Documentation ¶
Index ¶
- func Apply(whitelist, blacklist FilterFuncs, ev *v1.Event) bool
- type CELExpressionFilter
- type DropReasonDescFilter
- type EventTypeFilter
- type FQDNFilter
- type FilterFunc
- type FilterFuncs
- type HTTPFilter
- type IPFilter
- type IPVersionFilter
- type IdentityFilter
- type LabelsFilter
- type NetworkInterfaceFilter
- type NodeNameFilter
- type OnBuildFilter
- type OnBuildFilterFunc
- type PodFilter
- type PortFilter
- type ProtocolFilter
- type ReplyFilter
- type ServiceFilter
- type TCPFilter
- type TraceIDFilter
- type TrafficDirectionFilter
- type UUIDFilter
- type VerdictFilter
- type WorkloadFilter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CELExpressionFilter ¶ added in v1.16.0
type CELExpressionFilter struct {
// contains filtered or unexported fields
}
CELExpressionFilter implements filtering based on CEL (common expression language) expressions
func (*CELExpressionFilter) OnBuildFilter ¶ added in v1.16.0
func (t *CELExpressionFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a CEL expression filter.
type DropReasonDescFilter ¶ added in v1.16.0
type DropReasonDescFilter struct{}
func (*DropReasonDescFilter) OnBuildFilter ¶ added in v1.16.0
func (f *DropReasonDescFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
type EventTypeFilter ¶
type EventTypeFilter struct{}
EventTypeFilter implements filtering based on event type
func (*EventTypeFilter) OnBuildFilter ¶
func (e *EventTypeFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds an event type filter
type FQDNFilter ¶
type FQDNFilter struct{}
FQDNFilter implements filtering based on FQDN information
func (*FQDNFilter) OnBuildFilter ¶
func (f *FQDNFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a FQDN filter
type FilterFunc ¶
FilterFunc is the function will be used to filter the given data. Should return true if the filter is hit, false otherwise.
func FilterByLabelSelectors ¶
func FilterByLabelSelectors(labelSelectors []string, getLabels func(*v1.Event) k8sLabels.Labels) (FilterFunc, error)
FilterByLabelSelectors returns a FilterFunc. The FilterFunc returns true if and only if any of the specified selectors select the event. The caller specifies how to extract labels from the event.
type FilterFuncs ¶
type FilterFuncs []FilterFunc
FilterFuncs is a combination of multiple filters, typically applied together.
func BuildFilter ¶
func BuildFilter(ctx context.Context, ff *flowpb.FlowFilter, auxFilters []OnBuildFilter) (FilterFuncs, error)
BuildFilter builds a filter based on a FlowFilter. It returns:
- the FilterFunc to be used to filter packets based on the requested FlowFilter;
- an error in case something went wrong.
func BuildFilterList ¶
func BuildFilterList(ctx context.Context, ff []*flowpb.FlowFilter, auxFilters []OnBuildFilter) (FilterFuncs, error)
BuildFilterList constructs a list of filter functions representing the list of FlowFilter. It returns:
- the FilterFunc to be used to filter packets based on the requested FlowFilter;
- an error in case something went wrong.
func (FilterFuncs) MatchAll ¶
func (fs FilterFuncs) MatchAll(ev *v1.Event) bool
MatchAll returns true if all the filters match the provided data, i.e. AND.
type HTTPFilter ¶
type HTTPFilter struct{}
HTTPFilter implements filtering based on HTTP metadata
func (*HTTPFilter) OnBuildFilter ¶
func (h *HTTPFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a HTTP filter
type IPFilter ¶
type IPFilter struct{}
IPFilter implements IP addressing filtering for the source and destination address
func (*IPFilter) OnBuildFilter ¶
func (f *IPFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds an IP address filter
type IPVersionFilter ¶
type IPVersionFilter struct{}
IPVersionFilter implements IP version based filtering
func (*IPVersionFilter) OnBuildFilter ¶
func (f *IPVersionFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds an IP version filter
type IdentityFilter ¶
type IdentityFilter struct{}
IdentityFilter implements filtering based on security identity
func (*IdentityFilter) OnBuildFilter ¶
func (i *IdentityFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a security identity filter
type LabelsFilter ¶
type LabelsFilter struct{}
LabelsFilter implements filtering based on labels
func (*LabelsFilter) OnBuildFilter ¶
func (l *LabelsFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a labels filter
type NetworkInterfaceFilter ¶ added in v1.16.0
type NetworkInterfaceFilter struct{}
NetworkInterfaceFilter implements filtering based on flow network interface.
