network

package
v1.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 1, 2024 License: MPL-2.0 Imports: 15 Imported by: 2

Documentation

Overview

Package network provides network machine configuration documents.

Index

Constants

View Source 
const DefaultActionConfig = "NetworkDefaultActionConfig"

DefaultActionConfig is a default action config document kind.

View Source 
const RuleConfigKind = "NetworkRuleConfig"

RuleConfigKind is a rule config document kind.

Variables

This section is empty.

Functions

func GetFileDoc 

func GetFileDoc() *encoder.FileDoc

GetFileDoc returns documentation for the file network_doc.go.

Types

type DefaultActionConfigV1Alpha1 

type DefaultActionConfigV1Alpha1 struct {
	meta.Meta `yaml:",inline"`
	//   description: |
	//     Default action for all not explicitly configured ingress traffic: accept or block.
	//   values:
	//     - "accept"
	//     - "block"
	Ingress nethelpers.DefaultAction `yaml:"ingress"`
}

DefaultActionConfigV1Alpha1 is a ingress firewall default action configuration document. 

examples:
  - value: exampleDefaultActionConfigV1Alpha1()
alias: NetworkDefaultActionConfig
schemaRoot: true
schemaMeta: v1alpha1/NetworkDefaultActionConfig

func NewDefaultActionConfigV1Alpha1 

func NewDefaultActionConfigV1Alpha1() *DefaultActionConfigV1Alpha1

NewDefaultActionConfigV1Alpha1 creates a new DefaultActionConfig config document.

func (*DefaultActionConfigV1Alpha1) Clone 

func (s *DefaultActionConfigV1Alpha1) Clone() config.Document

Clone implements config.Document interface.

func (*DefaultActionConfigV1Alpha1) DeepCopy 

func (o *DefaultActionConfigV1Alpha1) DeepCopy() *DefaultActionConfigV1Alpha1

DeepCopy generates a deep copy of *DefaultActionConfigV1Alpha1.

func (*DefaultActionConfigV1Alpha1) DefaultAction 

func (s *DefaultActionConfigV1Alpha1) DefaultAction() nethelpers.DefaultAction

DefaultAction implements config.NetworkRuleConfigDefaultAction interface.

func (DefaultActionConfigV1Alpha1) Doc 

func (DefaultActionConfigV1Alpha1) Doc() *encoder.Doc

func (*DefaultActionConfigV1Alpha1) NetworkRuleConfigSignal 

func (s *DefaultActionConfigV1Alpha1) NetworkRuleConfigSignal()

NetworkRuleConfigSignal implements config.NetworkRuleConfigSignal interface.

type IngressConfig 

type IngressConfig []IngressRule

IngressConfig is a ingress config.

type IngressRule 

type IngressRule struct {
	//   description: |
	//     Subnet defines a source subnet.
	//   examples:
	//    - value: >
	//       netip.MustParsePrefix("10.3.4.0/24")
	//    - value: >
	//       netip.MustParsePrefix("2001:db8::/32")
	//    - value: >
	//       netip.MustParsePrefix("1.3.4.5/32")
	//   schema:
	//     type: string
	//     pattern: ^[0-9a-f.:]+/\d{1,3}$
	Subnet netip.Prefix `yaml:"subnet"`
	//   description: |
	//     Except defines a source subnet to exclude from the rule, it gets excluded from the `subnet`.
	//   schema:
	//     type: string
	//     pattern: ^[0-9a-f.:]+/\d{1,3}$
	Except Prefix `yaml:"except,omitempty"`
}

IngressRule is a ingress rule.

func (IngressRule) Doc 

func (IngressRule) Doc() *encoder.Doc

type PortRange 

type PortRange struct {
	Lo uint16
	Hi uint16
}

PortRange is a port range.

func (PortRange) MarshalYAML 

func (pr PortRange) MarshalYAML() (any, error)

MarshalYAML is a custom marshaller for `PortRange`.

func (PortRange) String 

func (pr PortRange) String() string

String implements fmt.Stringer interface.

func (*PortRange) UnmarshalYAML 

func (pr *PortRange) UnmarshalYAML(unmarshal func(any) error) error

UnmarshalYAML is a custom unmarshaller for `PortRange`.

type PortRanges 

type PortRanges []PortRange

PortRanges is a slice of port ranges.

func (PortRanges) Validate 

func (prs PortRanges) Validate() error

Validate the port ranges.

type Prefix 

type Prefix struct {
	netip.Prefix
}

Prefix is a wrapper for netip.Prefix.

