nat

package
v1.14.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 18, 2024 License: Apache-2.0 Imports: 19 Imported by: 14

Documentation

Overview

Package nat implements the BPF NAT map interaction code. +groupName=maps

Index

Constants

View Source
const (
	// MapNameSnat4Global represents global IPv4 NAT table.
	MapNameSnat4Global = "cilium_snat_v4_external"
	// MapNameSnat6Global represents global IPv6 NAT table.
	MapNameSnat6Global = "cilium_snat_v6_external"

	// MinPortSnatDefault represents default min port from range.
	MinPortSnatDefault = 1024
	// MaxPortSnatDefault represents default max port from range.
	MaxPortSnatDefault = 65535
)
View Source
const (
	PerClusterNATOuterMapPrefix = "cilium_per_cluster_snat_"
)
View Source
const SizeofNatEntry6 = int(unsafe.Sizeof(NatEntry6{}))

SizeofNatEntry6 is the size of the NatEntry6 type in bytes.

View Source
const SizeofNatKey4 = int(unsafe.Sizeof(NatKey4{}))

SizeofNatKey4 is the size of the NatKey4 type in bytes.

View Source
const SizeofNatKey6 = int(unsafe.Sizeof(NatKey6{}))

SizeofNatKey6 is the size of the NatKey6 type in bytes.

Variables

This section is empty.

Functions

func DeleteMapping4 added in v1.13.9

func DeleteMapping4(m *Map, ctKey *tuple.TupleKey4Global) error

func DeleteMapping6 added in v1.13.9

func DeleteMapping6(m *Map, ctKey *tuple.TupleKey6Global) error

func DeleteSwappedMapping4 added in v1.13.9

func DeleteSwappedMapping4(m *Map, ctKey *tuple.TupleKey4Global) error

Expects ingress tuple

func DeleteSwappedMapping6 added in v1.13.9

func DeleteSwappedMapping6(m *Map, ctKey *tuple.TupleKey6Global) error

Expects ingress tuple

func DoDumpEntries

func DoDumpEntries(m NatMap) (string, error)

DoDumpEntries iterates through Map m and writes the values of the nat entries in m to a string.

func DumpEntriesWithTimeDiff added in v1.14.5

func DumpEntriesWithTimeDiff(m NatMap, clockSource *models.ClockSource) (string, error)

DumpEntriesWithTimeDiff iterates through Map m and writes the values of the nat entries in m to a string. If clockSource is not nil, it uses it to compute the time difference of each entry from now and prints that too.

func InitDummyPerClusterNATMaps added in v1.14.0

func InitDummyPerClusterNATMaps(ipv4, ipv6 bool, innerMapEntries int) error

func InitPerClusterNATMaps added in v1.14.0

func InitPerClusterNATMaps(outerMapNamePrefix string, ipv4, ipv6 bool, innerMapEntries int) error

Types

type Map

type Map struct {
	bpf.Map
	// contains filtered or unexported fields
}

Map represents a NAT map. It also implements the NatMap interface.

func ClusterMaps

func ClusterMaps(clusterID uint32, ipv4, ipv6 bool) (ipv4Map, ipv6Map *Map, err error)

ClusterMaps returns all NAT maps for given clusters

func GlobalMaps

func GlobalMaps(ipv4, ipv6, nodeport bool) (ipv4Map, ipv6Map *Map)

GlobalMaps returns all global NAT maps.

func NewMap

func NewMap(name string, v4 bool, entries int) *Map

NewMap instantiates a Map.

func (*Map) Delete

func (m *Map) Delete(k bpf.MapKey) (deleted bool, err error)

func (*Map) DumpEntries

func (m *Map) DumpEntries() (string, error)

DumpEntries iterates through Map m and writes the values of the nat entries in m to a string.

func (*Map) DumpReliablyWithCallback

func (m *Map) DumpReliablyWithCallback(cb bpf.DumpCallback, stats *bpf.DumpStats) error

func (*Map) DumpStats

func (m *Map) DumpStats() *bpf.DumpStats

func (*Map) Flush

func (m *Map) Flush() int

Flush deletes all NAT mappings from the given table.

type NatEntry

type NatEntry interface {
	bpf.MapValue

	// ToHost converts fields to host byte order.
	ToHost() NatEntry

	// Dumps the Nat entry as string.
	Dump(key NatKey, toDeltaSecs func(uint64) string) string
}

NatEntry is the interface describing values to the NAT map.

type NatEntry4

type NatEntry4 struct {
	Created uint64     `align:"created"`
	NeedsCT uint64     `align:"needs_ct"`
	Pad1    uint64     `align:"pad1"`
	Pad2    uint64     `align:"pad2"`
	Addr    types.IPv4 `align:"to_saddr"`
	Port    uint16     `align:"to_sport"`
	// contains filtered or unexported fields
}

NatEntry4 represents an IPv4 entry in the NAT table.

func (*NatEntry4) Dump

func (n *NatEntry4) Dump(key NatKey, toDeltaSecs func(uint64) string) string

Dump dumps NAT entry to string.

func (*NatEntry4) New

func (n *NatEntry4) New() bpf.MapValue

func (*NatEntry4) String

func (n *NatEntry4) String() string

String returns the readable format.

