rules

package
v0.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 13, 2017 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type IPTablesAdapter

type IPTablesAdapter interface {
	Exists(table, chain string, rulespec IPTablesRule) (bool, error)
	Delete(table, chain string, rulespec IPTablesRule) error
	List(table, chain string) ([]string, error)
	NewChain(table, chain string) error
	ClearChain(table, chain string) error
	DeleteChain(table, chain string) error
	BulkInsert(table, chain string, pos int, rulespec ...IPTablesRule) error
	BulkAppend(table, chain string, rulespec ...IPTablesRule) error
}

type IPTablesLocker

type IPTablesLocker struct {
	FileLocker filelock.FileLocker

	Mutex *sync.Mutex
	// contains filtered or unexported fields
}

func (*IPTablesLocker) Lock

func (l *IPTablesLocker) Lock() error

TODO improve test coverage / add a close function to filelocker

func (*IPTablesLocker) Unlock

func (l *IPTablesLocker) Unlock() error

type IPTablesRule

type IPTablesRule []string

func AppendComment

func AppendComment(rule IPTablesRule, comment string) IPTablesRule

func NewAcceptExistingLocalRule

func NewAcceptExistingLocalRule() IPTablesRule

func NewAcceptExistingRemoteRule

func NewAcceptExistingRemoteRule(vni int) IPTablesRule

func NewAcceptRule

func NewAcceptRule() IPTablesRule

func NewDefaultDenyLocalRule

func NewDefaultDenyLocalRule(localSubnet string) IPTablesRule

func NewDefaultDenyRemoteRule

func NewDefaultDenyRemoteRule(vni int) IPTablesRule

func NewDefaultEgressRule

func NewDefaultEgressRule(localSubnet, deviceName string) IPTablesRule

func NewIngressMarkRule

func NewIngressMarkRule(hostInterface string, hostPort int, hostIP, tag string) IPTablesRule

func NewInputAllowRule

func NewInputAllowRule(containerIP, protocol, destination string, destPort int) IPTablesRule

func NewInputDefaultRejectRule

func NewInputDefaultRejectRule(subnet string) IPTablesRule

func NewInputRelatedEstablishedRule

func NewInputRelatedEstablishedRule(subnet string) IPTablesRule

func NewLogLocalRejectRule

func NewLogLocalRejectRule(localSubnet string) IPTablesRule

func NewLogRemoteRejectRule

func NewLogRemoteRejectRule(vni int) IPTablesRule

func NewLogRule

func NewLogRule(rule IPTablesRule, name string) IPTablesRule

func NewMarkAllowRule

func NewMarkAllowRule(destinationIP, protocol string, port int, tag string, sourceAppGUID, destinationAppGUID string) IPTablesRule

func NewMarkLogRule

func NewMarkLogRule(destinationIP, protocol string, port int, tag string, destinationAppGUID string) IPTablesRule

func NewMarkSetRule

func NewMarkSetRule(sourceIP, tag, appGUID string) IPTablesRule

func NewNetOutDefaultLogRule

func NewNetOutDefaultLogRule(prefix string) IPTablesRule

func NewNetOutDefaultRejectLogRule

func NewNetOutDefaultRejectLogRule(containerHandle, subnet, deviceName string) IPTablesRule

func NewNetOutDefaultRejectRule

func NewNetOutDefaultRejectRule(subnet, deviceName string) IPTablesRule

func NewNetOutICMPLogRule

func NewNetOutICMPLogRule(containerIP, startIP, endIP string, icmpType, icmpCode int, chain string) IPTablesRule

func NewNetOutICMPRule

func NewNetOutICMPRule(containerIP, startIP, endIP string, icmpType, icmpCode int) IPTablesRule

func NewNetOutLogRule

func NewNetOutLogRule(containerIP, startIP, endIP, chain string) IPTablesRule

func NewNetOutRelatedEstablishedRule

func NewNetOutRelatedEstablishedRule(subnet string) IPTablesRule

func NewNetOutRule

func NewNetOutRule(containerIP, startIP, endIP string) IPTablesRule

func NewNetOutWithPortsLogRule

func NewNetOutWithPortsLogRule(containerIP, startIP, endIP string, startPort, endPort int, protocol, chain string) IPTablesRule

func NewNetOutWithPortsRule

func NewNetOutWithPortsRule(containerIP, startIP, endIP string, startPort, endPort int, protocol string) IPTablesRule

func NewOverlayAllowEgress

func NewOverlayAllowEgress(deviceName, containerIP string) IPTablesRule

func NewOverlayDefaultRejectLogRule

func NewOverlayDefaultRejectLogRule(containerHandle, containerIP string) IPTablesRule

func NewOverlayDefaultRejectRule

func NewOverlayDefaultRejectRule(containerIP string) IPTablesRule

func NewOverlayRelatedEstablishedRule

func NewOverlayRelatedEstablishedRule(containerIP string) IPTablesRule

func NewOverlayTagAcceptRule

func NewOverlayTagAcceptRule(containerIP, tag string) IPTablesRule

func NewPortForwardingRule

func NewPortForwardingRule(hostPort, containerPort int, hostIP, containerIP string) IPTablesRule

type LockedIPTables

type LockedIPTables struct {
	IPTables iptables
	Locker   locker
	Restorer restorer
}

func (*LockedIPTables) BulkAppend

func (l *LockedIPTables) BulkAppend(table, chain string, rulespec ...IPTablesRule) error

func (*LockedIPTables) BulkInsert

func (l *LockedIPTables) BulkInsert(table, chain string, pos int, rulespec ...IPTablesRule) error

func (*LockedIPTables) ClearChain

func (l *LockedIPTables) ClearChain(table, chain string) error

func (*LockedIPTables) Delete

func (l *LockedIPTables) Delete(table, chain string, rulespec IPTablesRule) error

func (*LockedIPTables) DeleteChain

func (l *LockedIPTables) DeleteChain(table, chain string) error

func (*LockedIPTables) Exists

func (l *LockedIPTables) Exists(table, chain string, rulespec IPTablesRule) (bool, error)

func (*LockedIPTables) List

func (l *LockedIPTables) List(table, chain string) ([]string, error)

func (*LockedIPTables) NewChain

func (l *LockedIPTables) NewChain(table, chain string) error

type Restorer

type Restorer struct{}

func (*Restorer) Restore

func (r *Restorer) Restore(input string) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL