listenerv3

type ActiveRawUdpListenerConfig struct {
	// contains filtered or unexported fields
}

type AdditionalAddress struct {
	Address *v3.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
	// Additional socket options that may not be present in Envoy source code or
	// precompiled binaries. If specified, this will override the
	// :ref:`socket_options <envoy_v3_api_field_config.listener.v3.Listener.socket_options>`
	// in the listener. If specified with no
	// :ref:`socket_options <envoy_v3_api_field_config.core.v3.SocketOptionsOverride.socket_options>`
	// or an empty list of :ref:`socket_options <envoy_v3_api_field_config.core.v3.SocketOptionsOverride.socket_options>`,
	// it means no socket option will apply.
	SocketOptions *v3.SocketOptionsOverride `protobuf:"bytes,2,opt,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
	// contains filtered or unexported fields
}

type ApiListener struct {

	// The type in this field determines the type of API listener. At present, the following
	// types are supported:
	// envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager (HTTP)
	// envoy.extensions.filters.network.http_connection_manager.v3.EnvoyMobileHttpConnectionManager (HTTP)
	// [#next-major-version: In the v3 API, replace this Any field with a oneof containing the
	// specific config message for each type of API listener. We could not do this in v2 because
	// it would have caused circular dependencies for go protos: lds.proto depends on this file,
	// and http_connection_manager.proto depends on rds.proto, which is in the same directory as
	// lds.proto, so lds.proto cannot depend on this file.]
	ApiListener *anypb.Any `protobuf:"bytes,1,opt,name=api_listener,json=apiListener,proto3" json:"api_listener,omitempty"`
	// contains filtered or unexported fields
}

type ApiListenerManager struct {
	// contains filtered or unexported fields
}

type Filter struct {

	// The name of the filter configuration.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Types that are assignable to ConfigType:
	//
	//	*Filter_TypedConfig
	//	*Filter_ConfigDiscovery
	ConfigType isFilter_ConfigType `protobuf_oneof:"config_type"`
	// contains filtered or unexported fields
}

type FilterChain struct {

	// The criteria to use when matching a connection to this filter chain.
	FilterChainMatch *FilterChainMatch `protobuf:"bytes,1,opt,name=filter_chain_match,json=filterChainMatch,proto3" json:"filter_chain_match,omitempty"`
	// A list of individual network filters that make up the filter chain for
	// connections established with the listener. Order matters as the filters are
	// processed sequentially as connection events happen. Note: If the filter
	// list is empty, the connection will close by default.
	//
	// For QUIC listeners, network filters other than HTTP Connection Manager (HCM)
	// can be created, but due to differences in the connection implementation compared
	// to TCP, the onData() method will never be called. Therefore, network filters
	// for QUIC listeners should only expect to do work at the start of a new connection
	// (i.e. in onNewConnection()). HCM must be the last (or only) filter in the chain.
	Filters []*Filter `protobuf:"bytes,3,rep,name=filters,proto3" json:"filters,omitempty"`
	// Whether the listener should expect a PROXY protocol V1 header on new
	// connections. If this option is enabled, the listener will assume that that
	// remote address of the connection is the one specified in the header. Some
	// load balancers including the AWS ELB support this option. If the option is
	// absent or set to false, Envoy will use the physical peer address of the
	// connection as the remote address.
	//
	// This field is deprecated. Add a
	// :ref:`PROXY protocol listener filter <config_listener_filters_proxy_protocol>`
	// explicitly instead.
	//
	// Deprecated: Marked as deprecated in envoy/config/listener/v3/listener_components.proto.
	UseProxyProto *wrapperspb.BoolValue `protobuf:"bytes,4,opt,name=use_proxy_proto,json=useProxyProto,proto3" json:"use_proxy_proto,omitempty"`
	// [#not-implemented-hide:] filter chain metadata.
	Metadata *v3.Metadata `protobuf:"bytes,5,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// Optional custom transport socket implementation to use for downstream connections.
	// To setup TLS, set a transport socket with name “envoy.transport_sockets.tls“ and
	// :ref:`DownstreamTlsContext <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.DownstreamTlsContext>` in the “typed_config“.
	// If no transport socket configuration is specified, new connections
	// will be set up with plaintext.
	// [#extension-category: envoy.transport_sockets.downstream]
	TransportSocket *v3.TransportSocket `protobuf:"bytes,6,opt,name=transport_socket,json=transportSocket,proto3" json:"transport_socket,omitempty"`
	// If present and nonzero, the amount of time to allow incoming connections to complete any
	// transport socket negotiations. If this expires before the transport reports connection
	// establishment, the connection is summarily closed.
	TransportSocketConnectTimeout *durationpb.Duration `` /* 152-byte string literal not displayed */
	// The unique name (or empty) by which this filter chain is known.
	// Note: :ref:`filter_chain_matcher
	// <envoy_v3_api_field_config.listener.v3.Listener.filter_chain_matcher>`
	// requires that filter chains are uniquely named within a listener.
	Name string `protobuf:"bytes,7,opt,name=name,proto3" json:"name,omitempty"`
	// [#not-implemented-hide:] The configuration to specify whether the filter chain will be built on-demand.
	// If this field is not empty, the filter chain will be built on-demand.
	// Otherwise, the filter chain will be built normally and block listener warming.
	OnDemandConfiguration *FilterChain_OnDemandConfiguration `` /* 126-byte string literal not displayed */
	// contains filtered or unexported fields
}

