secrules

package

v1.0.5 Latest Latest Go to latest Published: May 16, 2024 License: Apache-2.0 Imports: 11 Imported by: 16

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nyl1001/pkg

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type SecurityGroupRuleSet
type SecurityGroupSubRuleSet
type SecurityGroupSubSubRuleSet
type SecurityRule
- func MustParseSecurityRule(s string) *SecurityRule
- func ParseSecurityRule(pattern string) (*SecurityRule, error)
type SecurityRuleSet
type TSecurityRuleAction
type TSecurityRuleDirection
type TSecurityRuleRelation

Constants ¶

View Source

const (
	SecurityRuleIngress = TSecurityRuleDirection("in")
	SecurityRuleEgress  = TSecurityRuleDirection("out")
)

View Source

const (
	SecurityRuleAllow = TSecurityRuleAction("allow")
	SecurityRuleDeny  = TSecurityRuleAction("deny")
)

View Source

const (
	RELATION_INDEPENDENT = TSecurityRuleRelation("INDEPENDT")
	RELATION_IDENTICAL   = TSecurityRuleRelation("IDENTICAL")
	RELATION_SUBSET      = TSecurityRuleRelation("SUBSET")
	RELATION_SUPERSET    = TSecurityRuleRelation("SUPERSET")
	RELATION_NEXT_AHEAD  = TSecurityRuleRelation("NEXT_AHEAD")
	RELATION_NEXT_AFTER  = TSecurityRuleRelation("NEXT_AFTER")
	RELATION_OVERLAP     = TSecurityRuleRelation("OVERLAP")
)

View Source

const (
	DIR_IN  = "in"
	DIR_OUT = "out"
)

View Source

const PROTO_ANY = "any"

const ACTION_ALLOW = "allow" const ACTION_DENY = "deny"

View Source

const PROTO_ICMP = "icmp"

View Source

const PROTO_TCP = "tcp"

View Source

const PROTO_UDP = "udp"

View Source

const SEG_ACTION = 0

View Source

const SEG_END = 4

View Source

const SEG_IP = 1

View Source

const SEG_PORT = 3

View Source

const SEG_PROTO = 2

Variables ¶

View Source

var (
	ErrInvalidProtocolAny  = errors.New("invalid protocol any with port option")
	ErrInvalidProtocolICMP = errors.New("invalid protocol icmp with port option")
	ErrInvalidPriority     = errors.New("invalid priority")
	ErrInvalidDirection    = errors.New("invalid direction")
	ErrInvalidAction       = errors.New("invalid action")
	ErrInvalidNet          = errors.New("invalid net")
	ErrInvalidIPAddr       = errors.New("invalid ip address")
	ErrInvalidProtocol     = errors.New("invalid protocol")
	ErrInvalidPortRange    = errors.New("invalid port range")
	ErrInvalidPort         = errors.New("invalid port")
)

Functions ¶

This section is empty.

Types ¶

type SecurityGroupRuleSet ¶

type SecurityGroupRuleSet struct {
	// contains filtered or unexported fields
}

func (*SecurityGroupRuleSet) AddRule ¶

func (srs *SecurityGroupRuleSet) AddRule(rule SecurityRule)

func (*SecurityGroupRuleSet) IsEqual ¶

func (srs *SecurityGroupRuleSet) IsEqual(src SecurityGroupRuleSet) bool

func (*SecurityGroupRuleSet) String ¶

func (srs *SecurityGroupRuleSet) String() string

type SecurityGroupSubRuleSet ¶

type SecurityGroupSubRuleSet struct {
	// contains filtered or unexported fields
}

type SecurityGroupSubSubRuleSet ¶

type SecurityGroupSubSubRuleSet struct {
	// contains filtered or unexported fields
}

type SecurityRule ¶

type SecurityRule struct {
	Priority    int // [1, 100]
	Action      TSecurityRuleAction
	IPNet       *net.IPNet
	Protocol    string
	Direction   TSecurityRuleDirection
	PortStart   int
	PortEnd     int
	Ports       []int
	Description string
}

func MustParseSecurityRule ¶

func MustParseSecurityRule(s string) *SecurityRule

func ParseSecurityRule ¶

func ParseSecurityRule(pattern string) (*SecurityRule, error)

func (*SecurityRule) GetPortsString ¶

func (rule *SecurityRule) GetPortsString() string

func (*SecurityRule) IsWildMatch ¶

func (rule *SecurityRule) IsWildMatch() bool

func (*SecurityRule) ParseCIDR ¶

func (rule *SecurityRule) ParseCIDR(cidr string) bool

func (*SecurityRule) ParsePorts ¶

func (rule *SecurityRule) ParsePorts(seg string) error

func (*SecurityRule) String ¶

func (rule *SecurityRule) String() (result string)

func (*SecurityRule) ValidateRule ¶

func (rule *SecurityRule) ValidateRule() error

type SecurityRuleSet ¶

type SecurityRuleSet []SecurityRule

func (SecurityRuleSet) AllowList ¶

func (srs SecurityRuleSet) AllowList() SecurityRuleSet

convert to pure allow list

requirements on srs

ordered by priority
same direction

func (SecurityRuleSet) Equals ¶

func (srs SecurityRuleSet) Equals(srs1 SecurityRuleSet) bool

func (SecurityRuleSet) Len ¶

func (srs SecurityRuleSet) Len() int

func (SecurityRuleSet) Less ¶

func (srs SecurityRuleSet) Less(i, j int) bool

func (SecurityRuleSet) String ¶

func (srs SecurityRuleSet) String() string

func (SecurityRuleSet) Swap ¶

func (srs SecurityRuleSet) Swap(i, j int)

type TSecurityRuleAction ¶

type TSecurityRuleAction string

type TSecurityRuleDirection ¶

type TSecurityRuleDirection string

type TSecurityRuleRelation ¶

type TSecurityRuleRelation string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL