Documentation ¶
Index ¶
- Constants
- func TCPConnectionExpirationNotifier(_ interface{}, item interface{})
- func UDPConnectionExpirationNotifier(c cache.DataStore, id interface{}, item interface{})
- type AuthInfo
- type PingConfig
- type ProxyConnState
- type ProxyConnection
- type TCPConnection
- type TCPFlowState
- type TCPTuple
- type UDPConnection
- func (c *UDPConnection) AckChannel() chan bool
- func (c *UDPConnection) AckStop()
- func (c *UDPConnection) Cleanup()
- func (c *UDPConnection) DropPackets()
- func (c *UDPConnection) GetState() UDPFlowState
- func (c *UDPConnection) QueuePackets(udpPacket *packet.Packet) (err error)
- func (c *UDPConnection) ReadPacket() *packet.Packet
- func (c *UDPConnection) SetState(state UDPFlowState)
- func (c *UDPConnection) String() string
- func (c *UDPConnection) SynAckChannel() chan bool
- func (c *UDPConnection) SynAckStop()
- func (c *UDPConnection) SynChannel() chan bool
- func (c *UDPConnection) SynStop()
- type UDPFlowState
Constants ¶
const MaximumUDPQueueLen = 50
MaximumUDPQueueLen is the maximum number of UDP packets buffered.
Variables ¶
This section is empty.
Functions ¶
func TCPConnectionExpirationNotifier ¶
func TCPConnectionExpirationNotifier(_ interface{}, item interface{})
TCPConnectionExpirationNotifier handles processing the expiration of an element
func UDPConnectionExpirationNotifier ¶
UDPConnectionExpirationNotifier expiration notifier when cache entry expires
Types ¶
type AuthInfo ¶
type AuthInfo struct { LocalContext []byte RemoteContext []byte RemoteContextID string RemotePublicKey interface{} RemoteIP string RemotePort string LocalServiceContext []byte RemoteServiceContext []byte }
AuthInfo keeps authentication information about a connection
type PingConfig ¶
type PingConfig struct { StartTime time.Time Type claimsheader.PingType Passthrough bool SessionID string Request int }
PingConfig holds ping configuration per connection.
type ProxyConnState ¶
type ProxyConnState int
ProxyConnState identifies the constants of the state of a proxied connection
const ( // ClientTokenSend Init token send for client ClientTokenSend ProxyConnState = iota // ServerReceivePeerToken -- waiting to receive peer token ServerReceivePeerToken // ServerSendToken -- Send our own token and the client tokens ServerSendToken // ClientPeerTokenReceive -- Receive signed tokens from server ClientPeerTokenReceive // ClientSendSignedPair -- Sign the (token/nonce pair) and send ClientSendSignedPair // ServerAuthenticatePair -- Authenticate pair of tokens ServerAuthenticatePair )
type ProxyConnection ¶
type ProxyConnection struct { sync.Mutex Auth AuthInfo ReportFlowPolicy *policy.FlowPolicy PacketFlowPolicy *policy.FlowPolicy Secrets secrets.Secrets // contains filtered or unexported fields }
ProxyConnection is a record to keep state of proxy auth
func NewProxyConnection ¶
func NewProxyConnection() *ProxyConnection
NewProxyConnection returns a new Proxy Connection
func (*ProxyConnection) GetState ¶
func (c *ProxyConnection) GetState() ProxyConnState
GetState returns the state of a proxy connection
func (*ProxyConnection) SetReported ¶
func (c *ProxyConnection) SetReported(reported bool)
SetReported sets the flag to reported when the conn is reported
func (*ProxyConnection) SetState ¶
func (c *ProxyConnection) SetState(state ProxyConnState)
SetState is used to setup the state for the Proxy Connection
type TCPConnection ¶
type TCPConnection struct { sync.RWMutex Auth AuthInfo // ServiceData allows services to associate state with a connection ServiceData interface{} // Context is the pucontext.PUContext that is associated with this connection // Minimizes the number of caches and lookups Context *pucontext.PUContext // TimeOut signals the timeout to be used by the state machines TimeOut time.Duration // ServiceConnection indicates that this connection is handled by a service ServiceConnection bool // ReportFlowPolicy holds the last matched observed policy ReportFlowPolicy *policy.FlowPolicy // PacketFlowPolicy holds the last matched actual policy PacketFlowPolicy *policy.FlowPolicy // MarkForDeletion -- this is is used only in conjunction with serviceconnection. Its a hint for us if we have a fin for an earlier connection // and this is reused port flow. MarkForDeletion bool RetransmittedSynAck bool // TCPtuple is tcp tuple TCPtuple *TCPTuple // PingConfig is the config of the enforcer ping diagnostic feature PingConfig *PingConfig Secrets secrets.Secrets // contains filtered or unexported fields }
TCPConnection is information regarding TCP Connection
func NewTCPConnection ¶
func NewTCPConnection(context *pucontext.PUContext, p *packet.Packet) *TCPConnection
NewTCPConnection returns a TCPConnection information struct
func (*TCPConnection) Cleanup ¶
func (c *TCPConnection) Cleanup()
Cleanup will provide information when a connection is removed by a timer.