type FilterChainMatch struct {

	// Optional destination port to consider when use_original_dst is set on the
	// listener in determining a filter chain match.
	DestinationPort *wrapperspb.UInt32Value `protobuf:"bytes,8,opt,name=destination_port,json=destinationPort,proto3" json:"destination_port,omitempty"`
	// If non-empty, an IP address and prefix length to match addresses when the
	// listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
	PrefixRanges []*v3.CidrRange `protobuf:"bytes,3,rep,name=prefix_ranges,json=prefixRanges,proto3" json:"prefix_ranges,omitempty"`
	// If non-empty, an IP address and suffix length to match addresses when the
	// listener is bound to 0.0.0.0/:: or when use_original_dst is specified.
	// [#not-implemented-hide:]
	AddressSuffix string `protobuf:"bytes,4,opt,name=address_suffix,json=addressSuffix,proto3" json:"address_suffix,omitempty"`
	// [#not-implemented-hide:]
	SuffixLen *wrapperspb.UInt32Value `protobuf:"bytes,5,opt,name=suffix_len,json=suffixLen,proto3" json:"suffix_len,omitempty"`
	// The criteria is satisfied if the directly connected source IP address of the downstream
	// connection is contained in at least one of the specified subnets. If the parameter is not
	// specified or the list is empty, the directly connected source IP address is ignored.
	DirectSourcePrefixRanges []*v3.CidrRange `` /* 138-byte string literal not displayed */
	// Specifies the connection source IP match type. Can be any, local or external network.
	SourceType FilterChainMatch_ConnectionSourceType `` /* 161-byte string literal not displayed */
	// The criteria is satisfied if the source IP address of the downstream
	// connection is contained in at least one of the specified subnets. If the
	// parameter is not specified or the list is empty, the source IP address is
	// ignored.
	SourcePrefixRanges []*v3.CidrRange `protobuf:"bytes,6,rep,name=source_prefix_ranges,json=sourcePrefixRanges,proto3" json:"source_prefix_ranges,omitempty"`
	// The criteria is satisfied if the source port of the downstream connection
	// is contained in at least one of the specified ports. If the parameter is
	// not specified, the source port is ignored.
	SourcePorts []uint32 `protobuf:"varint,7,rep,packed,name=source_ports,json=sourcePorts,proto3" json:"source_ports,omitempty"`
	// If non-empty, a list of server names (e.g. SNI for TLS protocol) to consider when determining
	// a filter chain match. Those values will be compared against the server names of a new
	// connection, when detected by one of the listener filters.
	//
	// The server name will be matched against all wildcard domains, i.e. “www.example.com“
	// will be first matched against “www.example.com“, then “*.example.com“, then “*.com“.
	//
	// Note that partial wildcards are not supported, and values like “*w.example.com“ are invalid.
	// The value “*“ is also not supported, and “server_names“ should be omitted instead.
	//
	// .. attention::
	//
	//	See the :ref:`FAQ entry <faq_how_to_setup_sni>` on how to configure SNI for more
	//	information.
	ServerNames []string `protobuf:"bytes,11,rep,name=server_names,json=serverNames,proto3" json:"server_names,omitempty"`
	// If non-empty, a transport protocol to consider when determining a filter chain match.
	// This value will be compared against the transport protocol of a new connection, when
	// it's detected by one of the listener filters.
	//
	// Suggested values include:
	//
	//   - “raw_buffer“ - default, used when no transport protocol is detected,
	//   - “tls“ - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
	//     when TLS protocol is detected.
	TransportProtocol string `protobuf:"bytes,9,opt,name=transport_protocol,json=transportProtocol,proto3" json:"transport_protocol,omitempty"`
	// If non-empty, a list of application protocols (e.g. ALPN for TLS protocol) to consider when
	// determining a filter chain match. Those values will be compared against the application
	// protocols of a new connection, when detected by one of the listener filters.
	//
	// Suggested values include:
	//
	//   - “http/1.1“ - set by :ref:`envoy.filters.listener.tls_inspector
	//     <config_listener_filters_tls_inspector>`,
	//   - “h2“ - set by :ref:`envoy.filters.listener.tls_inspector <config_listener_filters_tls_inspector>`
	//
	// .. attention::
	//
	//	Currently, only :ref:`TLS Inspector <config_listener_filters_tls_inspector>` provides
	//	application protocol detection based on the requested
	//	`ALPN <https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation>`_ values.
	//
	//	However, the use of ALPN is pretty much limited to the HTTP/2 traffic on the Internet,
	//	and matching on values other than “h2“ is going to lead to a lot of false negatives,
	//	unless all connecting clients are known to use ALPN.
	ApplicationProtocols []string `protobuf:"bytes,10,rep,name=application_protocols,json=applicationProtocols,proto3" json:"application_protocols,omitempty"`
	// contains filtered or unexported fields
}

