The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- type Instance
- func (i *Instance) ACLProvider() provider.IptablesProvider
- func (i *Instance) AddPortToPortSet(contextID string, port string) error
- func (i *Instance) CleanAllSynAckPacketCaptures() error
- func (i *Instance) CleanGlobalRules() error
- func (i *Instance) CleanUp() error
- func (i *Instance) ConfigureRules(version int, contextID string, containerInfo *policy.PUInfo) error
- func (i *Instance) DeletePortFromPortSet(contextID string, port string) error
- func (i *Instance) DeleteRules(version int, contextID string, tcpPorts, udpPorts string, mark string, ...) error
- func (i *Instance) InitializeChains() error
- func (i *Instance) Run(ctx context.Context) error
- func (i *Instance) SetTargetNetworks(current, networks []string) error
- func (i *Instance) UpdateRules(version int, contextID string, containerInfo *policy.PUInfo, ...) error
Constants ¶
const ( // TriremeInput represent the chain that contains pu input rules. TriremeInput = "Trireme-Input" // TriremeOutput represent the chain that contains pu output rules. TriremeOutput = "Trireme-Output" // NetworkSvcInput represent the chain that contains NetworkSvc input rules. NetworkSvcInput = "NetworkSvc-Input" // NetworkSvcOutput represent the chain that contains NetworkSvc output rules. NetworkSvcOutput = "NetworkSvc-Output" // HostModeInput represent the chain that contains Hostmode input rules. HostModeInput = "Hostmode-Input" // HostModeOutput represent the chain that contains Hostmode output rules. HostModeOutput = "Hostmode-Output" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Instance ¶
type Instance struct {
// contains filtered or unexported fields
}
Instance is the structure holding all information about a implementation
func GetInstance ¶
func GetInstance() *Instance
GetInstance returns the instance of the iptables object
func NewInstance ¶
NewInstance creates a new iptables controller instance
func (*Instance) ACLProvider ¶
func (i *Instance) ACLProvider() provider.IptablesProvider
ACLProvider returns the current ACL provider that can be re-used by other entities.
func (*Instance) AddPortToPortSet ¶
AddPortToPortSet adds ports to the portsets
func (*Instance) CleanAllSynAckPacketCaptures ¶
CleanAllSynAckPacketCaptures cleans the capture rules for SynAck packets irrespective of NFQUEUE
func (*Instance) CleanGlobalRules ¶
CleanGlobalRules cleans the capture rules for SynAck packets
func (*Instance) ConfigureRules ¶
func (i *Instance) ConfigureRules(version int, contextID string, containerInfo *policy.PUInfo) error
ConfigureRules implments the ConfigureRules interface. It will create the port sets and then it will call install rules to create all the ACLs for the given chains. PortSets are only created here. Updates will use the exact same logic.
func (*Instance) DeletePortFromPortSet ¶
DeletePortFromPortSet deletes ports from port sets
func (*Instance) DeleteRules ¶
func (i *Instance) DeleteRules(version int, contextID string, tcpPorts, udpPorts string, mark string, username string, proxyPort string, puType string, exclusions []string) error
DeleteRules implements the DeleteRules interface
func (*Instance) InitializeChains ¶
InitializeChains initializes the chains.
func (*Instance) SetTargetNetworks ¶
SetTargetNetworks updates ths target networks for SynAck packets
func (*Instance) UpdateRules ¶
func (i *Instance) UpdateRules(version int, contextID string, containerInfo *policy.PUInfo, oldContainerInfo *policy.PUInfo) error
UpdateRules implements the update part of the interface. Update will call installrules to install the new rules and then it will delete the old rules.
Source Files