Documentation ¶
Index ¶
- type FlowContext
- type FlowFilterFunc
- type FlowFilterImplementation
- func And(filters ...FlowFilterImplementation) FlowFilterImplementation
- func DNS(query string, rcode uint32) FlowFilterImplementation
- func Drop(opts ...Option) FlowFilterImplementation
- func FIN() FlowFilterImplementation
- func HTTP(code uint32, method, url string) FlowFilterImplementation
- func ICMP(typ uint32) FlowFilterImplementation
- func ICMPv6(typ uint32) FlowFilterImplementation
- func IP(srcIP, dstIP string) FlowFilterImplementation
- func L7Drop() FlowFilterImplementation
- func Or(filters ...FlowFilterImplementation) FlowFilterImplementation
- func RST() FlowFilterImplementation
- func SYN() FlowFilterImplementation
- func SYNACK() FlowFilterImplementation
- func TCP(srcPort, dstPort uint32) FlowFilterImplementation
- func TCPFlags(syn, ack, fin, rst bool) FlowFilterImplementation
- func UDP(srcPort, dstPort int) FlowFilterImplementation
- type FlowRequirement
- type FlowSetRequirement
- type Option
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FlowContext ¶
type FlowContext struct {
// contains filtered or unexported fields
}
FlowContext can carry state from one filter to another.
func NewFlowContext ¶
func NewFlowContext() FlowContext
type FlowFilterFunc ¶
type FlowFilterFunc func(flow *flowpb.Flow, fc *FlowContext) bool
FlowFilterFunc is a function to filter on a condition in a flow. It returns true if the condition is true.
type FlowFilterImplementation ¶
type FlowFilterImplementation interface { Match(flow *flowpb.Flow, fc *FlowContext) bool String(fc *FlowContext) string }
func And ¶
func And(filters ...FlowFilterImplementation) FlowFilterImplementation
And returns true if all filters return true
func DNS ¶
func DNS(query string, rcode uint32) FlowFilterImplementation
DNS matches on proxied DNS packets containing a specific value, if any
func HTTP ¶
func HTTP(code uint32, method, url string) FlowFilterImplementation
HTTP matches on proxied HTTP packets containing a specific value, if any
func ICMP ¶
func ICMP(typ uint32) FlowFilterImplementation
ICMP matches on ICMP messages of the specified type
func ICMPv6 ¶
func ICMPv6(typ uint32) FlowFilterImplementation
ICMPv6 matches on ICMPv6 messages of the specified type
func IP ¶
func IP(srcIP, dstIP string) FlowFilterImplementation
IP matches on IP packets with specified source and destination IP
func L7Drop ¶ added in v0.9.0
func L7Drop() FlowFilterImplementation
L7Drop matches on drops reported by L7 proxied
func Or ¶
func Or(filters ...FlowFilterImplementation) FlowFilterImplementation
Or returns true if any FlowFilterImplementation return true
func SYNACK ¶
func SYNACK() FlowFilterImplementation
SYNACK matches on TCP packets with SYN+ACK flags
func TCP ¶
func TCP(srcPort, dstPort uint32) FlowFilterImplementation
TCP matches on TCP packets with the specified source and destination ports
func TCPFlags ¶
func TCPFlags(syn, ack, fin, rst bool) FlowFilterImplementation
TCPFlags matches on TCP packets with the specified TCP flags
func UDP ¶
func UDP(srcPort, dstPort int) FlowFilterImplementation
UDP matches on UDP packets with the specified source and destination ports
type FlowRequirement ¶
type FlowRequirement struct { Filter FlowFilterImplementation Msg string SkipOnAggregation bool }
type FlowSetRequirement ¶
type FlowSetRequirement struct { First FlowRequirement Middle []FlowRequirement Last FlowRequirement Except []FlowRequirement }
type Option ¶ added in v0.12.5
type Option func(*dropFilter) *dropFilter
func WithDropFunc ¶ added in v0.12.5
func WithEgress ¶ added in v0.12.5
func WithEgress() Option
func WithIngress ¶ added in v0.12.5
func WithIngress() Option