The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FQDNCache ¶ added in v1.2.0
type FQDNCache interface {
GetSetsForRendering(fqdns []firewallv1.FQDNSelector) (result []dns.RenderIPSet)
GetSetsForFQDN(fqdn firewallv1.FQDNSelector, fqdnSets []firewallv1.IPSet) (result []firewallv1.IPSet)
IsInitialized() bool
}
type Firewall ¶
type Firewall struct {
// contains filtered or unexported fields
}
Firewall assembles nftable rules based on k8s entities
func NewDefaultFirewall ¶ added in v0.1.4
func NewDefaultFirewall() *Firewall
NewDefaultFirewall creates a new default nftables firewall.
func NewFirewall ¶
func NewFirewall( firewall firewallv1.Firewall, cwnps *firewallv1.ClusterwideNetworkPolicyList, svcs *corev1.ServiceList, cache FQDNCache, log logr.Logger, ) *Firewall
NewFirewall creates a new nftables firewall object based on k8s entities
func (*Firewall) Flush ¶ added in v0.1.4
Flush flushes the nftables rules that were deduced from a k8s resources after that the firewall is a "plain metal firewall" with default policy accept in the forward chain.
func (*Firewall) Reconcile ¶
Reconcile drives the nftables firewall against the desired state by comparison with the current rule file.
func (*Firewall) ReconcileNetconfTables ¶ added in v1.2.0
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.