schema

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2023 License: Apache-2.0 Imports: 2 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	TypeFilter = "filter"
	TypeNAT    = "nat"
	TypeRoute  = "route"
)

Chain Types

View Source 
const (
	HookPreRouting  = "prerouting"
	HookInput       = "input"
	HookOutput      = "output"
	HookForward     = "forward"
	HookPostRouting = "postrouting"
	HookIngress     = "ingress"
)

Chain Hooks

View Source 
const (
	PolicyAccept = "accept"
	PolicyDrop   = "drop"
)

Chain Policies

View Source 
const (
	NATFlagRandom      = "random"
	NATFlagFullyRandom = "fully-random"
	NATFlagPersistent  = "persistent"
)

NAT Flags

View Source 
const (
	VerdictAccept   = "accept"
	VerdictContinue = "continue"
	VerdictDrop     = "drop"
	VerdictReturn   = "return"
)

Verdict Operations

View Source 
const (
	OperAND = "&"  // Binary AND
	OperOR  = "|"  // Binary OR
	OperXOR = "^"  // Binary XOR
	OperLSH = "<<" // Left shift
	OperRSH = ">>" // Right shift
	OperEQ  = "==" // Equal
	OperNEQ = "!=" // Not equal
	OperLS  = "<"  // Less than
	OperGR  = ">"  // Greater than
	OperLSE = "<=" // Less than or equal to
	OperGRE = ">=" // Greater than or equal to
	OperIN  = "in" // Perform a lookup, i.e. test if bits on RHS are contained in LHS value
)

Match Operators

View Source 
const (
	PayloadKey = "payload"
	// Ethernet
	PayloadProtocolEther   = "ether"
	PayloadFieldEtherDAddr = "daddr"
	PayloadFieldEtherSAddr = "saddr"
	PayloadFieldEtherType  = "type"

	// IP (common)
	PayloadFieldIPVer   = "version"
	PayloadFieldIPDscp  = "dscp"
	PayloadFieldIPEcn   = "ecn"
	PayloadFieldIPLen   = "length"
	PayloadFieldIPSAddr = "saddr"
	PayloadFieldIPDAddr = "daddr"

	// IPv4
	PayloadProtocolIP4      = "ip"
	PayloadFieldIP4HdrLen   = "hdrlength"
	PayloadFieldIP4Id       = "id"
	PayloadFieldIP4FragOff  = "frag-off"
	PayloadFieldIP4Ttl      = "ttl"
	PayloadFieldIP4Protocol = "protocol"
	PayloadFieldIP4Chksum   = "checksum"

	// IPv6
	PayloadProtocolIP6       = "ip6"
	PayloadFieldIP6FlowLabel = "flowlabel"
	PayloadFieldIP6NextHdr   = "nexthdr"
	PayloadFieldIP6HopLimit  = "hoplimit"
)

Payload Expressions

View Source 
const (
	FamilyIP     = "ip"     // IPv4 address AddressFamily.
	FamilyIP6    = "ip6"    // IPv6 address AddressFamily.
	FamilyINET   = "inet"   // Internet (IPv4/IPv6) address AddressFamily.
	FamilyARP    = "arp"    // ARP address AddressFamily, handling IPv4 ARP packets.
	FamilyBridge = "bridge" // Bridge address AddressFamily, handling packets which traverse a bridge device.
	FamilyNETDEV = "netdev" // Netdev address AddressFamily, handling packets from ingress.
)

Table Address Families

Variables

This section is empty.

Functions

This section is empty.

Types

type Chain 

type Chain struct {
	Family string `json:"family"`
	Table  string `json:"table"`
	Name   string `json:"name"`
	Type   string `json:"type,omitempty"`
	Hook   string `json:"hook,omitempty"`
	Prio   *int   `json:"prio,omitempty"`
	Policy string `json:"policy,omitempty"`
}

type Counter added in v0.2.0 

type Counter struct {
	Packets int `json:"packets"`
	Bytes   int `json:"bytes"`
}

type Dnat added in v0.2.0 

type Dnat struct {
	Addr   *Expression `json:"addr,omitempty"`
	Family *string     `json:"family,omitempty"`
	Port   *Expression `json:"port,omitempty"`
	Flags  *Flags      `json:"flags,omitempty"`
}

type Expression 

type Expression struct {
	String  *string  `json:"-"`
	Bool    *bool    `json:"-"`
	Float64 *float64 `json:"-"`
	Payload *Payload `json:"payload,omitempty"`
	// RowData accepts arbitrary data which cannot be composed from the existing schema.
	// Use `json.RawMessage()` or `[]byte()` for the value.
	// Example:
	// `schema.Expression{RowData: json.RawMessage(`{"meta":{"key":"iifname"}}`)}`
	RowData json.RawMessage `json:"-"`
}