func (*TCPConnection) GetState ¶
func (c *TCPConnection) GetState() TCPFlowState
GetState is used to return the state
func (*TCPConnection) IsLoopbackConnection ¶
func (c *TCPConnection) IsLoopbackConnection() bool
IsLoopbackConnection sets LoopbackConnection field.
func (*TCPConnection) SetLoopbackConnection ¶
func (c *TCPConnection) SetLoopbackConnection(isLoopback bool)
SetLoopbackConnection sets LoopbackConnection field.
func (*TCPConnection) SetState ¶
func (c *TCPConnection) SetState(state TCPFlowState)
SetState is used to setup the state for the TCP connection
func (*TCPConnection) String ¶
func (c *TCPConnection) String() string
String returns a printable version of connection
type TCPFlowState ¶
type TCPFlowState int
TCPFlowState identifies the constants of the state of a TCP connectioncon
const ( // TCPSynSend is the state where the Syn packets has been send, but no response has been received TCPSynSend TCPFlowState = iota // TCPSynReceived indicates that the syn packet has been received TCPSynReceived // TCPSynAckSend indicates that the SynAck packet has been send TCPSynAckSend // TCPSynAckReceived is the state where the SynAck has been received TCPSynAckReceived // TCPAckSend indicates that the ack packets has been sent TCPAckSend // TCPAckProcessed is the state that the negotiation has been completed TCPAckProcessed // TCPData indicates that the packets are now data packets TCPData // UnknownState indicates that this an existing connection in the uknown state. UnknownState )
type TCPTuple ¶
type TCPTuple struct { SourceAddress net.IP DestinationAddress net.IP SourcePort uint16 DestinationPort uint16 }
TCPTuple contains the 4 tuple for tcp connection
type UDPConnection ¶
type UDPConnection struct { sync.RWMutex Context *pucontext.PUContext Auth AuthInfo ReportFlowPolicy *policy.FlowPolicy PacketFlowPolicy *policy.FlowPolicy // ServiceData allows services to associate state with a connection ServiceData interface{} // PacketQueue indicates app UDP packets queued while authorization is in progress. PacketQueue chan *packet.Packet Writer afinetrawsocket.SocketWriter // ServiceConnection indicates that this connection is handled by a service ServiceConnection bool TestIgnore bool Secrets secrets.Secrets // contains filtered or unexported fields }
UDPConnection is information regarding UDP connection.
func NewUDPConnection ¶
func NewUDPConnection(context *pucontext.PUContext, writer afinetrawsocket.SocketWriter) *UDPConnection
NewUDPConnection returns UDPConnection struct.
func (*UDPConnection) AckChannel ¶
func (c *UDPConnection) AckChannel() chan bool
AckChannel returns the Ack stop channel.
func (*UDPConnection) AckStop ¶
func (c *UDPConnection) AckStop()
AckStop issues a stop in the Ack channel.
func (*UDPConnection) Cleanup ¶
func (c *UDPConnection) Cleanup()
Cleanup is called on cache expiry of the connection to record incomplete connections
func (*UDPConnection) DropPackets ¶
func (c *UDPConnection) DropPackets()
DropPackets drops packets on errors during Authorization.
func (*UDPConnection) GetState ¶
func (c *UDPConnection) GetState() UDPFlowState
GetState is used to get state of UDP Connection.
func (*UDPConnection) QueuePackets ¶
func (c *UDPConnection) QueuePackets(udpPacket *packet.Packet) (err error)
QueuePackets queues UDP packets till the flow is authenticated.
func (*UDPConnection) ReadPacket ¶
func (c *UDPConnection) ReadPacket() *packet.Packet
ReadPacket reads a packet from the queue.
func (*UDPConnection) SetState ¶
func (c *UDPConnection) SetState(state UDPFlowState)
SetState is used to setup the state for the UDP Connection.
func (*UDPConnection) String ¶
func (c *UDPConnection) String() string
String returns a printable version of connection
func (*UDPConnection) SynAckChannel ¶
func (c *UDPConnection) SynAckChannel() chan bool
SynAckChannel returns the SynAck stop channel.
func (*UDPConnection) SynAckStop ¶
func (c *UDPConnection) SynAckStop()
SynAckStop issues a stop in the synAckStop channel.
func (*UDPConnection) SynChannel ¶
func (c *UDPConnection) SynChannel() chan bool
SynChannel returns the SynStop channel.
func (*UDPConnection) SynStop ¶
func (c *UDPConnection) SynStop()
SynStop issues a stop on the synStop channel.
type UDPFlowState ¶
type UDPFlowState int
UDPFlowState identifies the constants of the state of a UDP connection.
const ( // UDPStart is the state where a syn will be sent. UDPStart UDPFlowState = iota // UDPClientSendSyn is the state where a syn has been sent. UDPClientSendSyn // UDPClientSendAck is the state where application side has send the ACK. UDPClientSendAck // UDPReceiverSendSynAck is the state where syn ack packet has been sent. UDPReceiverSendSynAck // UDPReceiverProcessedAck is the state that the negotiation has been completed. UDPReceiverProcessedAck // UDPData is the state where data is being transmitted. UDPData )