pathpol

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 10, 2024 License: Apache-2.0 Imports: 14 Imported by: 1

Documentation

Overview

Package pathpol implements path policies, documentation in doc/PathPolicy.md Currently implemented: ACL, Sequence, Extends and Options.

A policy has Filter() method that takes a slice of paths and returns a filtered slice of paths.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrNoDefault indicates that there is no default acl entry.
	ErrNoDefault = errors.New("ACL does not have a default")
	// ErrExtraEntries indicates that there extra entries after the default entry.
	ErrExtraEntries = errors.New("ACL has unused extra entries after a default entry")
)

Functions

func GetSequence added in v0.9.0 

func GetSequence(path snet.Path) (string, error)

GetSequence constructs the sequence string from snet path output format: 

1-ff00:0:133#42 1-ff00:0:120#2,1 1-ff00:0:110#21

Types

type ACL 

type ACL struct {
	Entries []*ACLEntry
}

func NewACL 

func NewACL(entries ...*ACLEntry) (*ACL, error)

NewACL creates a new entry and checks for the presence of a default action

func (*ACL) Eval 

func (a *ACL) Eval(paths []snet.Path) []snet.Path

Eval returns the set of paths that match the ACL.

func (*ACL) MarshalJSON 

func (a *ACL) MarshalJSON() ([]byte, error)

func (*ACL) MarshalYAML 

func (a *ACL) MarshalYAML() (interface{}, error)

func (*ACL) UnmarshalJSON 

func (a *ACL) UnmarshalJSON(b []byte) error

func (*ACL) UnmarshalYAML 

func (a *ACL) UnmarshalYAML(unmarshal func(interface{}) error) error

type ACLAction 

type ACLAction bool

ACLAction has two options: Deny and Allow 

const (
	Deny  ACLAction = false
	Allow ACLAction = true
)

type ACLEntry 

type ACLEntry struct {
	Action ACLAction
	Rule   *HopPredicate
}

func (*ACLEntry) LoadFromString 

func (ae *ACLEntry) LoadFromString(str string) error

func (*ACLEntry) MarshalJSON 

func (ae *ACLEntry) MarshalJSON() ([]byte, error)

func (*ACLEntry) MarshalYAML 

func (ae *ACLEntry) MarshalYAML() (interface{}, error)

func (*ACLEntry) String 

func (ae *ACLEntry) String() string

func (*ACLEntry) UnmarshalJSON 

func (ae *ACLEntry) UnmarshalJSON(b []byte) error

func (*ACLEntry) UnmarshalYAML 

func (ae *ACLEntry) UnmarshalYAML(unmarshal func(interface{}) error) error

type ExtPolicy 

type ExtPolicy struct {
	Extends []string `json:"extends,omitempty"`
	*Policy
}

ExtPolicy is an extending policy, it may have a list of policies it extends

type FilterOptions 

type FilterOptions struct {
	// IgnoreSequence can be used to ignore the sequence part of policies.
	IgnoreSequence bool
}

FilterOptions contains options for filtering.

type HopPredicate 

type HopPredicate struct {
	ISD   addr.ISD
	AS    addr.AS
	IfIDs []iface.ID
}

A HopPredicate specifies a hop in the ACL or Sequence of the path policy, see docs/PathPolicy.md.

func HopPredicateFromString 

func HopPredicateFromString(str string) (*HopPredicate, error)

func NewHopPredicate 

func NewHopPredicate() *HopPredicate

func (*HopPredicate) MarshalJSON 

func (hp *HopPredicate) MarshalJSON() ([]byte, error)

func (HopPredicate) String 

func (hp HopPredicate) String() string

func (*HopPredicate) UnmarshalJSON 

func (hp *HopPredicate) UnmarshalJSON(b []byte) error

type ISDASRule 

type ISDASRule struct {
	IA     addr.IA `json:"isd_as,omitempty"`
	Reject bool    `json:"reject,omitempty"`
}

type LocalISDAS 

type LocalISDAS struct {
	AllowedIAs []addr.IA
}

LocalISDAS is a path policy that checks whether the first hop in the path (local AS) belongs to the specified set.