func (*NetworkInterfaceFilter) OnBuildFilter ¶ added in v1.16.0
func (e *NetworkInterfaceFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a a flow network interface filter.
type NodeNameFilter ¶
type NodeNameFilter struct{}
A NodeNameFilter filters on node name.
func (*NodeNameFilter) OnBuildFilter ¶
func (n *NodeNameFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a node name filter.
type OnBuildFilter ¶
type OnBuildFilter interface {
OnBuildFilter(context.Context, *flowpb.FlowFilter) ([]FilterFunc, error)
}
OnBuildFilter is invoked while building a flow filter
func DefaultFilters ¶
func DefaultFilters(log logrus.FieldLogger) []OnBuildFilter
DefaultFilters is the list of default filters
type OnBuildFilterFunc ¶
type OnBuildFilterFunc func(context.Context, *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilterFunc implements OnBuildFilter for a single function
func (OnBuildFilterFunc) OnBuildFilter ¶
func (f OnBuildFilterFunc) OnBuildFilter(ctx context.Context, flow *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter is invoked while building a flow filter
type PodFilter ¶
type PodFilter struct{}
PodFilter implements filtering based on Kubernetes pod names
func (*PodFilter) OnBuildFilter ¶
func (p *PodFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a Kubernetes pod name filter
type PortFilter ¶
type PortFilter struct{}
PortFilter implements filtering based on L4 port numbers
func (*PortFilter) OnBuildFilter ¶
func (p *PortFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a L4 port filter
type ProtocolFilter ¶
type ProtocolFilter struct{}
ProtocolFilter implements filtering based on L4 protocol
func (*ProtocolFilter) OnBuildFilter ¶
func (p *ProtocolFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a L4 protocol filter
type ReplyFilter ¶
type ReplyFilter struct{}
ReplyFilter implements filtering for reply flows
func (*ReplyFilter) OnBuildFilter ¶
func (r *ReplyFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a reply filter
type ServiceFilter ¶
type ServiceFilter struct{}
ServiceFilter implements filtering based on Kubernetes service names
func (*ServiceFilter) OnBuildFilter ¶
func (s *ServiceFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a Kubernetes service name filter
type TCPFilter ¶
type TCPFilter struct{}
TCPFilter implements filtering based on TCP protocol header
func (*TCPFilter) OnBuildFilter ¶
func (p *TCPFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a TCP protocol based filter
type TraceIDFilter ¶
type TraceIDFilter struct{}
TraceIDFilter implements filtering based on trace IDs.
func (*TraceIDFilter) OnBuildFilter ¶
func (t *TraceIDFilter) OnBuildFilter(_ context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a trace ID filter.
type TrafficDirectionFilter ¶
type TrafficDirectionFilter struct{}
TrafficDirectionFilter implements filtering based on flow traffic direction (e.g. ingress or egress).
func (*TrafficDirectionFilter) OnBuildFilter ¶
func (e *TrafficDirectionFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a a flow traffic direction filter.
type UUIDFilter ¶
type UUIDFilter struct{}
UUIDFilter implements filtering based on flow identifiers.
func (*UUIDFilter) OnBuildFilter ¶
func (e *UUIDFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a a flow identifier filter.
type VerdictFilter ¶
type VerdictFilter struct{}
VerdictFilter implements filtering based on forwarding verdict
func (*VerdictFilter) OnBuildFilter ¶
func (v *VerdictFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a forwarding verdict filter
type WorkloadFilter ¶
type WorkloadFilter struct{}
WorkloadFilter implements filtering based on endpoint workload
func (*WorkloadFilter) OnBuildFilter ¶
func (*WorkloadFilter) OnBuildFilter(ctx context.Context, ff *flowpb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds an endpoint workload filter