It implements IsZero() so that yaml.Marshal correctly skips empty values.

func (Prefix) IsZero 

func (n Prefix) IsZero() bool

IsZero implements yaml.IsZeroer interface.

type RuleConfigV1Alpha1 

type RuleConfigV1Alpha1 struct {
	meta.Meta `yaml:",inline"`
	//   description: |
	//     Name of the config document.
	//   schemaRequired: true
	MetaName string `yaml:"name"`
	//   description: |
	//     Port selector defines which ports and protocols on the host are affected by the rule.
	PortSelector RulePortSelector `yaml:"portSelector"`
	//   description: |
	//     Ingress defines which source subnets are allowed to access the host ports/protocols defined by the `portSelector`.
	Ingress IngressConfig `yaml:"ingress" merge:"replace"`
}

RuleConfigV1Alpha1 is a network firewall rule config document. 

examples:
  - value: exampleRuleConfigV1Alpha1()
alias: NetworkRuleConfig
schemaRoot: true
schemaMeta: v1alpha1/NetworkRuleConfig

func NewRuleConfigV1Alpha1 

func NewRuleConfigV1Alpha1() *RuleConfigV1Alpha1

NewRuleConfigV1Alpha1 creates a new RuleConfig config document.

func (*RuleConfigV1Alpha1) Clone 

func (s *RuleConfigV1Alpha1) Clone() config.Document

Clone implements config.Document interface.

func (*RuleConfigV1Alpha1) DeepCopy 

func (o *RuleConfigV1Alpha1) DeepCopy() *RuleConfigV1Alpha1

DeepCopy generates a deep copy of *RuleConfigV1Alpha1.

func (RuleConfigV1Alpha1) Doc 

func (RuleConfigV1Alpha1) Doc() *encoder.Doc

func (*RuleConfigV1Alpha1) ExceptSubnets 

func (s *RuleConfigV1Alpha1) ExceptSubnets() []netip.Prefix

ExceptSubnets implements config.NetworkRule interface.

func (*RuleConfigV1Alpha1) Name 

func (s *RuleConfigV1Alpha1) Name() string

Name implements config.NamedDocument interface.

func (*RuleConfigV1Alpha1) NetworkRuleConfigSignal 

func (s *RuleConfigV1Alpha1) NetworkRuleConfigSignal()

NetworkRuleConfigSignal implements config.NetworkRuleConfigSignal interface.

func (*RuleConfigV1Alpha1) PortRanges 

func (s *RuleConfigV1Alpha1) PortRanges() [][2]uint16

PortRanges implements config.NetworkRule interface.

func (*RuleConfigV1Alpha1) Protocol 

func (s *RuleConfigV1Alpha1) Protocol() nethelpers.Protocol

Protocol implements config.NetworkRule interface.

func (*RuleConfigV1Alpha1) Rules 

func (s *RuleConfigV1Alpha1) Rules() []config.NetworkRule

Rules implements config.NetworkRuleConfigRules interface.

func (*RuleConfigV1Alpha1) Subnets 

func (s *RuleConfigV1Alpha1) Subnets() []netip.Prefix

Subnets implements config.NetworkRule interface.

func (*RuleConfigV1Alpha1) Validate 

func (s *RuleConfigV1Alpha1) Validate(validation.RuntimeMode, ...validation.Option) ([]string, error)

Validate implements config.Validator interface.

type RulePortSelector 

type RulePortSelector struct {
	//   description: |
	//     Ports defines a list of port ranges or single ports.
	//     The port ranges are inclusive, and should not overlap.
	//   examples:
	//    - value: >
	//       examplePortRanges1()
	//    - value: >
	//       examplePortRanges2()
	//   schema:
	//     type: array
	//     items:
	//       oneOf:
	//         - type: integer
	//         - type: string
	Ports PortRanges `yaml:"ports" merge:"replace"`
	//   description: |
	//     Protocol defines traffic protocol (e.g. TCP or UDP).
	//   values:
	//    - "tcp"
	//    - "udp"
	//    - "icmp"
	//    - "icmpv6"
	Protocol nethelpers.Protocol `yaml:"protocol"`
}

RulePortSelector is a port selector for the network rule.

func (RulePortSelector) Doc 

func (RulePortSelector) Doc() *encoder.Doc

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.