resources

package
v2.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 8, 2024 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RuleBasePriority 

func RuleBasePriority[ruleT ruleTypeKind](_ ruleT) int16

RuleBasePriority -

func SeparateNetworks 

func SeparateNetworks(nws []Network, scopeIPs ...net.IP) (netIPv4, netIPv6 []net.IPNet)

SeparateNetworks it selerates source into IPv4 and IPv4 networks

Types

type CidrSgRules 

type CidrSgRules struct {
	Rules dict.RBDict[model.IECidrSgRuleIdenity, *model.IECidrSgRule]
}

CidrSgRules -

func (*CidrSgRules) GetRulesForTrafficAndSG 

func (rules *CidrSgRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) []*model.IECidrSgRule

GetRulesForTrafficAndSG -

func (*CidrSgRules) IsEq 

func (rules *CidrSgRules) IsEq(other CidrSgRules) bool

IsEq -

func (*CidrSgRules) Load 

func (rules *CidrSgRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

type IECidrSgIcmpRules 

type IECidrSgIcmpRules struct {
	Rules dict.RBDict[model.IECidrSgIcmpRuleID, *model.IECidrSgIcmpRule]
}

IECidrSgIcmpRules -

func (*IECidrSgIcmpRules) GetRulesForTrafficAndSG 

func (rules *IECidrSgIcmpRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) (ret []*model.IECidrSgIcmpRule)

GetRulesForTrafficAndSG -

func (IECidrSgIcmpRules) IsEq 

func (o IECidrSgIcmpRules) IsEq(other IECidrSgIcmpRules) bool

IsEq -

func (*IECidrSgIcmpRules) Load 

func (rules *IECidrSgIcmpRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

Load -

type LocalData 

type LocalData struct {
	LocalSGs          SGs
	SG2SGRules        SG2SGRules
	SG2FQDNRules      SG2FQDNRules
	SgIcmpRules       SgIcmpRules
	SgSgIcmpRules     SgSgIcmpRules
	SgIeSgIcmpRules   SgIeSgIcmpRules
	CidrSgRules       CidrSgRules
	SgIeSgRules       SgIeSgRules
	IECidrSgIcmpRules IECidrSgIcmpRules
	Networks          SGsNetworks

	ResolvedFQDN *ResolvedFQDN
	SyncStatus   model.SyncStatus
}

LocalData are used by agent to build Host Based Firewall rules

func (*LocalData) IsEq 

func (ld *LocalData) IsEq(other LocalData) bool

IsEq checks wether this object is equal the other one here we compare only rules and networks

type LocalDataLoader 

type LocalDataLoader struct {
	SyncStatus      model.SyncStatus
	MaxLoadDiration time.Duration
}

LocalDataLoader

func (*LocalDataLoader) Load 

func (loader *LocalDataLoader) Load(ctx context.Context, client SGClient, ncnf host.NetConf) (res LocalData, err error)

Load -

type Network 

type Network = model.Network

Network is type alias

type Networks 

type Networks struct {
	dict.HDict[string, Network]
}

Networks - network indexed by its name dictionary

func (*Networks) IsEq 

func (nws *Networks) IsEq(other Networks) bool

IsEq -

type ResolvedFQDN 

type ResolvedFQDN struct {
	sync.RWMutex
	A    dict.RBDict[model.FQDN, agent.DomainAddresses]
	AAAA dict.RBDict[model.FQDN, agent.DomainAddresses]
}

ResolvedFQDN -

func (*ResolvedFQDN) Resolve 

func (r *ResolvedFQDN) Resolve(ctx context.Context, rules SG2FQDNRules, dnsRes agent.DomainAddressQuerier)

Resolve -

func (*ResolvedFQDN) UpdA 

func (r *ResolvedFQDN) UpdA(domain model.FQDN, addr agent.DomainAddresses)

UpdA -

func (*ResolvedFQDN) UpdAAAA 

func (r *ResolvedFQDN) UpdAAAA(domain model.FQDN, addr agent.DomainAddresses)

UpdAAAA -

type SG 

type SG struct {
	model.SecurityGroup
	LocalIPsV4 iplib.ByIP
	LocalIPsV6 iplib.ByIP
}

SG Secutity Group

func (*SG) IsLocal 

func (loc *SG) IsLocal() bool

IsLocal gives true if GS contains any IP from local host

type SG2FQDNRules 

type SG2FQDNRules struct {
	Rules []model.FQDNRule
	FQDNs dict.RBSet[model.FQDN]
}

SG2FQDNRules -

func (*SG2FQDNRules) IsEq 

func (rules *SG2FQDNRules) IsEq(other SG2FQDNRules) bool

IsEq -

func (*SG2FQDNRules) Load 

func (rules *SG2FQDNRules) Load(ctx context.Context, SGSrv SGClient, sgs SGs) (err error)

Load -

func (SG2FQDNRules) RulesForSG 

func (rules SG2FQDNRules) RulesForSG(sgName string) []model.FQDNRule

SelectForSG -

type SG2SGRules 

type SG2SGRules struct {
	Rules dict.HDict[model.SGRuleIdentity, *model.SGRule]
}

SG2SGRules -

func (SG2SGRules) AllRules 

func (rules SG2SGRules) AllRules() []model.SGRule

AllRules -

func (SG2SGRules) In 

func (rules SG2SGRules) In(sgTo string) (ret []model.SGRule)

In -

func (*SG2SGRules) IsEq 

func (rules *SG2SGRules) IsEq(other SG2SGRules) bool

IsEq -

func (*SG2SGRules) Load 

func (rules *SG2SGRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

Load ...

func (SG2SGRules) Out 

func (rules SG2SGRules) Out(sgFrom string) (ret []model.SGRule)

Out -

type SGClient 

type SGClient = sgAPI.SecGroupServiceClient

SGClient is a type alias

type SGs 

type SGs struct {
	dict.HDict[SgName, *SG]
}

SGs Security Groups dictionary indexed by its names

func (*SGs) IsEq 

func (loc *SGs) IsEq(other SGs) bool

IsEq -

func (*SGs) LoadFromIPs 

func (loc *SGs) LoadFromIPs(ctx context.Context, client SGClient, localIPs []net.IP) error

LoadFromIPs it loads Local SGs by IPs

func (*SGs) LoadFromNames 

func (loc *SGs) LoadFromNames(ctx context.Context, client SGClient, names []string) (err error)

LoadFromNames load SG from its names

func (SGs) Names 

func (loc SGs) Names() []SgName

Names get local SG(s) names

type SGsNetworks 

type SGsNetworks struct {
	dict.HDict[SgName, *Networks]
}

SGsNetworks Secuurity Group Networks dictionary indexed by Name from SG

func (*SGsNetworks) Add 

func (sgsNws *SGsNetworks) Add(sg SgName, nws ...Network)

Add -

func (*SGsNetworks) IsEq 

func (sgsNws *SGsNetworks) IsEq(other SGsNetworks) bool

IsEq -

func (*SGsNetworks) IterateNetworks 

func (sgsNws *SGsNetworks) IterateNetworks(f func(SgName, []Network) bool)

IterateNetworks -

func (*SGsNetworks) Load 

func (sgsNws *SGsNetworks) Load(ctx context.Context, client SGClient, localSG SGs) error

Load -

func (*SGsNetworks) LoadFromSGNames 

func (sgsNws *SGsNetworks) LoadFromSGNames(ctx context.Context, client SGClient, sgNames []string) error

LoadFromSGNames -

type SgIcmpRules 

type SgIcmpRules struct {
	Rules dict.HDict[model.SgIcmpRuleID, *model.SgIcmpRule]
}

SgIcmpRules -

func (*SgIcmpRules) IsEq 

func (rules *SgIcmpRules) IsEq(other SgIcmpRules) bool

IsEq -

func (*SgIcmpRules) Load 

func (rules *SgIcmpRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

Load get sg-icmp rules from local SG(s)

func (SgIcmpRules) Rules4Sg 

func (rules SgIcmpRules) Rules4Sg(sgName string) (ret []model.SgIcmpRule)

Rules4Sg -

type SgIeSgIcmpRules 

type SgIeSgIcmpRules struct {
	Rules dict.HDict[model.IESgSgIcmpRuleID, *model.IESgSgIcmpRule]
}

SgIeSgIcmpRules -

func (*SgIeSgIcmpRules) GetRulesForTrafficAndSG 

func (rules *SgIeSgIcmpRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) (ret []*model.IESgSgIcmpRule)

GetRulesForTrafficAndSG -

func (*SgIeSgIcmpRules) IsEq 

func (rules *SgIeSgIcmpRules) IsEq(other SgIeSgIcmpRules) bool

func (*SgIeSgIcmpRules) Load 

func (rules *SgIeSgIcmpRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

Load get sg-sg-ie-icmp rules from local SG(s)

type SgIeSgRules 

type SgIeSgRules struct {
	Rules dict.HDict[model.IESgSgRuleIdentity, *model.IESgSgRule]
}

SgIeSgRules -

func (*SgIeSgRules) GetRulesForTrafficAndSG 

func (rules *SgIeSgRules) GetRulesForTrafficAndSG(tr model.Traffic, sg string) (ret []*model.IESgSgRule)

GetRulesForTrafficAndSG -

func (*SgIeSgRules) IsEq 

func (rules *SgIeSgRules) IsEq(other SgIeSgRules) bool

IsEq -

func (*SgIeSgRules) Load 

func (rules *SgIeSgRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

Load -

type SgName 

type SgName = string

SgName is a type alias

type SgSgIcmpRules 

type SgSgIcmpRules struct {
	Rules dict.HDict[model.SgSgIcmpRuleID, *model.SgSgIcmpRule]
}

SgSgIcmpRules -

func (SgSgIcmpRules) In 

func (rules SgSgIcmpRules) In(sgTo string) (ret []model.SgSgIcmpRule)

In -

func (*SgSgIcmpRules) IsEq 

func (rules *SgSgIcmpRules) IsEq(other SgSgIcmpRules) bool

IsEq -

func (*SgSgIcmpRules) Load 

func (rules *SgSgIcmpRules) Load(ctx context.Context, client SGClient, locals SGs) (err error)

Load get sg-sg-icmp rules from local SG(s)

func (SgSgIcmpRules) Out 

func (rules SgSgIcmpRules) Out(sgFrom string) (ret []model.SgSgIcmpRule)

Out -

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.