Documentation ¶
Index ¶
Constants ¶
View Source
const SO_ORIGINAL_DST = 80
Variables ¶
This section is empty.
Functions ¶
func ParsePorts ¶
Types ¶
type Destination ¶
type Destination string
A Destination is an immutable value that is used as a key in the routing table and when sorting routes. The choice to use a single string was motivated by a desire to have a value that:
- can be ordered correctly (IPs or ports represented as a strings cannot)
- is compact and hence very efficient when lexically compared or when used as a hash key
- is immutable
func NewDestination ¶
NewDestination creates a new Destination. Valid protocols are "tcp" and "udp"
func (Destination) String ¶
func (rk Destination) String() string
String returns a string <proto>:<ip> and optionally a comma separated list of ports delimited by []
type FirewallRouter ¶
type FirewallRouter interface { // Flush will flush any pending rule changes that needs to be committed Flush(ctx context.Context) error // Clear the given route. Returns true if the route was cleared and false if no such route was found. Clear(ctx context.Context, route *Route) (bool, error) // Add the given route. If the route already exists and is different from the given route, it is // cleared before the new route is added. Returns true if the route was add and false if it was already present. Add(ctx context.Context, route *Route) (bool, error) // Disable the router. Disable(ctx context.Context) error // Enable the router Enable(ctx context.Context) error // Get the original destination for a connection that has been routed. GetOriginalDst(conn *net.TCPConn) (host string, err error) }
FirewallRouter is an interface to what is essentially a routing table, but implemented in the firewall.
TODO(lukeshu): Why have we implemented the routing table in the firewall? Mostly historical reasons, and we should consider using the real routing table.
type Route ¶
type Route struct { Destination ToPort int }
Click to show internal directories.
Click to hide internal directories.