Documentation ¶
Index ¶
- Constants
- func ClearUDPConntrackForIP(execer exec.Interface, ip string) error
- func ClearUDPConntrackForPeers(execer exec.Interface, origin, dest string) error
- func ClearUDPConntrackForPort(execer exec.Interface, port int, isIPv6 bool) error
- func ExecConntrackTool(execer exec.Interface, parameters ...string) error
- func IPPart(s string) string
- func IsIPv6(netIP net.IP) bool
- func IsIPv6String(ip string) bool
- func IsLocalIP(ip string) (bool, error)
- func PortPart(s string) (int, error)
- func RevertPorts(replacementPortsMap, originalPortsMap map[LocalPort]Closeable)
- func ShouldSkipService(svcName types.NamespacedName, service *api.Service) bool
- func ToCIDR(ip net.IP) string
- type Closeable
- type LocalPort
- type PortOpener
Constants ¶
const NoConnectionToDelete = "0 flow entries have been deleted"
Variables ¶
This section is empty.
Functions ¶
func ClearUDPConntrackForIP ¶
ClearUDPConntrackForIP uses the conntrack tool to delete the conntrack entries for the UDP connections specified by the given service IP
func ClearUDPConntrackForPeers ¶
ClearUDPConntrackForPeers uses the conntrack tool to delete the conntrack entries for the UDP connections specified by the {origin, dest} IP pair.
func ClearUDPConntrackForPort ¶
ClearUDPConntrackForPort uses the conntrack tool to delete the conntrack entries for the UDP connections specified by the port. When a packet arrives, it will not go through NAT table again, because it is not "the first" packet. The solution is clearing the conntrack. Known issues: https://github.com/docker/docker/issues/8795 https://github.com/kubernetes/kubernetes/issues/31983
func ExecConntrackTool ¶
ExecConntrackTool executes the conntrack tool using the given parameters
func IPPart ¶
IPPart returns just the IP part of an IP or IP:port or endpoint string. If the IP part is an IPv6 address enclosed in brackets (e.g. "[fd00:1::5]:9999"), then the brackets are stripped as well.
func IsIPv6String ¶
func RevertPorts ¶
RevertPorts is closing ports in replacementPortsMap but not in originalPortsMap. In other words, it only closes the ports opened in this sync.
func ShouldSkipService ¶
func ShouldSkipService(svcName types.NamespacedName, service *api.Service) bool
Types ¶
type Closeable ¶
type Closeable interface {
Close() error
}
Closeable is an interface around closing an port.
type LocalPort ¶
type LocalPort struct { // Description is the identity message of a given local port. Description string // IP is the IP address part of a given local port. // If this string is empty, the port binds to all local IP addresses. IP string // Port is the port part of a given local port. Port int // Protocol is the protocol part of a given local port. // The value is assumed to be lower-case. For example, "udp" not "UDP", "tcp" not "TCP". Protocol string }
LocalPort describes a port on specific IP address and protocol
type PortOpener ¶
PortOpener is an interface around port opening/closing. Abstracted out for testing.