Documentation ¶
Index ¶
- Variables
- func Apply(whitelist, blacklist FilterFuncs, ev *v1.Event) bool
- type EventTypeFilter
- type FQDNFilter
- type FilterFunc
- type FilterFuncs
- type HTTPFilter
- type IPFilter
- type IdentityFilter
- type LabelsFilter
- type OnBuildFilter
- type OnBuildFilterFunc
- type PodFilter
- type PortFilter
- type ProtocolFilter
- type ReplyFilter
- type ServiceFilter
- type VerdictFilter
Constants ¶
This section is empty.
Variables ¶
var DefaultFilters = []OnBuildFilter{ &EventTypeFilter{}, &VerdictFilter{}, &ReplyFilter{}, &IdentityFilter{}, &ProtocolFilter{}, &IPFilter{}, &PodFilter{}, &ServiceFilter{}, &FQDNFilter{}, &LabelsFilter{}, &PortFilter{}, &HTTPFilter{}, }
DefaultFilters is the list of default filters
Functions ¶
Types ¶
type EventTypeFilter ¶
type EventTypeFilter struct{}
EventTypeFilter implements filtering based on event type
func (*EventTypeFilter) OnBuildFilter ¶
func (e *EventTypeFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds an event type filter
type FQDNFilter ¶
type FQDNFilter struct{}
FQDNFilter implements filtering based on FQDN information
func (*FQDNFilter) OnBuildFilter ¶
func (f *FQDNFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a FQDN filter
type FilterFunc ¶
FilterFunc is the function will be used to filter the given data. Should return true if the filter is hit, false otherwise.
type FilterFuncs ¶
type FilterFuncs []FilterFunc
FilterFuncs is a combination of multiple filters, typically applied together.
func BuildFilter ¶
func BuildFilter(ctx context.Context, ff *pb.FlowFilter, auxFilters []OnBuildFilter) (FilterFuncs, error)
BuildFilter builds a filter based on a FlowFilter. It returns:
- the FilterFunc to be used to filter packets based on the requested FlowFilter;
- an error in case something went wrong.
func BuildFilterList ¶
func BuildFilterList(ctx context.Context, ff []*pb.FlowFilter, auxFilters []OnBuildFilter) (FilterFuncs, error)
BuildFilterList constructs a list of filter functions representing the list of FlowFilter. It returns:
- the FilterFunc to be used to filter packets based on the requested FlowFilter;
- an error in case something went wrong.
func (FilterFuncs) MatchAll ¶
func (fs FilterFuncs) MatchAll(ev *v1.Event) bool
MatchAll returns true if all the filters match the provided data, i.e. AND.
type HTTPFilter ¶
type HTTPFilter struct{}
HTTPFilter implements filtering based on HTTP metadata
func (*HTTPFilter) OnBuildFilter ¶
func (h *HTTPFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a HTTP filter
type IPFilter ¶
type IPFilter struct{}
IPFilter implements IP addressing filtering for the source and destination address
func (*IPFilter) OnBuildFilter ¶
func (f *IPFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds an IP address filter
type IdentityFilter ¶
type IdentityFilter struct{}
IdentityFilter implements filtering based on security identity
func (*IdentityFilter) OnBuildFilter ¶
func (i *IdentityFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a security identity filter
type LabelsFilter ¶
type LabelsFilter struct{}
LabelsFilter implements filtering based on labels
func (*LabelsFilter) OnBuildFilter ¶
func (l *LabelsFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a labels filter
type OnBuildFilter ¶
type OnBuildFilter interface {
OnBuildFilter(context.Context, *pb.FlowFilter) ([]FilterFunc, error)
}
OnBuildFilter is invoked while building a flow filter
type OnBuildFilterFunc ¶
type OnBuildFilterFunc func(context.Context, *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilterFunc implements OnBuildFilter for a single function
func (OnBuildFilterFunc) OnBuildFilter ¶
func (f OnBuildFilterFunc) OnBuildFilter(ctx context.Context, flow *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter is invoked while building a flow filter
type PodFilter ¶
type PodFilter struct{}
PodFilter implements filtering based on Kubernetes pod names
func (*PodFilter) OnBuildFilter ¶
func (p *PodFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a Kubernetes pod name filter
type PortFilter ¶
type PortFilter struct{}
PortFilter implements filtering based on L4 port numbers
func (*PortFilter) OnBuildFilter ¶
func (p *PortFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a L4 port filter
type ProtocolFilter ¶
type ProtocolFilter struct{}
ProtocolFilter implements filtering based on L4 protocol
func (*ProtocolFilter) OnBuildFilter ¶
func (p *ProtocolFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a L4 protocol filter
type ReplyFilter ¶
type ReplyFilter struct{}
ReplyFilter implements filtering for reply flows
func (*ReplyFilter) OnBuildFilter ¶
func (r *ReplyFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a reply filter
type ServiceFilter ¶
type ServiceFilter struct{}
ServiceFilter implements filtering based on Kubernetes service names
func (*ServiceFilter) OnBuildFilter ¶
func (s *ServiceFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a Kubernetes service name filter
type VerdictFilter ¶
type VerdictFilter struct{}
VerdictFilter implements filtering based on forwarding verdict
func (*VerdictFilter) OnBuildFilter ¶
func (v *VerdictFilter) OnBuildFilter(_ context.Context, ff *pb.FlowFilter) ([]FilterFunc, error)
OnBuildFilter builds a forwarding verdict filter