iptables

package

v0.0.0-...-330f3ae Latest Latest Go to latest Published: Jan 27, 2021 License: BSD-3-Clause Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nokia/danm-utils

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type IptablesProvisioner
- func NewIptablesProvisioner() *IptablesProvisioner
- func (iptabProv *IptablesProvisioner) AddRulesToNewPod(ruleSet *poltypes.NetRuleSet, pod *corev1.Pod)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	DefaultInputRules = poltypes.NetRuleChain{
		Name: string(k8stables.ChainInput), Rules: []poltypes.NetRule{

			poltypes.NetRule{SourceIface: "lo", Operation: poltypes.IptablesAccept},

			poltypes.NetRule{State: poltypes.StateEstablishedRelated, Operation: poltypes.IptablesAccept},
			poltypes.NetRule{Operation: poltypes.IptablesReject},
		},
	}
	DefaultOutputRules = poltypes.NetRuleChain{
		Name: string(k8stables.ChainOutput), Rules: []poltypes.NetRule{

			poltypes.NetRule{DestIface: "lo", Operation: poltypes.IptablesAccept},

			poltypes.NetRule{State: poltypes.StateEstablishedRelated, Operation: poltypes.IptablesAccept},

			poltypes.NetRule{Protocol: "tcp", DestPort: "53", State: poltypes.StateNewEstablished, Operation: poltypes.IptablesAccept},
			poltypes.NetRule{Protocol: "udp", DestPort: "53", State: poltypes.StateNewEstablished, Operation: poltypes.IptablesAccept},
			poltypes.NetRule{Operation: poltypes.IptablesReject},
		},
	}
	DefaultForwardRules = poltypes.NetRuleChain{
		Name: string(k8stables.ChainForward), Rules: []poltypes.NetRule{
			poltypes.NetRule{Operation: poltypes.IptablesReject},
		},
	}
	JumpToV4IngressRule = poltypes.NetRuleChain{
		Name: string(k8stables.ChainInput), Rules: []poltypes.NetRule{
			poltypes.NetRule{Operation: poltypes.IngressV4ChainName},
		},
	}
	JumpToV4EgressRule = poltypes.NetRuleChain{
		Name: string(k8stables.ChainOutput), Rules: []poltypes.NetRule{
			poltypes.NetRule{Operation: poltypes.EgressV4ChainName},
		},
	}
	JumpToV6IngressRule = poltypes.NetRuleChain{
		Name: string(k8stables.ChainInput), Rules: []poltypes.NetRule{
			poltypes.NetRule{Operation: poltypes.IngressV6ChainName},
		},
	}
	JumpToV6EgressRule = poltypes.NetRuleChain{
		Name: string(k8stables.ChainOutput), Rules: []poltypes.NetRule{
			poltypes.NetRule{Operation: poltypes.EgressV6ChainName},
		},
	}
	DefaultReturnRule = poltypes.NetRule{
		Operation: poltypes.IptablesReturn,
	}
)

Functions ¶

This section is empty.

Types ¶

type IptablesProvisioner ¶

type IptablesProvisioner struct {
	V4Provisioner k8stables.Interface
	V6Provisioner k8stables.Interface
}

func NewIptablesProvisioner ¶

func NewIptablesProvisioner() *IptablesProvisioner

func (*IptablesProvisioner) AddRulesToNewPod ¶

func (iptabProv *IptablesProvisioner) AddRulesToNewPod(ruleSet *poltypes.NetRuleSet, pod *corev1.Pod)

Source Files ¶

View all Source files

iptables.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL