enforcerproxy

package
v2.3.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 7, 2017 License: GPL-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package enforcerproxy :: This is the implementation of the RPC client It implements the interface of Trireme Enforcer and forwards these requests to the actual remote enforcer instead of implementing locally

Index

Constants

This section is empty.

Variables

View Source
var ErrEnforceFailed = errors.New("Failed to enforce rules")

ErrEnforceFailed exported

View Source
var ErrExpectedEnforcer = errors.New("Process was not launched")

ErrExpectedEnforcer exported

View Source
var ErrFailedtoLaunch = errors.New("Failed to Launch")

ErrFailedtoLaunch exported.

View Source
var ErrInitFailed = errors.New("Failed remote Init")

ErrInitFailed exported

Functions

func NewDefaultProxyEnforcer

func NewDefaultProxyEnforcer(serverID string,
	collector collector.EventCollector,
	secrets secrets.Secrets,
	rpchdl rpcwrapper.RPCClient,
	procMountPoint string,
) enforcer.PolicyEnforcer

NewDefaultProxyEnforcer This is the default datapth method. THis is implemented to keep the interface consistent whether we are local or remote enforcer.

func NewProxyEnforcer

func NewProxyEnforcer(mutualAuth bool,
	filterQueue *fqconfig.FilterQueue,
	collector collector.EventCollector,
	service enforcer.PacketProcessor,
	secrets secrets.Secrets,
	serverID string,
	validity time.Duration,
	rpchdl rpcwrapper.RPCClient,
	cmdArg string,
	procMountPoint string,
	externalIPCacheTimeout time.Duration,
) enforcer.PolicyEnforcer

NewProxyEnforcer creates a new proxy to remote enforcers.

func NewTestEnforcerLauncher

func NewTestEnforcerLauncher() enforcer.PolicyEnforcer

NewTestEnforcerLauncher mocks an enforcer

Types

type ProxyInfo

type ProxyInfo struct {
	MutualAuth bool
	Secrets    secrets.Secrets

	sync.Mutex
	// contains filtered or unexported fields
}

ProxyInfo is the struct used to hold state about active enforcers in the system

func (*ProxyInfo) Enforce

func (s *ProxyInfo) Enforce(contextID string, puInfo *policy.PUInfo) error

Enforce method makes a RPC call for the remote enforcer enforce method

func (*ProxyInfo) GetFilterQueue

func (s *ProxyInfo) GetFilterQueue() *fqconfig.FilterQueue

GetFilterQueue returns the current FilterQueueConfig.

func (*ProxyInfo) InitRemoteEnforcer

func (s *ProxyInfo) InitRemoteEnforcer(contextID string) error

InitRemoteEnforcer method makes a RPC call to the remote enforcer

func (*ProxyInfo) Start

func (s *ProxyInfo) Start() error

Start starts the the remote enforcer proxy.

func (*ProxyInfo) Stop

func (s *ProxyInfo) Stop() error

Stop stops the remote enforcer.

func (*ProxyInfo) Unenforce

func (s *ProxyInfo) Unenforce(contextID string) error

Unenforce stops enforcing policy for the given contextID.

type StatsServer

type StatsServer struct {
	// contains filtered or unexported fields
}

StatsServer This struct is a receiver for Statsserver and maintains a handle to the RPC StatsServer.

func (*StatsServer) GetStats

func (r *StatsServer) GetStats(req rpcwrapper.Request, resp *rpcwrapper.Response) error

GetStats is the function called from the remoteenforcer when it has new flow events to publish.

type TestEnforcerLauncher

type TestEnforcerLauncher interface {
	enforcer.PolicyEnforcer
	MockEnforce(t *testing.T, impl func(contextID string, puInfo *policy.PUInfo) error)
	MockUnenforce(t *testing.T, impl func(contextID string) error)
	MockGetFilterQueue(t *testing.T, impl func() *fqconfig.FilterQueue)
	MockStart(t *testing.T, impl func() error)
	MockStop(t *testing.T, impl func() error)
}

TestEnforcerLauncher is a mock

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL