nat

package
v1.14.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 26, 2024 License: Apache-2.0 Imports: 19 Imported by: 14

Documentation

Overview

Package nat implements the BPF NAT map interaction code. +groupName=maps

Index

Constants

View Source 
const (
	// MapNameSnat4Global represents global IPv4 NAT table.
	MapNameSnat4Global = "cilium_snat_v4_external"
	// MapNameSnat6Global represents global IPv6 NAT table.
	MapNameSnat6Global = "cilium_snat_v6_external"

	// MinPortSnatDefault represents default min port from range.
	MinPortSnatDefault = 1024
	// MaxPortSnatDefault represents default max port from range.
	MaxPortSnatDefault = 65535
)
View Source 
const (
	PerClusterNATOuterMapPrefix = "cilium_per_cluster_snat_"
)
View Source 
const SizeofNatEntry6 = int(unsafe.Sizeof(NatEntry6{}))

SizeofNatEntry6 is the size of the NatEntry6 type in bytes.

View Source 
const SizeofNatKey4 = int(unsafe.Sizeof(NatKey4{}))

SizeofNatKey4 is the size of the NatKey4 type in bytes.

View Source 
const SizeofNatKey6 = int(unsafe.Sizeof(NatKey6{}))

SizeofNatKey6 is the size of the NatKey6 type in bytes.

Variables

This section is empty.

Functions

func DeleteMapping4 added in v1.13.9 

func DeleteMapping4(m *Map, ctKey *tuple.TupleKey4Global) error

func DeleteMapping6 added in v1.13.9 

func DeleteMapping6(m *Map, ctKey *tuple.TupleKey6Global) error

func DeleteSwappedMapping4 added in v1.13.9 

func DeleteSwappedMapping4(m *Map, ctKey *tuple.TupleKey4Global) error

Expects ingress tuple

func DeleteSwappedMapping6 added in v1.13.9 

func DeleteSwappedMapping6(m *Map, ctKey *tuple.TupleKey6Global) error

Expects ingress tuple

func DoDumpEntries 

func DoDumpEntries(m NatMap) (string, error)

DoDumpEntries iterates through Map m and writes the values of the nat entries in m to a string.

func DumpEntriesWithTimeDiff added in v1.14.5 

func DumpEntriesWithTimeDiff(m NatMap, clockSource *models.ClockSource) (string, error)

DumpEntriesWithTimeDiff iterates through Map m and writes the values of the nat entries in m to a string. If clockSource is not nil, it uses it to compute the time difference of each entry from now and prints that too.

func InitDummyPerClusterNATMaps added in v1.14.0 

func InitDummyPerClusterNATMaps(ipv4, ipv6 bool, innerMapEntries int) error

func InitPerClusterNATMaps added in v1.14.0 

func InitPerClusterNATMaps(outerMapNamePrefix string, ipv4, ipv6 bool, innerMapEntries int) error

Types

type Map 

type Map struct {
	bpf.Map
	// contains filtered or unexported fields
}

Map represents a NAT map. It also implements the NatMap interface.

func ClusterMaps 

func ClusterMaps(clusterID uint32, ipv4, ipv6 bool) (ipv4Map, ipv6Map *Map, err error)

ClusterMaps returns all NAT maps for given clusters

func GlobalMaps 

func GlobalMaps(ipv4, ipv6, nodeport bool) (ipv4Map, ipv6Map *Map)

GlobalMaps returns all global NAT maps.

func NewMap 

func NewMap(name string, v4 bool, entries int) *Map

NewMap instantiates a Map.

func (*Map) Delete 

func (m *Map) Delete(k bpf.MapKey) (deleted bool, err error)

func (*Map) DumpEntries 

func (m *Map) DumpEntries() (string, error)

DumpEntries iterates through Map m and writes the values of the nat entries in m to a string.

func (*Map) DumpReliablyWithCallback 

func (m *Map) DumpReliablyWithCallback(cb bpf.DumpCallback, stats *bpf.DumpStats) error

func (*Map) DumpStats 

func (m *Map) DumpStats() *bpf.DumpStats

func (*Map) Flush 

func (m *Map) Flush() int

Flush deletes all NAT mappings from the given table.

type NatEntry 

type NatEntry interface {
	bpf.MapValue

	// ToHost converts fields to host byte order.
	ToHost() NatEntry

	// Dumps the Nat entry as string.
	Dump(key NatKey, toDeltaSecs func(uint64) string) string
}

NatEntry is the interface describing values to the NAT map.

type NatEntry4 

type NatEntry4 struct {
	Created uint64     `align:"created"`
	NeedsCT uint64     `align:"needs_ct"`
	Pad1    uint64     `align:"pad1"`
	Pad2    uint64     `align:"pad2"`
	Addr    types.IPv4 `align:"to_saddr"`
	Port    uint16     `align:"to_sport"`
	// contains filtered or unexported fields
}

NatEntry4 represents an IPv4 entry in the NAT table.

func (*NatEntry4) Dump 

func (n *NatEntry4) Dump(key NatKey, toDeltaSecs func(uint64) string) string

Dump dumps NAT entry to string.

func (*NatEntry4) New 

func (n *NatEntry4) New() bpf.MapValue

func (*NatEntry4) String 

func (n *NatEntry4) String() string

String returns the readable format.

func (*NatEntry4) ToHost 

func (n *NatEntry4) ToHost() NatEntry

ToHost converts NatEntry4 ports to host byte order.

type NatEntry6 

type NatEntry6 struct {
	Created uint64     `align:"created"`
	NeedsCT uint64     `align:"needs_ct"`
	Pad1    uint64     `align:"pad1"`
	Pad2    uint64     `align:"pad2"`
	Addr    types.IPv6 `align:"to_saddr"`
	Port    uint16     `align:"to_sport"`
	// contains filtered or unexported fields
}

NatEntry6 represents an IPv6 entry in the NAT table.

func (*NatEntry6) Dump 

func (n *NatEntry6) Dump(key NatKey, toDeltaSecs func(uint64) string) string

Dump dumps NAT entry to string.

func (*NatEntry6) New 

func (n *NatEntry6) New() bpf.MapValue

func (*NatEntry6) String 

func (n *NatEntry6) String() string

String returns the readable format.

func (*NatEntry6) ToHost 

func (n *NatEntry6) ToHost() NatEntry

ToHost converts NatEntry4 ports to host byte order.

type NatKey 

type NatKey interface {
	bpf.MapKey

	// ToNetwork converts fields to network byte order.
	ToNetwork() NatKey

	// ToHost converts fields to host byte order.
	ToHost() NatKey

	// Dump contents of key to sb. Returns true if successful.
	Dump(sb *strings.Builder, reverse bool) bool

	// GetFlags flags containing the direction of the TupleKey.
	GetFlags() uint8

	// GetNextHeader returns the proto of the NatKey
	GetNextHeader() u8proto.U8proto
}

type NatKey4 

type NatKey4 struct {
	tuple.TupleKey4Global
}

NatKey4 is needed to provide NatEntry type to Lookup values

func (*NatKey4) GetNextHeader 

func (k *NatKey4) GetNextHeader() u8proto.U8proto

func (*NatKey4) New 

func (k *NatKey4) New() bpf.MapKey

func (*NatKey4) ToHost 

func (k *NatKey4) ToHost() NatKey

ToHost converts ports to host byte order.

This is necessary to prevent callers from implicitly converting the NatKey4 type here into a local key type in the nested TupleKey4Global field.

func (*NatKey4) ToNetwork 

func (k *NatKey4) ToNetwork() NatKey

ToNetwork converts ports to network byte order.

This is necessary to prevent callers from implicitly converting the NatKey4 type here into a local key type in the nested TupleKey4Global field.

type NatKey6 

type NatKey6 struct {
	tuple.TupleKey6Global
}

NatKey6 is needed to provide NatEntry type to Lookup values

func (*NatKey6) GetNextHeader 

func (k *NatKey6) GetNextHeader() u8proto.U8proto

func (*NatKey6) New 

func (k *NatKey6) New() bpf.MapKey

func (*NatKey6) ToHost 

func (k *NatKey6) ToHost() NatKey

ToHost converts ports to host byte order.

This is necessary to prevent callers from implicitly converting the NatKey6 type here into a local key type in the nested TupleKey6Global field.

func (*NatKey6) ToNetwork 

func (k *NatKey6) ToNetwork() NatKey

ToNetwork converts ports to network byte order.

This is necessary to prevent callers from implicitly converting the NatKey6 type here into a local key type in the nested TupleKey6Global field.

type NatMap 

type NatMap interface {
	Open() error
	Close() error
	Path() (string, error)
	DumpEntries() (string, error)
	DumpWithCallback(bpf.DumpCallback) error
}

NatMap interface represents a NAT map, and can be reused to implement mock maps for unit tests.

type NatMapRecord 

type NatMapRecord struct {
	Key   NatKey
	Value NatEntry
}

A "Record" designates a map entry (key + value), but avoid "entry" because of possible confusion with "NatEntry" (actually the value part). This type is used for JSON dump and mock maps.

type PerClusterNATMap added in v1.14.0 

type PerClusterNATMap struct {
	*bpf.Map
	// contains filtered or unexported fields
}

A map-in-map that holds per-cluster NAT maps.

type PerClusterNATMapKey 

type PerClusterNATMapKey struct {
	ClusterID uint32
}

func (*PerClusterNATMapKey) New 

func (n *PerClusterNATMapKey) New() bpf.MapKey

func (*PerClusterNATMapKey) String 

func (k *PerClusterNATMapKey) String() string

type PerClusterNATMapVal 

type PerClusterNATMapVal struct {
	Fd uint32
}

func (*PerClusterNATMapVal) New 

func (n *PerClusterNATMapVal) New() bpf.MapValue

func (*PerClusterNATMapVal) String 

func (v *PerClusterNATMapVal) String() string

type PerClusterNATMapper 

type PerClusterNATMapper interface {
	UpdateClusterNATMaps(clusterID uint32) error
	DeleteClusterNATMaps(clusterID uint32) error
	GetClusterNATMap(clusterID uint32, v4 bool) (*Map, error)
	Cleanup()
}

An interface to interact with the global map. 

var PerClusterNATMaps PerClusterNATMapper

Global interface to interact with IPv4 and v6 NAT maps. We can choose the implementation of this at startup time by choosing InitPerClusterNATMaps or InitDummyPerClusterNATMaps for initialization.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.