Documentation
¶
Index ¶
- Variables
- func ComputeTrieKey(n net.IPNet, isIPv6Enabled bool) []byte
- func ComputeTrieValue(l4Info []v1alpha1.Port, log logr.Logger, allowAll, denyAll bool) []byte
- func ConvByteArrayToIP(ipInInt uint32) string
- func ConvByteToIPv6(ipaddr [16]byte) net.IP
- func ConvConntrackV6ToByte(key ConntrackKeyV6) []byte
- func ConvIPv4ToInt(ipaddr net.IP) uint32
- func ConvIPv6ToByte(ipaddr net.IP) []byte
- func ConvIntToIPv4(ipaddr uint32) net.IP
- func ConvIntToIPv4NetworkOrder(ipaddr uint32) net.IP
- func ConvTrieV6ToByte(key BPFTrieKeyV6) []byte
- func CopyV6Bytes(dest *[16]byte, src [16]byte)
- func GetBPFMapPinPathFromPodIdentifier(podIdentifier string, direction string) string
- func GetBPFPinPathFromPodIdentifier(podIdentifier string, direction string) string
- func GetHostVethName(podName, podNamespace string) string
- func GetParentNPNameFromPEName(policyEndpointName string) string
- func GetPodIdentifier(podName, podNamespace string) string
- func GetPodIdentifierFromBPFPinPath(pinPath string) (string, string)
- func GetPodNamespacedName(podName, podNamespace string) string
- func GetPolicyEndpointIdentifier(policyName, policyNamespace string) string
- func GetProtocol(protocolNum int) string
- func IsCatchAllIPEntry(ipAddr string) bool
- func IsFileExistsError(error string) bool
- func IsInvalidFilterListError(error string) bool
- func IsMissingFilterError(error string) bool
- func IsNodeIP(nodeIP string, ipCidr string) bool
- func IsNonHostCIDR(ipAddr string) bool
- type BPFTrieKey
- type BPFTrieKeyV6
- type BPFTrieVal
- type ConntrackKey
- type ConntrackKeyV6
- type ConntrackVal
- type VerdictType
Constants ¶
This section is empty.
Variables ¶
View Source
var ( TCP_PROTOCOL_NUMBER = 6 UDP_PROTOCOL_NUMBER = 17 SCTP_PROTOCOL_NUMBER = 132 ICMP_PROTOCOL_NUMBER = 1 RESERVED_IP_PROTOCOL_NUMBER = 255 // 255 is a reserved protocol value in the IP header ANY_IP_PROTOCOL = 254 TRIE_KEY_LENGTH = 8 TRIE_V6_KEY_LENGTH = 20 TRIE_VALUE_LENGTH = 288 BPF_PROGRAMS_PIN_PATH_DIRECTORY = "/sys/fs/bpf/globals/aws/programs/" BPF_MAPS_PIN_PATH_DIRECTORY = "/sys/fs/bpf/globals/aws/maps/" TC_INGRESS_PROG = "handle_ingress" TC_EGRESS_PROG = "handle_egress" TC_INGRESS_MAP = "ingress_map" TC_EGRESS_MAP = "egress_map" CATCH_ALL_PROTOCOL corev1.Protocol = "ANY_IP_PROTOCOL" DEFAULT_CLUSTER_NAME = "k8s-cluster" ErrFileExists = "file exists" ErrInvalidFilterList = "failed to get filter list" ErrMissingFilter = "no active filter to detach" )
Functions ¶
func ComputeTrieValue ¶
func ConvByteArrayToIP ¶
func ConvByteToIPv6 ¶
func ConvConntrackV6ToByte ¶
func ConvConntrackV6ToByte(key ConntrackKeyV6) []byte
func ConvIPv4ToInt ¶
func ConvIPv6ToByte ¶
func ConvIntToIPv4 ¶
func ConvTrieV6ToByte ¶ added in v1.0.6
func ConvTrieV6ToByte(key BPFTrieKeyV6) []byte
func CopyV6Bytes ¶
func GetHostVethName ¶
func GetParentNPNameFromPEName ¶ added in v1.0.7
func GetPodIdentifier ¶
func GetPodNamespacedName ¶
func GetProtocol ¶ added in v1.0.7
func IsCatchAllIPEntry ¶
func IsFileExistsError ¶
func IsMissingFilterError ¶
func IsNonHostCIDR ¶
Types ¶
type BPFTrieKey ¶ added in v1.0.6
type BPFTrieKeyV6 ¶ added in v1.0.6
func ConvByteToTrieV6 ¶ added in v1.0.6
func ConvByteToTrieV6(keyByte []byte) BPFTrieKeyV6
type BPFTrieVal ¶ added in v1.0.6
type ConntrackKey ¶ added in v1.0.6
type ConntrackKeyV6 ¶
type ConntrackKeyV6 struct {
Source_ip [16]byte
Source_port uint16
Dest_ip [16]byte
Dest_port uint16
Protocol uint8
Owner_ip [16]byte //16
// contains filtered or unexported fields
}
func ConvByteToConntrackV6 ¶
func ConvByteToConntrackV6(keyByte []byte) ConntrackKeyV6
type ConntrackVal ¶
type ConntrackVal struct {
Value uint8
}
type VerdictType ¶ added in v1.0.1
type VerdictType int
const ( DENY VerdictType = iota ACCEPT EXPIRED_DELETED )
func (VerdictType) Index ¶ added in v1.0.1
func (verdictType VerdictType) Index() int
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.