type FilterChainMatch_ConnectionSourceType int32

type FilterChain_OnDemandConfiguration struct {

	// The timeout to wait for filter chain placeholders to complete rebuilding.
	// 1. If this field is set to 0, timeout is disabled.
	// 2. If not specified, a default timeout of 15s is used.
	// Rebuilding will wait until dependencies are ready, have failed, or this timeout is reached.
	// Upon failure or timeout, all connections related to this filter chain will be closed.
	// Rebuilding will start again on the next new connection.
	RebuildTimeout *durationpb.Duration `protobuf:"bytes,1,opt,name=rebuild_timeout,json=rebuildTimeout,proto3" json:"rebuild_timeout,omitempty"`
	// contains filtered or unexported fields
}

type Filter_ConfigDiscovery struct {
	// Configuration source specifier for an extension configuration discovery
	// service. In case of a failure and without the default configuration, the
	// listener closes the connections.
	ConfigDiscovery *v3.ExtensionConfigSource `protobuf:"bytes,5,opt,name=config_discovery,json=configDiscovery,proto3,oneof"`
}

type Filter_TypedConfig struct {
	// Filter specific configuration which depends on the filter being
	// instantiated. See the supported filters for further documentation.
	// [#extension-category: envoy.filters.network]
	TypedConfig *anypb.Any `protobuf:"bytes,4,opt,name=typed_config,json=typedConfig,proto3,oneof"`
}