func (Expression) MarshalJSON 

func (e Expression) MarshalJSON() ([]byte, error)

func (*Expression) UnmarshalJSON 

func (e *Expression) UnmarshalJSON(data []byte) error

type Flags added in v0.2.0 

type Flags struct {
	Flags []string `json:"-"`
}

func (Flags) MarshalJSON added in v0.2.0 

func (f Flags) MarshalJSON() ([]byte, error)

func (*Flags) UnmarshalJSON added in v0.2.0 

func (f *Flags) UnmarshalJSON(data []byte) error

type Masquerade added in v0.2.0 

type Masquerade struct {
	Enabled bool        `json:"-"`
	Port    *Expression `json:"port,omitempty"`
	Flags   *Flags      `json:"flags,omitempty"`
}

type Match 

type Match struct {
	Op    string     `json:"op"`
	Left  Expression `json:"left"`
	Right Expression `json:"right"`
}

type Metainfo 

type Metainfo struct {
	Version           string `json:"version"`
	ReleaseName       string `json:"release_name"`
	JsonSchemaVersion int    `json:"json_schema_version"`
}

type Nat added in v0.2.0 

type Nat struct {
	Snat       *Snat       `json:"snat,omitempty"`
	Dnat       *Dnat       `json:"dnat,omitempty"`
	Masquerade *Masquerade `json:"masquerade,omitempty"`
	Redirect   *Redirect   `json:"redirect,omitempty"`
}

type Nftable 

type Nftable struct {
	Table *Table `json:"table,omitempty"`
	Chain *Chain `json:"chain,omitempty"`
	Rule  *Rule  `json:"rule,omitempty"`

	Add    *Objects `json:"add,omitempty"`
	Delete *Objects `json:"delete,omitempty"`
	Flush  *Objects `json:"flush,omitempty"`

	Metainfo *Metainfo `json:"metainfo,omitempty"`
}

type Objects 

type Objects struct {
	Table   *Table `json:"table,omitempty"`
	Chain   *Chain `json:"chain,omitempty"`
	Rule    *Rule  `json:"rule,omitempty"`
	Ruleset bool   `json:"-"`
}

func (Objects) MarshalJSON 

func (o Objects) MarshalJSON() ([]byte, error)

type Payload 

type Payload struct {
	Protocol string `json:"protocol"`
	Field    string `json:"field"`
}

type Redirect added in v0.2.0 

type Redirect struct {
	Enabled bool        `json:"-"`
	Port    *Expression `json:"port,omitempty"`
	Flags   *Flags      `json:"flags,omitempty"`
}

type Root 

type Root struct {
	Nftables []Nftable `json:"nftables"`
}

type Rule 

type Rule struct {
	Family  string      `json:"family"`
	Table   string      `json:"table"`
	Chain   string      `json:"chain"`
	Expr    []Statement `json:"expr,omitempty"`
	Handle  *int        `json:"handle,omitempty"`
	Index   *int        `json:"index,omitempty"`
	Comment string      `json:"comment,omitempty"`
}

type SimpleVerdict 

type SimpleVerdict struct {
	Accept   bool `json:"-"`
	Continue bool `json:"-"`
	Drop     bool `json:"-"`
	Return   bool `json:"-"`
}

type Snat added in v0.2.0 

type Snat struct {
	Addr   *Expression `json:"addr,omitempty"`
	Family *string     `json:"family,omitempty"`
	Port   *Expression `json:"port,omitempty"`
	Flags  *Flags      `json:"flags,omitempty"`
}

type Statement 

type Statement struct {
	Counter *Counter `json:"counter,omitempty"`
	Match   *Match   `json:"match,omitempty"`
	Verdict
	Nat
}

func (Statement) MarshalJSON 

func (s Statement) MarshalJSON() ([]byte, error)

func (*Statement) UnmarshalJSON 

func (s *Statement) UnmarshalJSON(data []byte) error

type Table 

type Table struct {
	Family string `json:"family"`
	Name   string `json:"name"`
}

type ToTarget 

type ToTarget struct {
	Target string `json:"target"`
}

type Verdict 

type Verdict struct {
	SimpleVerdict
	Jump *ToTarget `json:"jump,omitempty"`
	Goto *ToTarget `json:"goto,omitempty"`
}

func Accept 

func Accept() Verdict

func Continue 

func Continue() Verdict

func Drop 

func Drop() Verdict

func Return 

func Return() Verdict

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.