Documentation
¶
Overview ¶
Copyright 2020- IBM Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0
Copyright 2020- IBM Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0
Index ¶
- Constants
- type Details
- type Dimension
- type Set
- func (c *Set) ContainedIn(other *Set) bool
- func (c *Set) Copy() *Set
- func (c *Set) EnhancedString() string
- func (c *Set) Equal(other *Set) bool
- func (c *Set) Intersect(other *Set) *Set
- func (c *Set) IsAll() bool
- func (c *Set) IsEmpty() bool
- func (c *Set) ShortString() string
- func (c *Set) String() string
- func (c *Set) Subtract(other *Set) *Set
- func (c *Set) Union(other *Set) *Set
- func (c *Set) WithStatefulness(secondDirectionConn *Set) *Set
- type StatefulState
Constants ¶
const ( TCPCode = 0 UDPCode = 1 ICMPCode = 2 MinICMPType int64 = 0 MaxICMPType int64 = netp.InformationReply MinICMPCode int64 = 0 MaxICMPCode int64 = 5 MinPort = 1 MaxPort = netp.MaxPort )
const ( AllConnections = "All Connections" NoConnections = "No Connections" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Set ¶
type Set struct {
IsStateful StatefulState
// contains filtered or unexported fields
}
func ICMPConnection ¶
func TCPorUDPConnection ¶
func TCPorUDPConnection(protocol netp.ProtocolString, srcMinP, srcMaxP, dstMinP, dstMaxP int64) *Set
func (*Set) ContainedIn ¶
ContainedIn returns true if c is subset of other
func (*Set) EnhancedString ¶
EnhancedString returns a connection string with possibly added asterisk for stateless connection
func (*Set) ShortString ¶ added in v0.3.2
String() returns a string representation of a Set object
func (*Set) Subtract ¶
Subtract ToDo: Subtract seems to ignore IsStateful (see https://github.com/np-guard/vpc-network-config-analyzer/issues/199):
- is the delta connection stateful
- connectionProperties is identical but c stateful while other is not the 2nd item can be computed here, with enhancement to relevant structure the 1st can not since we do not know where exactly the statefulness came from
func (*Set) WithStatefulness ¶
WithStatefulness updates `c` object with `IsStateful` property, based on input `secondDirectionConn`. `c` represents a src-to-dst connection, and `secondDirectionConn` represents dst-to-src connection. The property `IsStateful` of `c` is set as `StatefulFalse` if there is at least some subset within TCP from `c` which is not stateful (such that the response direction for this subset is not enabled). This function also returns a connection object with the exact subset of the stateful part (within TCP) from the entire connection `c`, and with the original connections on other protocols.
type StatefulState ¶
type StatefulState int
default is StatefulUnknown
const ( // StatefulUnknown is the default value for a Set object, StatefulUnknown StatefulState = 0 // StatefulTrue represents a connection object for which any allowed TCP (on all allowed src/dst ports) // has an allowed response connection StatefulTrue StatefulState = 1 // StatefulFalse represents a connection object for which there exists some allowed TCP // (on any allowed subset from the allowed src/dst ports) that does not have an allowed response connection StatefulFalse StatefulState = 2 )
Source Files