pipe

package

v1.0.3 Latest Latest Go to latest Published: Mar 3, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/zhyocean/neuvector

Documentation ¶

Rendered for

Index ¶

Constants
Variables
func CleanupContainer(pid int, intcpPairs []*InterceptPair) error
func Close()
func CreateNfqRules(pid int, create bool, appMap map[share.CLUSProtoPort]*share.CLUSApp) error
func DeleteNfqRules(pid int) error
func DisableOffload(port string)
func FwdPortPair(pid int, pair *InterceptPair)
func GetPortPairDebug(pair *InterceptPair) *share.CLUSWorkloadInterceptPort
func Open(driver string, cnet_type *string, pid int, jumboframe bool) (string, string, error)
func ResetPortPair(pid int, pair *InterceptPair)
func RestoreContainer(pid int, pairs []*InterceptPair) error
func TapPortPair(pid int, pair *InterceptPair)
type InterceptPair
- func InspectContainerPorts(pid int, existPairs []*InterceptPair) ([]*InterceptPair, error)
- func InterceptContainerPorts(pid int, existPairs []*InterceptPair) ([]*InterceptPair, error)
- func (m *InterceptPair) ExPort() string
- func (m *InterceptPair) InPort() string

Constants ¶

View Source

const (
	CNET_DEFAULT = "default"
	CNET_MACVLAN = "macvlan"
)

--

View Source

const (
	PIPE_TC   = "tc"
	PIPE_OVS  = "ovs"
	PIPE_NOTC = "no_tc"
)

Variables ¶

View Source

var ErrNoDefaultRoute = errors.New("No default route")

Functions ¶

func CleanupContainer ¶

func CleanupContainer(pid int, intcpPairs []*InterceptPair) error

Continer stops, we only need to clean-up ports and flows in our namespace

func Close ¶

func Close()

func CreateNfqRules ¶

func CreateNfqRules(pid int, create bool, appMap map[share.CLUSProtoPort]*share.CLUSApp) error

setup iptable rules with NFQUEUE target

func DeleteNfqRules ¶

func DeleteNfqRules(pid int) error

setup iptable rules with NFQUEUE target

func DisableOffload ¶

func DisableOffload(port string)

func disableOffload(port string) {

func FwdPortPair ¶

func FwdPortPair(pid int, pair *InterceptPair)

func GetPortPairDebug ¶

func GetPortPairDebug(pair *InterceptPair) *share.CLUSWorkloadInterceptPort

func Open ¶

func Open(driver string, cnet_type *string, pid int, jumboframe bool) (string, string, error)

func ResetPortPair ¶

func ResetPortPair(pid int, pair *InterceptPair)

func RestoreContainer ¶

func RestoreContainer(pid int, pairs []*InterceptPair) error

Agent exiting, we need put ports back to container, and clean flows in our namespace

func TapPortPair ¶

func TapPortPair(pid int, pair *InterceptPair)

Types ¶

type InterceptPair ¶

type InterceptPair struct {
	Port string
	Peer string

	MAC   net.HardwareAddr
	BCMAC net.HardwareAddr
	UCMAC net.HardwareAddr
	Addrs []share.CLUSIPAddr
	// contains filtered or unexported fields
}

func InspectContainerPorts ¶

func InspectContainerPorts(pid int, existPairs []*InterceptPair) ([]*InterceptPair, error)

1. Enter the container network namespace; 2. 3. ... 4. Return to the original container namespace 5.

func InterceptContainerPorts ¶

func InterceptContainerPorts(pid int, existPairs []*InterceptPair) ([]*InterceptPair, error)

1. Enter the container network namespace; 2. 3. ... 4. Return to the original container namespace 5.

func (*InterceptPair) ExPort ¶

func (m *InterceptPair) ExPort() string

func (*InterceptPair) InPort ¶

func (m *InterceptPair) InPort() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL