Versions in this module Expand all Collapse all v0 v0.8.2 Apr 14, 2017 v0.8.1 Apr 6, 2017 Changes in this version type L4Filter + L7Parser string + L7RedirectPort int + L7Rules []AuxRule v0.8.0 Mar 28, 2017 Changes in this version + const InvalidIdentity + const MinimalNumericIdentity + const NodePathDelimiter + const RootNodeName + const RootPrefix + var CoverageSHASize = len(fmt.Sprintf("%x", sha512.New512_256().Sum(nil))) + var ReservedIdentities = map[string]NumericIdentity + var ReservedIdentityNames = map[NumericIdentity]string + func JoinPath(a, b string) string + func SplitNodePath(fullPath string) (string, string) + type AllowL4 struct + Egress []L4Filter + Ingress []L4Filter + func (l4 *AllowL4) Merge(result *L4Policy) + type AllowRule struct + Action ConsumableDecision + Label labels.Label + func (a *AllowRule) Allows(ctx *SearchContext) ConsumableDecision + func (a *AllowRule) IsMergeable() bool + func (a *AllowRule) String() string + func (a *AllowRule) UnmarshalJSON(data []byte) error + type AuxRule struct + Expr string + type Consumable struct + Consumers map[string]*Consumer + ID NumericIdentity + Iteration int + L4Policy *L4Policy + LabelList []labels.Label + Labels *Identity + Maps map[int]*policymap.PolicyMap + ReverseRules map[NumericIdentity]*Consumer + func NewConsumable(id NumericIdentity, lbls *Identity, cache *ConsumableCache) *Consumable + func (c *Consumable) AddMap(m *policymap.PolicyMap) + func (c *Consumable) AllowConsumer(cache *ConsumableCache, id NumericIdentity) *Consumer + func (c *Consumable) AllowConsumerAndReverse(cache *ConsumableCache, id NumericIdentity) + func (c *Consumable) Allows(id NumericIdentity) bool + func (c *Consumable) BanConsumer(id NumericIdentity) + func (c *Consumable) DeepCopy() *Consumable + func (c *Consumable) Delete() + func (c *Consumable) GetConsumer(id NumericIdentity) *Consumer + func (c *Consumable) GetModel() *models.EndpointPolicy + func (c *Consumable) RemoveMap(m *policymap.PolicyMap) + type ConsumableCache struct + Iteration int + Reserved []*Consumable + func NewConsumableCache() *ConsumableCache + func (c *ConsumableCache) AddReserved(elem *Consumable) + func (c *ConsumableCache) GetOrCreate(id NumericIdentity, lbls *Identity) *Consumable + func (c *ConsumableCache) Lookup(id NumericIdentity) *Consumable + func (c *ConsumableCache) Remove(elem *Consumable) + type ConsumableDecision byte + const ACCEPT + const ALWAYS_ACCEPT + const DENY + const UNDECIDED + func (d *ConsumableDecision) UnmarshalJSON(b []byte) error + func (d ConsumableDecision) MarshalJSON() ([]byte, error) + func (d ConsumableDecision) String() string + type Consumer struct + Decision ConsumableDecision + DeletionMark bool + ID NumericIdentity + Reverse *Consumer + func NewConsumer(id NumericIdentity) *Consumer + func (c *Consumer) DeepCopy() *Consumer + func (c *Consumer) StringID() string + type Identity struct + Endpoints map[string]time.Time + ID NumericIdentity + Labels labels.Labels + func NewIdentity() *Identity + func NewIdentityFromModel(base *models.Identity) *Identity + func (id *Identity) AssociateEndpoint(epID string) + func (id *Identity) DeepCopy() *Identity + func (id *Identity) DisassociateEndpoint(epID string) bool + func (id *Identity) GetModel() *models.Identity + func (id *Identity) RefCount() int + type L4Filter struct + Port int + Protocol string + Redirect string + RedirectPort int + Rules []AuxRule + func (l4 *L4Filter) IsRedirect() bool + func (l4 *L4Filter) Merge(result *L4Policy, m map[string]L4Filter, proto string) + func (l4 *L4Filter) String() string + func (l4 *L4Filter) UnmarshalJSON(data []byte) error + type L4Policy struct + Egress L4PolicyMap + Ingress L4PolicyMap + func NewL4Policy() *L4Policy + func (l4 *L4Policy) DeepCopy() *L4Policy + func (l4 *L4Policy) GetModel() *models.L4Policy + func (l4 *L4Policy) HasRedirect() bool + func (l4 *L4Policy) RequiresConntrack() bool + type L4PolicyMap map[string]L4Filter + func (l4 L4PolicyMap) HasRedirect() bool + type Node struct + Children map[string]*Node + Name string + Parent *Node + Rules []PolicyRule + func NewNode(name string, parent *Node) *Node + func (n *Node) AddChild(name string, child *Node) (bool, error) + func (n *Node) Allows(ctx *SearchContext) ConsumableDecision + func (n *Node) CanMerge(obj *Node) error + func (n *Node) Covers(ctx *SearchContext) bool + func (n *Node) DebugString(level int) string + func (n *Node) HasPolicyRule(pr PolicyRule) bool + func (n *Node) HasRules() bool + func (n *Node) IsMergeable() bool + func (n *Node) JSONMarshal() string + func (n *Node) Merge(obj *Node) (bool, error) + func (n *Node) NormalizeNames(path string) (string, error) + func (n *Node) Path() string + func (n *Node) ResolveL4Policy(ctx *SearchContext, result *L4Policy) *L4Policy + func (n *Node) ResolveName(name string) string + func (n *Node) ResolveTree() error + func (n *Node) UnmarshalJSON(data []byte) error + type NumericIdentity uint32 + const ID_HOST + const ID_UNKNOWN + const ID_WORLD + func GetReservedID(name string) NumericIdentity + func ParseNumericIdentity(id string) (NumericIdentity, error) + func (id NumericIdentity) String() string + func (id NumericIdentity) StringID() string + func (id NumericIdentity) Uint32() uint32 + type PolicyRule interface + CoverageSHA256Sum func() (string, error) + IsMergeable func() bool + Resolve func(node *Node) error + SHA256Sum func() (string, error) + type Privilege byte + const ALLOW + const ALWAYS_ALLOW + const L4 + const REQUIRES + func (p *Privilege) UnmarshalJSON(b []byte) error + func (p Privilege) MarshalJSON() ([]byte, error) + func (p Privilege) String() string + type RuleConsumers struct + Allow []AllowRule + Coverage []labels.Label + func (prc *RuleConsumers) Allows(ctx *SearchContext) ConsumableDecision + func (prc *RuleConsumers) CoverageSHA256Sum() (string, error) + func (prc *RuleConsumers) IsMergeable() bool + func (prc *RuleConsumers) Resolve(node *Node) error + func (prc *RuleConsumers) SHA256Sum() (string, error) + func (prc *RuleConsumers) String() string + type RuleL4 struct + Allow []AllowL4 + Coverage []labels.Label + func (l4 *RuleL4) CoverageSHA256Sum() (string, error) + func (l4 *RuleL4) GetL4Policy(ctx *SearchContext, result *L4Policy) *L4Policy + func (l4 *RuleL4) IsMergeable() bool + func (l4 *RuleL4) Resolve(node *Node) error + func (l4 *RuleL4) SHA256Sum() (string, error) + type RuleRequires struct + Coverage []labels.Label + Requires []labels.Label + func (prr *RuleRequires) Allows(ctx *SearchContext) ConsumableDecision + func (prr *RuleRequires) CoverageSHA256Sum() (string, error) + func (prr *RuleRequires) IsMergeable() bool + func (prr *RuleRequires) Resolve(node *Node) error + func (prr *RuleRequires) SHA256Sum() (string, error) + func (prr *RuleRequires) String() string + type SearchContext struct + Depth int + From []labels.Label + Logging *logging.LogBackend + To []labels.Label + Trace Tracing + func (s *SearchContext) CallDepth() string + func (s *SearchContext) String() string + func (s *SearchContext) TargetCoveredBy(coverage []labels.Label) bool + type SearchContextReply struct + Decision ConsumableDecision + Logging []byte + type Tracing int + const TRACE_DISABLED + const TRACE_ENABLED + const TRACE_VERBOSE + type Tree struct + Mutex sync.RWMutex + Root *Node + func (t *Tree) Add(parentPath string, node *Node) (bool, error) + func (t *Tree) Allows(ctx *SearchContext) ConsumableDecision + func (t *Tree) Delete(path string, coverage string) bool + func (t *Tree) Lookup(path string) (node, parent *Node) + func (t *Tree) ResolveL4Policy(ctx *SearchContext) *L4Policy
Go to main page