nftables

package
v0.1.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 26, 2020 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Firewall 

type Firewall struct {
	Ingress          []string
	Egress           []string
	RateLimits       []firewallv1.RateLimit
	Ipv4RuleFile     string
	DryRun           bool
	InternalPrefixes string

	PrivateVrfID int64
	// contains filtered or unexported fields
}

Firewall assembles nftable rules based on k8s entities

func NewDefaultFirewall added in v0.1.4 

func NewDefaultFirewall(vrfID int64) *Firewall

NewDefaultFirewall creates a new default nftables firewall.

func NewFirewall 

func NewFirewall(nps *firewallv1.ClusterwideNetworkPolicyList, svcs *corev1.ServiceList, spec firewallv1.FirewallSpec, vrfID int64) *Firewall

NewFirewall creates a new nftables firewall object based on k8s entities

func (*Firewall) Flush added in v0.1.4 

func (f *Firewall) Flush() error

Flush flushes the nftables rules that were deduced from a k8s resources after that the firewall is a "plain metal firewall" with default policy accept in the forward chain.

func (*Firewall) Reconcile 

func (f *Firewall) Reconcile() error

Reconcile drives the nftables firewall against the desired state by comparison with the current rule file.

Source Files

View all Source files

Directories

Path Synopsis
Package statik provides vfs access to static content content here is generated with the statik command from the make process.
 Package statik provides vfs access to static content content here is generated with the statik command from the make process.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.