ir

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package ir describes the input-format-agnostic specification of the required connectivity

Index

Constants

View Source 
const AnyCIDR = "0.0.0.0/0"
View Source 
const AnyIP = "0.0.0.0"
View Source 
const DefaultMaxPort = 65535
View Source 
const DefaultMinPort = 1

Variables

This section is empty.

Functions

func ValidateICMP 

func ValidateICMP(t, c int) error

Types

type ACL 

type ACL struct {
	Subnet   string
	Internal []ACLRule
	External []ACLRule
}

func NewACL 

func NewACL() *ACL

func (*ACL) AppendExternal 

func (a *ACL) AppendExternal(rule *ACLRule)

func (*ACL) AppendInternal 

func (a *ACL) AppendInternal(rule *ACLRule)

func (*ACL) Name 

func (a *ACL) Name() string

func (*ACL) Rules 

func (a *ACL) Rules() []ACLRule

type ACLCollection 

type ACLCollection struct {
	ACLs map[string]*ACL
}

func MergeACLCollections 

func MergeACLCollections(collections ...*ACLCollection) *ACLCollection

func NewACLCollection 

func NewACLCollection() *ACLCollection

func (*ACLCollection) LookupOrCreate 

func (c *ACLCollection) LookupOrCreate(name string) *ACL

func (*ACLCollection) SortedACLSubnets 

func (c *ACLCollection) SortedACLSubnets() []string

func (*ACLCollection) Write 

func (c *ACLCollection) Write(w Writer) error

type ACLRule 

type ACLRule struct {
	Action      Action
	Direction   Direction
	Source      IP
	Destination IP
	Protocol    Protocol
	Explanation string
}

func AllowReceive 

func AllowReceive(packet Packet) *ACLRule

func AllowSend 

func AllowSend(packet Packet) *ACLRule

func (*ACLRule) Target 

func (r *ACLRule) Target() IP

type ACLWriter 

type ACLWriter interface {
	WriteACL(*ACLCollection) error
}

type Action 

type Action string
const (
	Allow Action = "allow"
	Deny  Action = "deny"
)

type AnyProtocol 

type AnyProtocol struct{}

func (AnyProtocol) InverseDirection 

func (t AnyProtocol) InverseDirection() Protocol

type CIDR 

type CIDR struct {
	// contains filtered or unexported fields
}

func (CIDR) String 

func (s CIDR) String() string

type Collection 

type Collection interface {
	Write(Writer) error
}

type ConfigDefs 

type ConfigDefs struct {
	Subnets map[string]IP

	// Network interface name to IP address
	NIFToIP map[string]IP

	// Instance is a collection of NIFs
	InstanceToNIFs map[string][]string

	// VPEs have a single IP
	VPEToIP map[string]IP
}

ConfigDefs holds definitions that are part of the network architecture

func (*ConfigDefs) InstanceFromNIF 

func (s *ConfigDefs) InstanceFromNIF(nifName string) (string, bool)

func (*ConfigDefs) NIFFromIP 

func (s *ConfigDefs) NIFFromIP(ip IP) (string, bool)

func (*ConfigDefs) RemoteFromIP 

func (s *ConfigDefs) RemoteFromIP(ip IP) RemoteType

func (*ConfigDefs) SubnetNameFromIP 

func (s *ConfigDefs) SubnetNameFromIP(ip IP) (string, bool)

func (*ConfigDefs) VPEFromIP 

func (s *ConfigDefs) VPEFromIP(ip IP) (string, bool)

type Connection 

type Connection struct {
	// Egress endpoint
	Src Endpoint

	// Ingress endpoint
	Dst Endpoint

	// Allowed protocols
	TrackedProtocols []TrackedProtocol

	// Provenance information
	Origin fmt.Stringer
}

type Definitions 

type Definitions struct {
	ConfigDefs

	// Segments are a way for users to create aggregations.
	SubnetSegments map[string][]string

	// Externals are a way for users to name IP addresses or ranges external to the VPC.
	Externals map[string]IP
}

Definitions adds to ConfigDefs the spec-specific definitions

func (*Definitions) Lookup 

func (s *Definitions) Lookup(t EndpointType, name string) (Endpoint, error)

type Direction 

type Direction string
const (
	Outbound Direction = "outbound"
	Inbound  Direction = "inbound"
)

type Endpoint 

type Endpoint struct {
	// Symbolic name of endpoint, if available
	Name string

	// list of CIDR / Ip addresses.
	Values []IP

	// Type of endpoint
	Type EndpointType
}

type EndpointType 

type EndpointType string
const (
	EndpointTypeExternal EndpointType = "external"
	EndpointTypeSegment  EndpointType = "segment"
	EndpointTypeSubnet   EndpointType = "subnet"
	EndpointTypeNIF      EndpointType = "nif"
	EndpointTypeVPE      EndpointType = "vpe"
	EndpointTypeInstance EndpointType = "instance"
	EndpointTypeAny      EndpointType = "any"
)

type ICMP 

type ICMP struct {
	*ICMPCodeType
}

func (ICMP) InverseDirection 

func (t ICMP) InverseDirection() Protocol

type ICMPCodeType 

type ICMPCodeType struct {
	// ICMP type allowed.
	Type int

	// ICMP code allowed. If omitted, any code is allowed
	Code *int
}

type IP 

type IP struct {
	// contains filtered or unexported fields
}

func IPFromString 

func IPFromString(s string) IP

func (IP) String 

func (ip IP) String() string

type Packet 

type Packet struct {
	Src, Dst    IP
	Protocol    Protocol
	Explanation string
}

type PortRange 

type PortRange struct {
	// Minimal port; default is DefaultMinPort
	Min int

	// Maximal port; default is DefaultMaxPort
	Max int
}

type PortRangePair 

type PortRangePair struct {
	SrcPort PortRange
	DstPort PortRange
}

type Protocol 

type Protocol interface {
	// InverseDirection returns the response expected for a request made using this protocol
	InverseDirection() Protocol
}

type Reader 

type Reader interface {
	ReadSpec(filename string, defs *ConfigDefs) (*Spec, error)
}

type RemoteType 

type RemoteType interface {
	fmt.Stringer
}

type SG 

type SG struct {
	Rules    []SGRule
	Attached []SGName
}

func NewSG 

func NewSG() *SG

func (*SG) Add 

func (a *SG) Add(rule *SGRule)

type SGCollection 

type SGCollection struct {
	SGs map[SGName]*SG
}

func MergeSGCollections 

func MergeSGCollections(collections ...*SGCollection) *SGCollection

func NewSGCollection 

func NewSGCollection() *SGCollection

func (*SGCollection) LookupOrCreate 

func (c *SGCollection) LookupOrCreate(name SGName) *SG

func (*SGCollection) SortedSGNames 

func (c *SGCollection) SortedSGNames() []SGName

func (*SGCollection) Write 

func (c *SGCollection) Write(w Writer) error

type SGName 

type SGName string

func (SGName) String 

func (s SGName) String() string

type SGResource 

type SGResource string
const (
	SGResourceNIF                  SGResource = "nif"
	SGResourceBareMetalNIF         SGResource = "bnif"
	SGResourceLoadBalancer         SGResource = "loadbalancer"
	SGResourceVPE                  SGResource = "vpe"
	SGResourceVPNServer            SGResource = "vpn"
	SGResourceFileShareMountTarget SGResource = "fsmt"
)

type SGRule 

type SGRule struct {
	Direction   Direction
	Remote      RemoteType
	Protocol    Protocol
	Explanation string
}

type SGWriter 

type SGWriter interface {
	WriteSG(*SGCollection) error
}

type Spec 

type Spec struct {
	// Required connections
	Connections []Connection

	Defs Definitions
}

type TCPUDP 

type TCPUDP struct {
	Protocol      TransportLayerProtocolName
	PortRangePair PortRangePair
}

func (TCPUDP) InverseDirection 

func (t TCPUDP) InverseDirection() Protocol

type TrackedProtocol 

type TrackedProtocol struct {
	Protocol
	Origin fmt.Stringer
}

type TransportLayerProtocolName 

type TransportLayerProtocolName string
const (
	TCP TransportLayerProtocolName = "TCP"
	UDP TransportLayerProtocolName = "UDP"
)

type Writer 

type Writer interface {
	ACLWriter
	SGWriter
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.