api

Documentation

Index

• Variables
• func CheckCache(cidrIP string) (intIP int64)
• func CompareIntIP(ipAddr int64, subnet NetRange) bool
• func GetIntFromIP(ipAdrr string) (i int64)
• func GetRouteTables() []*ec2.DescribeRouteTablesOutput
• func GetSecurityGroups() []*ec2.DescribeSecurityGroupsOutput
• func MostSpecificRoute(ipAddressInt int64, table *RouteTable)
• func ParseRouteDestination(route ec2.Route) (dest string)
• type NetRange
  • func NewNetRange(Cidr string, Mask string, NetworkRange int64) NetRange
  • func ParseRange(ec2IpRangeArray []*ec2.IpRange) (ipRangeArray []NetRange)
  • func ParseRoutes(routes []*ec2.Route) (parsedRoutes []NetRange)
• type RouteTable
  • func ParseRouteTables(routeTables *ec2.DescribeRouteTablesOutput) (parsedTable []RouteTable)
• type SecurityGroup
  • func ParseSecurityGroups(securityGroups *ec2.DescribeSecurityGroupsOutput) (parsedGroup []SecurityGroup)
• type SecurityGroupRule
  • func ParseIPPermissions(perm []*ec2.IpPermission, trafficD string) (ipPermission []SecurityGroupRule)

Variables

var NetCache = make(map[string]int64)

NetCache will instantiate a singleton map for storing ranges in a cache.

Functions

func CheckCache

func CheckCache(cidrIP string) (intIP int64)

CheckCache will take a string and check if we have already worked out the int64 version of the IP.

func CompareIntIP

func CompareIntIP(ipAddr int64, subnet NetRange) bool

CompareIntIP will compare the IP address to the NetRange to see if they share the same Network address.

func GetIntFromIP

func GetIntFromIP(ipAdrr string) (i int64)

GetIntFromIP take an IP address and converts it into a 64bit integer.

func GetRouteTables

func GetRouteTables() []*ec2.DescribeRouteTablesOutput

GetRouteTables will build a list of all RouteTables for parsing later. We can change this function in the future to specify which region we want to use Or we can set it so that it uses scans all regions.

func GetSecurityGroups

func GetSecurityGroups() []*ec2.DescribeSecurityGroupsOutput

GetSecurityGroups will build a list of all SecurityGroups for parsing later. We can change this function in the future to specify which region we want to use Or we can set it so that it uses scans all regions.

func MostSpecificRoute

func MostSpecificRoute(ipAddressInt int64, table *RouteTable)

MostSpecificRoute will take an IP address and a dereferenced RouteTable It will then see which one of the routes in the table is the most specific match.

func ParseRouteDestination

func ParseRouteDestination(route ec2.Route) (dest string)

ParseRouteDestination will look at the ec2.Route type and determine what the destination is .e.g. VPG, GatewayId, InstanceId, NateGatewayID We find this information by using reflection to get all of the fields, then we can exclude fields we don't need and just search for the field that contains data

Types

type NetRange

type NetRange struct {
	Cidr                  string `json:"cidr"`
	Mask                  string `json:"mask"`
	NetworkRange          int64  `json:"cidrInt"`
	RouteTableDestination string `json:"route-test,omitempty"`
	MostSpecific          bool   `json:"mostSpecific,omitempty"`
	Propagated            bool   `json:"propagated,omitempty"`
}

NetRange is a struct that contains information about a network

func NewNetRange

func NewNetRange(Cidr string, Mask string, NetworkRange int64) NetRange

NewNetRange will be the interface we use to create NetRange objects. This is because we want to reuse the NetRange type for both SG and RouteTables. RouteTableDestination is not require on SG so we give it a default here.

func ParseRange

func ParseRange(ec2IpRangeArray []*ec2.IpRange) (ipRangeArray []NetRange)

ParseRange takes an []*ec2.IpRange parses it and convert it into a []NetRange array.

func ParseRoutes

func ParseRoutes(routes []*ec2.Route) (parsedRoutes []NetRange)

ParseRoutes will take []*ec2.Route and convert it to a []NetRange

type RouteTable

type RouteTable struct {
	RouteTableID string     `json:"ID"`
	VpcID        string     `json:"vpcId"`
	Routes       []NetRange `json:"routes"`
}

RouteTable is a struct that contains information on an individual RouteTable

func ParseRouteTables

func ParseRouteTables(routeTables *ec2.DescribeRouteTablesOutput) (parsedTable []RouteTable)

ParseRouteTables will take *ec2.DescribeRouteTablesOutput and output a parse RoutTable Array.

type SecurityGroup

type SecurityGroup struct {
	Name  string              `json:"name"`
	VpcID string              `json:"vpcId"`
	Rules []SecurityGroupRule `json:"rules"`
}

SecurityGroup struct that will house all of the SecurityGroupRule objects.

func ParseSecurityGroups

func ParseSecurityGroups(securityGroups *ec2.DescribeSecurityGroupsOutput) (parsedGroup []SecurityGroup)

ParseSecurityGroups will get the DescribSecurityGroupsOutput and parse it into the types that we want. We can then take this output and pass it through to see if we get a match on the IP we want.

type SecurityGroupRule

type SecurityGroupRule struct {
	Ports            string     `json:"ports"`
	Networks         []NetRange `json:"subnets"`
	TrafficDirection string     `json:"direction"`
}

SecurityGroupRule is the struct for the port and networks associated with that port We use a reference to NetRange as we don't know how many times this range will be used Should save some address space?

func ParseIPPermissions

func ParseIPPermissions(perm []*ec2.IpPermission, trafficD string) (ipPermission []SecurityGroupRule)

ParseIPPermissions will take the *ec2.IpPermission object and parse it into SecurityGroupRules. Need to add checking on egress traffic.