Documentation ¶
Index ¶
- Variables
- func ComputeTrieKey(n net.IPNet, isIPv6Enabled bool) []byte
- func ComputeTrieValue(l4Info []v1alpha1.Port, log logr.Logger, allowAll, denyAll bool) []byte
- func ConvByteArrayToIP(ipInInt uint32) string
- func ConvByteToIPv6(ipaddr [16]byte) net.IP
- func ConvConntrackV6ToByte(key ConntrackKeyV6) []byte
- func ConvIPv4ToInt(ipaddr net.IP) uint32
- func ConvIPv6ToByte(ipaddr net.IP) []byte
- func ConvIntToIPv4(ipaddr uint32) net.IP
- func ConvIntToIPv4NetworkOrder(ipaddr uint32) net.IP
- func CopyV6Bytes(dest *[16]byte, src [16]byte)
- func GetBPFMapPinPathFromPodIdentifier(podIdentifier string, direction string) string
- func GetBPFPinPathFromPodIdentifier(podIdentifier string, direction string) string
- func GetHostVethName(podName, podNamespace string) string
- func GetPodIdentifier(podName, podNamespace string) string
- func GetPodIdentifierFromBPFPinPath(pinPath string) (string, string)
- func GetPodNamespacedName(podName, podNamespace string) string
- func GetPolicyEndpointIdentifier(policyName, policyNamespace string) string
- func IsCatchAllIPEntry(ipAddr string) bool
- func IsFileExistsError(error string) bool
- func IsInvalidFilterListError(error string) bool
- func IsMissingFilterError(error string) bool
- func IsNodeIP(nodeIP string, ipCidr string) bool
- func IsNonHostCIDR(ipAddr string) bool
- type ConntrackKeyV6
- type ConntrackVal
- type VerdictType
Constants ¶
This section is empty.
Variables ¶
View Source
var ( TCP_PROTOCOL_NUMBER = 6 UDP_PROTOCOL_NUMBER = 17 SCTP_PROTOCOL_NUMBER = 132 ICMP_PROTOCOL_NUMBER = 1 RESERVED_IP_PROTOCOL_NUMBER = 255 // 255 is a reserved protocol value in the IP header ANY_IP_PROTOCOL = 254 TRIE_KEY_LENGTH = 8 TRIE_V6_KEY_LENGTH = 20 TRIE_VALUE_LENGTH = 96 BPF_PROGRAMS_PIN_PATH_DIRECTORY = "/sys/fs/bpf/globals/aws/programs/" BPF_MAPS_PIN_PATH_DIRECTORY = "/sys/fs/bpf/globals/aws/maps/" TC_INGRESS_PROG = "handle_ingress" TC_EGRESS_PROG = "handle_egress" TC_INGRESS_MAP = "ingress_map" TC_EGRESS_MAP = "egress_map" CATCH_ALL_PROTOCOL corev1.Protocol = "ANY_IP_PROTOCOL" DEFAULT_CLUSTER_NAME = "k8s-cluster" ErrFileExists = "file exists" ErrInvalidFilterList = "failed to get filter list" ErrMissingFilter = "no active filter to detach" )
Functions ¶
func ComputeTrieValue ¶
func ConvByteArrayToIP ¶
func ConvByteToIPv6 ¶
func ConvConntrackV6ToByte ¶
func ConvConntrackV6ToByte(key ConntrackKeyV6) []byte
func ConvIPv4ToInt ¶
func ConvIPv6ToByte ¶
func ConvIntToIPv4 ¶
func CopyV6Bytes ¶
func GetHostVethName ¶
func GetPodIdentifier ¶
func GetPodNamespacedName ¶
func IsCatchAllIPEntry ¶
func IsFileExistsError ¶
func IsMissingFilterError ¶
func IsNonHostCIDR ¶
Types ¶
type ConntrackKeyV6 ¶
type ConntrackKeyV6 struct { Source_ip [16]byte Source_port uint16 Dest_ip [16]byte Dest_port uint16 Protocol uint8 // contains filtered or unexported fields }
func ConvByteToConntrackV6 ¶
func ConvByteToConntrackV6(keyByte []byte) ConntrackKeyV6
type ConntrackVal ¶
type ConntrackVal struct {
Value uint8
}
type VerdictType ¶ added in v1.0.1
type VerdictType int
const ( DENY VerdictType = iota ACCEPT EXPIRED_DELETED )
func (VerdictType) Index ¶ added in v1.0.1
func (verdictType VerdictType) Index() int
Click to show internal directories.
Click to hide internal directories.