded sync-op status
type Traffic ¶
type Traffic uint8
Traffic packet traffic any of [INGRESS, EGRESS]
func (*Traffic) FromString ¶
FromString init from string