type Listener struct {

	// The unique name by which this listener is known. If no name is provided,
	// Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically
	// updated or removed via :ref:`LDS <config_listeners_lds>` a unique name must be provided.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The address that the listener should listen on. In general, the address must be unique, though
	// that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on
	// Linux as the actual port will be allocated by the OS.
	// Required unless “api_listener“ or “listener_specifier“ is populated.
	Address *v3.Address `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"`
	// The additional addresses the listener should listen on. The addresses must be unique across all
	// listeners. Multiple addresses with port 0 can be supplied. When using multiple addresses in a single listener,
	// all addresses use the same protocol, and multiple internal addresses are not supported.
	AdditionalAddresses []*AdditionalAddress `protobuf:"bytes,33,rep,name=additional_addresses,json=additionalAddresses,proto3" json:"additional_addresses,omitempty"`
	// Optional prefix to use on listener stats. If empty, the stats will be rooted at
	// “listener.<address as string>.“. If non-empty, stats will be rooted at
	// “listener.<stat_prefix>.“.
	StatPrefix string `protobuf:"bytes,28,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
	// A list of filter chains to consider for this listener. The
	// :ref:`FilterChain <envoy_v3_api_msg_config.listener.v3.FilterChain>` with the most specific
	// :ref:`FilterChainMatch <envoy_v3_api_msg_config.listener.v3.FilterChainMatch>` criteria is used on a
	// connection.
	//
	// Example using SNI for filter chain selection can be found in the
	// :ref:`FAQ entry <faq_how_to_setup_sni>`.
	FilterChains []*FilterChain `protobuf:"bytes,3,rep,name=filter_chains,json=filterChains,proto3" json:"filter_chains,omitempty"`
	// :ref:`Matcher API <arch_overview_matching_listener>` resolving the filter chain name from the
	// network properties. This matcher is used as a replacement for the filter chain match condition
	// :ref:`filter_chain_match
	// <envoy_v3_api_field_config.listener.v3.FilterChain.filter_chain_match>`. If specified, all
	// :ref:`filter_chains <envoy_v3_api_field_config.listener.v3.Listener.filter_chains>` must have a
	// non-empty and unique :ref:`name <envoy_v3_api_field_config.listener.v3.FilterChain.name>` field
	// and not specify :ref:`filter_chain_match
	// <envoy_v3_api_field_config.listener.v3.FilterChain.filter_chain_match>` field.
	//
	// .. note::
	//
	//	Once matched, each connection is permanently bound to its filter chain.
	//	If the matcher changes but the filter chain remains the same, the
	//	connections bound to the filter chain are not drained. If, however, the
	//	filter chain is removed or structurally modified, then the drain for its
	//	connections is initiated.
	FilterChainMatcher *v32.Matcher `protobuf:"bytes,32,opt,name=filter_chain_matcher,json=filterChainMatcher,proto3" json:"filter_chain_matcher,omitempty"`
	// If a connection is redirected using “iptables“, the port on which the proxy
	// receives it might be different from the original destination address. When this flag is set to
	// true, the listener hands off redirected connections to the listener associated with the
	// original destination address. If there is no listener associated with the original destination
	// address, the connection is handled by the listener that receives it. Defaults to false.
	UseOriginalDst *wrapperspb.BoolValue `protobuf:"bytes,4,opt,name=use_original_dst,json=useOriginalDst,proto3" json:"use_original_dst,omitempty"`
	// The default filter chain if none of the filter chain matches. If no default filter chain is supplied,
	// the connection will be closed. The filter chain match is ignored in this field.
	DefaultFilterChain *FilterChain `protobuf:"bytes,25,opt,name=default_filter_chain,json=defaultFilterChain,proto3" json:"default_filter_chain,omitempty"`
	// Soft limit on size of the listener’s new connection read and write buffers.
	// If unspecified, an implementation defined default is applied (1MiB).
	PerConnectionBufferLimitBytes *wrapperspb.UInt32Value `` /* 154-byte string literal not displayed */
	// Listener metadata.
	Metadata *v3.Metadata `protobuf:"bytes,6,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// [#not-implemented-hide:]
	//
	// Deprecated: Marked as deprecated in envoy/config/listener/v3/listener.proto.