func (*NatEntry4) ToHost

func (n *NatEntry4) ToHost() NatEntry

ToHost converts NatEntry4 ports to host byte order.

type NatEntry6

type NatEntry6 struct {
	Created uint64     `align:"created"`
	NeedsCT uint64     `align:"needs_ct"`
	Pad1    uint64     `align:"pad1"`
	Pad2    uint64     `align:"pad2"`
	Addr    types.IPv6 `align:"to_saddr"`
	Port    uint16     `align:"to_sport"`
	// contains filtered or unexported fields
}

NatEntry6 represents an IPv6 entry in the NAT table.

func (*NatEntry6) Dump

func (n *NatEntry6) Dump(key NatKey, toDeltaSecs func(uint64) string) string

Dump dumps NAT entry to string.

func (*NatEntry6) New

func (n *NatEntry6) New() bpf.MapValue

func (*NatEntry6) String

func (n *NatEntry6) String() string

String returns the readable format.

func (*NatEntry6) ToHost

func (n *NatEntry6) ToHost() NatEntry

ToHost converts NatEntry4 ports to host byte order.

type NatKey

type NatKey interface {
	bpf.MapKey

	// ToNetwork converts fields to network byte order.
	ToNetwork() NatKey

	// ToHost converts fields to host byte order.
	ToHost() NatKey

	// Dump contents of key to sb. Returns true if successful.
	Dump(sb *strings.Builder, reverse bool) bool

	// GetFlags flags containing the direction of the TupleKey.
	GetFlags() uint8

	// GetNextHeader returns the proto of the NatKey
	GetNextHeader() u8proto.U8proto
}

type NatKey4

type NatKey4 struct {
	tuple.TupleKey4Global
}

NatKey4 is needed to provide NatEntry type to Lookup values

func (*NatKey4) GetNextHeader

func (k *NatKey4) GetNextHeader() u8proto.U8proto

func (*NatKey4) New

func (k *NatKey4) New() bpf.MapKey

func (*NatKey4) ToHost

func (k *NatKey4) ToHost() NatKey

ToHost converts ports to host byte order.

This is necessary to prevent callers from implicitly converting the NatKey4 type here into a local key type in the nested TupleKey4Global field.

func (*NatKey4) ToNetwork

func (k *NatKey4) ToNetwork() NatKey

ToNetwork converts ports to network byte order.

This is necessary to prevent callers from implicitly converting the NatKey4 type here into a local key type in the nested TupleKey4Global field.

type NatKey6

type NatKey6 struct {
	tuple.TupleKey6Global
}

NatKey6 is needed to provide NatEntry type to Lookup values

func (*NatKey6) GetNextHeader

func (k *NatKey6) GetNextHeader() u8proto.U8proto

func (*NatKey6) New

func (k *NatKey6) New() bpf.MapKey

func (*NatKey6) ToHost

func (k *NatKey6) ToHost() NatKey

ToHost converts ports to host byte order.

This is necessary to prevent callers from implicitly converting the NatKey6 type here into a local key type in the nested TupleKey6Global field.

func (*NatKey6) ToNetwork

func (k *NatKey6) ToNetwork() NatKey

ToNetwork converts ports to network byte order.

This is necessary to prevent callers from implicitly converting the NatKey6 type here into a local key type in the nested TupleKey6Global field.

type NatMap

type NatMap interface {
	Open() error
	Close() error
	Path() (string, error)
	DumpEntries() (string, error)
	DumpWithCallback(bpf.DumpCallback) error
}

NatMap interface represents a NAT map, and can be reused to implement mock maps for unit tests.

type NatMapRecord

type NatMapRecord struct {
	Key   NatKey
	Value NatEntry
}

A "Record" designates a map entry (key + value), but avoid "entry" because of possible confusion with "NatEntry" (actually the value part). This type is used for JSON dump and mock maps.

type PerClusterNATMap added in v1.14.0

type PerClusterNATMap struct {
	*bpf.Map
	// contains filtered or unexported fields
}

A map-in-map that holds per-cluster NAT maps.

type PerClusterNATMapKey

type PerClusterNATMapKey struct {
	ClusterID uint32
}

func (*PerClusterNATMapKey) New

func (n *PerClusterNATMapKey) New() bpf.MapKey

func (*PerClusterNATMapKey) String

func (k *PerClusterNATMapKey) String() string

type PerClusterNATMapVal

type PerClusterNATMapVal struct {
	Fd uint32
}

func (*PerClusterNATMapVal) New

func (n *PerClusterNATMapVal) New() bpf.MapValue

func (*PerClusterNATMapVal) String

func (v *PerClusterNATMapVal) String() string

type PerClusterNATMapper

type PerClusterNATMapper interface {
	UpdateClusterNATMaps(clusterID uint32) error
	DeleteClusterNATMaps(clusterID uint32) error
	GetClusterNATMap(clusterID uint32, v4 bool) (*Map, error)
	Cleanup()
}

An interface to interact with the global map.

var PerClusterNATMaps PerClusterNATMapper

Global interface to interact with IPv4 and v6 NAT maps. We can choose the implementation of this at startup time by choosing InitPerClusterNATMaps or InitDummyPerClusterNATMaps for initialization.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL