constants

package
v0.6.0-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 8, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MANGLE = "mangle"
	NAT    = "nat"
	FILTER = "filter"
	RAW    = "raw"
)

iptables tables

View Source 
const (
	INPUT       = "INPUT"
	OUTPUT      = "OUTPUT"
	FORWARD     = "FORWARD"
	PREROUTING  = "PREROUTING"
	POSTROUTING = "POSTROUTING"
)

Built-in iptables chains

View Source 
const (
	TCP = "tcp"
	UDP = "udp"

	TPROXY   = "TPROXY"
	RETURN   = "RETURN"
	ACCEPT   = "ACCEPT"
	REJECT   = "REJECT"
	REDIRECT = "REDIRECT"
	MARK     = "MARK"
	CT       = "CT"
	DROP     = "DROP"
)

Constants used for generating iptables commands

View Source 
const (
	ISTIOOUTPUT     = "ISTIO_OUTPUT"
	ISTIOINBOUND    = "ISTIO_INBOUND"
	ISTIODIVERT     = "ISTIO_DIVERT"
	ISTIOTPROXY     = "ISTIO_TPROXY"
	ISTIOREDIRECT   = "ISTIO_REDIRECT"
	ISTIOINREDIRECT = "ISTIO_IN_REDIRECT"
)

iptables chains

View Source 
const (
	InboundInterceptionMode   = "istio-inbound-interception-mode"
	InboundTProxyMark         = "istio-inbound-tproxy-mark"
	InboundTProxyRouteTable   = "istio-inbound-tproxy-route-table"
	InboundPorts              = "istio-inbound-ports"
	LocalExcludePorts         = "istio-local-exclude-ports"
	ExcludeInterfaces         = "istio-exclude-interfaces"
	ServiceCidr               = "istio-service-cidr"
	ServiceExcludeCidr        = "istio-service-exclude-cidr"
	OutboundPorts             = "istio-outbound-ports"
	LocalOutboundPortsExclude = "istio-local-outbound-ports-exclude"
	EnvoyPort                 = "envoy-port"
	InboundCapturePort        = "inbound-capture-port"
	InboundTunnelPort         = "inbound-tunnel-port"
	ProxyUID                  = "proxy-uid"
	ProxyGID                  = "proxy-gid"
	KubeVirtInterfaces        = "kube-virt-interfaces"
	DryRun                    = "dry-run"
	TraceLogging              = "iptables-trace-logging"
	Clean                     = "clean"
	RestoreFormat             = "restore-format"
	SkipRuleApply             = "skip-rule-apply"
	RunValidation             = "run-validation"
	IptablesProbePort         = "iptables-probe-port"
	ProbeTimeout              = "probe-timeout"
	RedirectDNS               = "redirect-dns"
	DropInvalid               = "drop-invalid"
	CaptureAllDNS             = "capture-all-dns"
	OutputPath                = "output-paths"
	NetworkNamespace          = "network-namespace"
	CNIMode                   = "cni-mode"
)

Constants used in cobra/viper CLI

View Source 
const (
	DisableRedirectionOnLocalLoopback = "DISABLE_REDIRECTION_ON_LOCAL_LOOPBACK"
	EnvoyUser                         = "ENVOY_USER"
)

Constants used in environment variables

View Source 
const (
	IPTABLES         = "iptables"
	IPTABLESRESTORE  = "iptables-restore"
	IPTABLESSAVE     = "iptables-save"
	IP6TABLES        = "ip6tables"
	IP6TABLESRESTORE = "ip6tables-restore"
	IP6TABLESSAVE    = "ip6tables-save"
	NSENTER          = "nsenter"
)

Constants for iptables commands

View Source 
const (
	DefaultIptablesProbePort = "15002"
	DefaultProbeTimeout      = 5 * time.Second
)
View Source 
const (
	ValidationContainerName = "istio-validation"
	ValidationErrorCode     = 126
)
View Source 
const (
	CommandConfigureRoutes = "configure-routes"
)
View Source 
const (
	DefaultProxyUID = "1337"
)
View Source 
const (
	// IPVersionSpecific is used as an input to rules that will be replaced with an ip version (v4/v6)
	// specific value
	IPVersionSpecific = "PLACEHOLDER_IP_VERSION_SPECIFIC"
)
View Source 
const (
	IstioAgentDNSListenerPort = "15053"
)

DNS ports

View Source 
const (
	// sys/socket.h
	SoOriginalDst = 80
)

Constants for syscall

Variables

View Source 
var (
	OwnerGroupsInclude = env.RegisterStringVar("ISTIO_OUTBOUND_OWNER_GROUPS", "*",
		`Comma separated list of groups whose outgoing traffic is to be redirected to Envoy.
A group can be specified either by name or by a numeric GID.
The wildcard character "*" can be used to configure redirection of traffic from all groups.`)

	OwnerGroupsExclude = env.RegisterStringVar("ISTIO_OUTBOUND_OWNER_GROUPS_EXCLUDE", "",
		`Comma separated list of groups whose outgoing traffic is to be excluded from redirection to Envoy.
A group can be specified either by name or by a numeric GID.
Only applies when traffic from all groups (i.e. "*") is being redirected to Envoy.`)
)

Environment variables that deliberately have no equivalent command-line flags.

The variables are defined as env.Var for documentation purposes.

Use viper to resolve the value of the environment variable.

View Source 
var BuiltInChainsMap = map[string]struct{}{
	INPUT:       {},
	OUTPUT:      {},
	FORWARD:     {},
	PREROUTING:  {},
	POSTROUTING: {},
}

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.