rules

package
v0.20.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2017 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type IPTablesAdapter added in v0.7.0 

type IPTablesAdapter interface {
	Exists(table, chain string, rulespec IPTablesRule) (bool, error)
	Delete(table, chain string, rulespec IPTablesRule) error
	List(table, chain string) ([]string, error)
	NewChain(table, chain string) error
	ClearChain(table, chain string) error
	DeleteChain(table, chain string) error
	BulkInsert(table, chain string, pos int, rulespec ...IPTablesRule) error
	BulkAppend(table, chain string, rulespec ...IPTablesRule) error
}

type IPTablesLocker added in v0.7.0 

type IPTablesLocker struct {
	FileLocker filelock.FileLocker

	Mutex *sync.Mutex
	// contains filtered or unexported fields
}

func (*IPTablesLocker) Lock added in v0.7.0 

func (l *IPTablesLocker) Lock() error

TODO improve test coverage / add a close function to filelocker

func (*IPTablesLocker) Unlock added in v0.7.0 

func (l *IPTablesLocker) Unlock() error

type IPTablesRule added in v0.7.0 

type IPTablesRule []string

func AppendComment added in v0.7.0 

func AppendComment(rule IPTablesRule, comment string) IPTablesRule

func NewAcceptExistingLocalRule 

func NewAcceptExistingLocalRule() IPTablesRule

func NewAcceptExistingRemoteRule 

func NewAcceptExistingRemoteRule(vni int) IPTablesRule

func NewDefaultDenyLocalRule 

func NewDefaultDenyLocalRule(localSubnet string) IPTablesRule

func NewDefaultDenyRemoteRule 

func NewDefaultDenyRemoteRule(vni int) IPTablesRule

func NewDefaultEgressRule 

func NewDefaultEgressRule(localSubnet, overlayNetwork string) IPTablesRule

func NewInputAllowRule added in v0.19.0 

func NewInputAllowRule(containerIP, protocol, destination string, destPort int) IPTablesRule

func NewInputDefaultRejectRule added in v0.10.0 

func NewInputDefaultRejectRule(subnet string) IPTablesRule

func NewInputRelatedEstablishedRule added in v0.10.0 

func NewInputRelatedEstablishedRule(subnet string) IPTablesRule

func NewLogLocalRejectRule added in v0.10.0 

func NewLogLocalRejectRule(localSubnet string) IPTablesRule

func NewLogRemoteRejectRule added in v0.10.0 

func NewLogRemoteRejectRule(vni int) IPTablesRule

func NewLogRule 

func NewLogRule(rule IPTablesRule, name string) IPTablesRule

func NewMarkAllowRule 

func NewMarkAllowRule(destinationIP, protocol string, port int, tag string, sourceAppGUID, destinationAppGUID string) IPTablesRule

func NewMarkLogRule added in v0.11.0 

func NewMarkLogRule(destinationIP, protocol string, port int, tag string, destinationAppGUID string) IPTablesRule

func NewMarkSetRule 

func NewMarkSetRule(sourceIP, tag, appGUID string) IPTablesRule

func NewNetOutDefaultLogRule added in v0.7.0 

func NewNetOutDefaultLogRule(prefix string) IPTablesRule

func NewNetOutDefaultRejectLogRule added in v0.19.0 

func NewNetOutDefaultRejectLogRule(containerHandle, subnet, overlayNetwork string) IPTablesRule

func NewNetOutDefaultRejectRule 

func NewNetOutDefaultRejectRule(subnet, overlayNetwork string) IPTablesRule

func NewNetOutICMPLogRule added in v0.20.0 

func NewNetOutICMPLogRule(containerIP, startIP, endIP string, icmpType, icmpCode int, chain string) IPTablesRule

func NewNetOutICMPRule added in v0.20.0 

func NewNetOutICMPRule(containerIP, startIP, endIP string, icmpType, icmpCode int) IPTablesRule

func NewNetOutLogRule added in v0.7.0 

func NewNetOutLogRule(containerIP, startIP, endIP, chain string) IPTablesRule

func NewNetOutRelatedEstablishedRule 

func NewNetOutRelatedEstablishedRule(subnet, overlayNetwork string) IPTablesRule

func NewNetOutRule 

func NewNetOutRule(containerIP, startIP, endIP string) IPTablesRule

func NewNetOutWithPortsLogRule added in v0.7.0 

func NewNetOutWithPortsLogRule(containerIP, startIP, endIP string, startPort, endPort int, protocol, chain string) IPTablesRule

func NewNetOutWithPortsRule 

func NewNetOutWithPortsRule(containerIP, startIP, endIP string, startPort, endPort int, protocol string) IPTablesRule

func NewReturnRule added in v0.7.0 

func NewReturnRule() IPTablesRule

type LockedIPTables added in v0.7.0 

type LockedIPTables struct {
	IPTables iptables
	Locker   locker
	Restorer restorer
}

func (*LockedIPTables) BulkAppend added in v0.7.0 

func (l *LockedIPTables) BulkAppend(table, chain string, rulespec ...IPTablesRule) error

func (*LockedIPTables) BulkInsert added in v0.7.0 

func (l *LockedIPTables) BulkInsert(table, chain string, pos int, rulespec ...IPTablesRule) error

func (*LockedIPTables) ClearChain added in v0.7.0 

func (l *LockedIPTables) ClearChain(table, chain string) error

func (*LockedIPTables) Delete added in v0.7.0 

func (l *LockedIPTables) Delete(table, chain string, rulespec IPTablesRule) error

func (*LockedIPTables) DeleteChain added in v0.7.0 

func (l *LockedIPTables) DeleteChain(table, chain string) error

func (*LockedIPTables) Exists added in v0.7.0 

func (l *LockedIPTables) Exists(table, chain string, rulespec IPTablesRule) (bool, error)

func (*LockedIPTables) List added in v0.7.0 

func (l *LockedIPTables) List(table, chain string) ([]string, error)

func (*LockedIPTables) NewChain added in v0.7.0 

func (l *LockedIPTables) NewChain(table, chain string) error

type Restorer added in v0.7.0 

type Restorer struct{}

func (*Restorer) Restore added in v0.7.0 

func (r *Restorer) Restore(input string) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.