Documentation ¶
Index ¶
- Constants
- Variables
- func MyCounterMatcher(x interface{}) gomock.Matcher
- func MyMatcher(x interface{}) gomock.Matcher
- func PacketEventMatcher(x interface{}) gomock.Matcher
- type Accessor
- type ContextProcessor
- type Datapath
- func (d *Datapath) CleanUp() error
- func (d *Datapath) EnableDatapathPacketTracing(ctx context.Context, contextID string, ...) error
- func (d *Datapath) EnableIPTablesPacketTracing(ctx context.Context, contextID string, interval time.Duration) error
- func (d *Datapath) Enforce(contextID string, puInfo *policy.PUInfo) error
- func (d *Datapath) GetBPFObject() ebpf.BPFModule
- func (d *Datapath) GetFilterQueue() *fqconfig.FilterQueue
- func (d *Datapath) PacketLogsEnabled() bool
- func (d *Datapath) Ping(ctx context.Context, contextID string, pingConfig *policy.PingConfig) error
- func (d *Datapath) ProcessApplicationUDPPacket(p *packet.Packet) (conn *connection.UDPConnection, err error)
- func (d *Datapath) ProcessNetworkUDPPacket(p *packet.Packet) (conn *connection.UDPConnection, err error)
- func (d *Datapath) Run(ctx context.Context) error
- func (d *Datapath) SetLogLevel(level constants.LogLevel) error
- func (d *Datapath) SetTargetNetworks(cfg *runtime.Configuration) error
- func (d *Datapath) Unenforce(contextID string) error
- func (d *Datapath) UpdateSecrets(s secrets.Secrets) error
- type RuleProcessor
Constants ¶
const DefaultExternalIPTimeout = "500ms"
DefaultExternalIPTimeout is the default used for the cache for External IPTimeout.
Variables ¶
var GetUDPRawSocket = afinetrawsocket.CreateSocket
GetUDPRawSocket is placeholder for createSocket function. It is useful to mock tcp unit tests.
Functions ¶
func MyCounterMatcher ¶
MyCounterMatcher custom matcher for counter record
func PacketEventMatcher ¶
PacketEventMatcher return gomock matcher
Types ¶
type Accessor ¶
type Accessor interface { ContextProcessor RuleProcessor }
Accessor is an interface for datapth to access contexts/rules/tokens
type ContextProcessor ¶
type ContextProcessor interface { DoesContextExist(contextID string) bool IsContextServer(contextID string, backendip string) bool }
ContextProcessor is an interface to provide context checks
type Datapath ¶
type Datapath struct { // CacheTimeout used for Trireme auto-detecion ExternalIPCacheTimeout time.Duration // contains filtered or unexported fields }
Datapath is the structure holding all information about a connection filter
func New ¶
func New( mutualAuth bool, filterQueue *fqconfig.FilterQueue, collector collector.EventCollector, serverID string, validity time.Duration, service packetprocessor.PacketProcessor, secrets secrets.Secrets, mode constants.ModeType, procMountPoint string, ExternalIPCacheTimeout time.Duration, packetLogs bool, tokenaccessor tokenaccessor.TokenAccessor, puFromContextID cache.DataStore, cfg *runtime.Configuration, aclmanager ipsetmanager.ACLManager, isBPFEnabled bool, agentVersion semver.Version, ) *Datapath
New will create a new data path structure. It instantiates the data stores needed to track sessions. The data path is started with a different call. Only required parameters must be provided. Rest a pre-populated with defaults.
func NewWithDefaults ¶
func NewWithDefaults( serverID string, collector collector.EventCollector, service packetprocessor.PacketProcessor, secrets secrets.Secrets, mode constants.ModeType, procMountPoint string, targetNetworks []string, aclmanager ipsetmanager.ACLManager, ) *Datapath
NewWithDefaults create a new data path with most things used by default
func (*Datapath) EnableDatapathPacketTracing ¶
func (d *Datapath) EnableDatapathPacketTracing(ctx context.Context, contextID string, direction packettracing.TracingDirection, interval time.Duration) error
EnableDatapathPacketTracing enable nfq datapath packet tracing
func (*Datapath) EnableIPTablesPacketTracing ¶
func (d *Datapath) EnableIPTablesPacketTracing(ctx context.Context, contextID string, interval time.Duration) error
EnableIPTablesPacketTracing enable iptables -j trace for the particular pu and is much wider packet stream.
func (*Datapath) Enforce ¶
Enforce implements the Enforce interface method and configures the data path for a new PU
func (*Datapath) GetBPFObject ¶
GetBPFObject returns the bpf object
func (*Datapath) GetFilterQueue ¶
func (d *Datapath) GetFilterQueue() *fqconfig.FilterQueue
GetFilterQueue returns the filter queues used by the data path
func (*Datapath) PacketLogsEnabled ¶
PacketLogsEnabled returns true if the packet logs are enabled.
func (*Datapath) ProcessApplicationUDPPacket ¶
func (d *Datapath) ProcessApplicationUDPPacket(p *packet.Packet) (conn *connection.UDPConnection, err error)
ProcessApplicationUDPPacket processes packets arriving from an application and are destined to the network
func (*Datapath) ProcessNetworkUDPPacket ¶
func (d *Datapath) ProcessNetworkUDPPacket(p *packet.Packet) (conn *connection.UDPConnection, err error)
ProcessNetworkUDPPacket processes packets arriving from network and are destined to the application.
func (*Datapath) SetLogLevel ¶
SetLogLevel sets log level.
func (*Datapath) SetTargetNetworks ¶
func (d *Datapath) SetTargetNetworks(cfg *runtime.Configuration) error
SetTargetNetworks sets new target networks used by datapath