func (*LocalISDAS) Eval 

func (li *LocalISDAS) Eval(paths []snet.Path) []snet.Path

func (*LocalISDAS) MarshalJSON 

func (li *LocalISDAS) MarshalJSON() ([]byte, error)

func (*LocalISDAS) UnmarshalJSON 

func (li *LocalISDAS) UnmarshalJSON(b []byte) error

type Option 

type Option struct {
	Weight int        `json:"weight"`
	Policy *ExtPolicy `json:"policy"`
}

Option contains a weight and a policy and is used as a list item in Policy.Options

type Policy 

type Policy struct {
	Name        string       `json:"-"`
	ACL         *ACL         `json:"acl,omitempty"`
	Sequence    *Sequence    `json:"sequence,omitempty"`
	LocalISDAS  *LocalISDAS  `json:"local_isd_ases,omitempty"`
	RemoteISDAS *RemoteISDAS `json:"remote_isd_ases,omitempty"`
	Options     []Option     `json:"options,omitempty"`
}

Policy is a compiled path policy object, all extended policies have been merged.

func NewPolicy 

func NewPolicy(name string, acl *ACL, sequence *Sequence, options []Option) *Policy

NewPolicy creates a Policy and sorts its Options

func PolicyFromExtPolicy 

func PolicyFromExtPolicy(extPolicy *ExtPolicy, extended []*ExtPolicy) (*Policy, error)

PolicyFromExtPolicy creates a Policy from an extending Policy and the extended policies

func (*Policy) Filter 

func (p *Policy) Filter(paths []snet.Path) []snet.Path

Filter filters the paths according to the policy.

func (*Policy) FilterOpt 

func (p *Policy) FilterOpt(paths []snet.Path, opts FilterOptions) []snet.Path

FilterOpt filters the path set according to the policy with the given options.

type PolicyMap 

type PolicyMap map[string]*ExtPolicy

PolicyMap is a container for Policies, keyed by their unique name. PolicyMap can be used to marshal Policies to JSON. Unmarshaling back to PolicyMap is guaranteed to yield an object that is identical to the initial one.

type RemoteISDAS 

type RemoteISDAS struct {
	Rules []ISDASRule
}

RemoteISDAS is a path policy that checks whether the last hop in the path (remote AS) satisfies the supplied rules. Rules are evaluated in order and first that matches the remote ISD-AS wins. If in the winnig rule Reject is set to true, then the path will rejected by the policy, otherwise it will be accepted. If no rule matches the path will be rejected.

func (*RemoteISDAS) Eval 

func (ri *RemoteISDAS) Eval(paths []snet.Path) []snet.Path

func (*RemoteISDAS) MarshalJSON 

func (ri *RemoteISDAS) MarshalJSON() ([]byte, error)

func (*RemoteISDAS) UnmarshalJSON 

func (ri *RemoteISDAS) UnmarshalJSON(b []byte) error

type Sequence 

type Sequence struct {
	// contains filtered or unexported fields
}

func NewSequence 

func NewSequence(s string) (*Sequence, error)

NewSequence creates a new sequence from a string

func (*Sequence) Eval 

func (s *Sequence) Eval(paths []snet.Path) []snet.Path

Eval evaluates the interface sequence list and returns the set of paths that match the list

func (*Sequence) MarshalJSON 

func (s *Sequence) MarshalJSON() ([]byte, error)

func (*Sequence) MarshalYAML 

func (s *Sequence) MarshalYAML() (interface{}, error)

func (*Sequence) String 

func (s *Sequence) String() string

func (*Sequence) UnmarshalJSON 

func (s *Sequence) UnmarshalJSON(b []byte) error

func (*Sequence) UnmarshalYAML 

func (s *Sequence) UnmarshalYAML(unmarshal func(interface{}) error) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.