	DeprecatedV1 *Listener_DeprecatedV1 `protobuf:"bytes,7,opt,name=deprecated_v1,json=deprecatedV1,proto3" json:"deprecated_v1,omitempty"`
	// The type of draining to perform at a listener-wide level.
	DrainType Listener_DrainType `` /* 138-byte string literal not displayed */
	// Listener filters have the opportunity to manipulate and augment the connection metadata that
	// is used in connection filter chain matching, for example. These filters are run before any in
	// :ref:`filter_chains <envoy_v3_api_field_config.listener.v3.Listener.filter_chains>`. Order matters as the
	// filters are processed sequentially right after a socket has been accepted by the listener, and
	// before a connection is created.
	// UDP Listener filters can be specified when the protocol in the listener socket address in
	// :ref:`protocol <envoy_v3_api_field_config.core.v3.SocketAddress.protocol>` is :ref:`UDP
	// <envoy_v3_api_enum_value_config.core.v3.SocketAddress.Protocol.UDP>` and no
	// :ref:`quic_options <envoy_v3_api_field_config.listener.v3.UdpListenerConfig.quic_options>` is specified in :ref:`udp_listener_config <envoy_v3_api_field_config.listener.v3.Listener.udp_listener_config>`.
	// QUIC listener filters can be specified when :ref:`quic_options
	// <envoy_v3_api_field_config.listener.v3.UdpListenerConfig.quic_options>` is
	// specified in :ref:`udp_listener_config <envoy_v3_api_field_config.listener.v3.Listener.udp_listener_config>`.
	// They are processed sequentially right before connection creation. And like TCP Listener filters, they can be used to manipulate the connection metadata and socket. But the difference is that they can't be used to pause connection creation.
	ListenerFilters []*ListenerFilter `protobuf:"bytes,9,rep,name=listener_filters,json=listenerFilters,proto3" json:"listener_filters,omitempty"`
	// The timeout to wait for all listener filters to complete operation. If the timeout is reached,
	// the accepted socket is closed without a connection being created unless
	// “continue_on_listener_filters_timeout“ is set to true. Specify 0 to disable the
	// timeout. If not specified, a default timeout of 15s is used.
	ListenerFiltersTimeout *durationpb.Duration `` /* 130-byte string literal not displayed */
	// Whether a connection should be created when listener filters timeout. Default is false.
	//
	// .. attention::
	//
	//	Some listener filters, such as :ref:`Proxy Protocol filter
	//	<config_listener_filters_proxy_protocol>`, should not be used with this option. It will cause
	//	unexpected behavior when a connection is created.
	ContinueOnListenerFiltersTimeout bool `` /* 165-byte string literal not displayed */
	// Whether the listener should be set as a transparent socket.
	// When this flag is set to true, connections can be redirected to the listener using an
	// “iptables“ “TPROXY“ target, in which case the original source and destination addresses and
	// ports are preserved on accepted connections. This flag should be used in combination with
	// :ref:`an original_dst <config_listener_filters_original_dst>` :ref:`listener filter
	// <envoy_v3_api_field_config.listener.v3.Listener.listener_filters>` to mark the connections' local addresses as
	// "restored." This can be used to hand off each redirected connection to another listener
	// associated with the connection's destination address. Direct connections to the socket without
	// using “TPROXY“ cannot be distinguished from connections redirected using “TPROXY“ and are
	// therefore treated as if they were redirected.
	// When this flag is set to false, the listener's socket is explicitly reset as non-transparent.
	// Setting this flag requires Envoy to run with the “CAP_NET_ADMIN“ capability.
	// When this flag is not set (default), the socket is not modified, i.e. the transparent option
	// is neither set nor reset.
	Transparent *wrapperspb.BoolValue `protobuf:"bytes,10,opt,name=transparent,proto3" json:"transparent,omitempty"`
	// Whether the listener should set the “IP_FREEBIND“ socket option. When this
	// flag is set to true, listeners can be bound to an IP address that is not
	// configured on the system running Envoy. When this flag is set to false, the
	// option “IP_FREEBIND“ is disabled on the socket. When this flag is not set
	// (default), the socket is not modified, i.e. the option is neither enabled
	// nor disabled.
	Freebind *wrapperspb.BoolValue `protobuf:"bytes,11,opt,name=freebind,proto3" json:"freebind,omitempty"`
	// Additional socket options that may not be present in Envoy source code or
	// precompiled binaries. The socket options can be updated for a listener when
	// :ref:`enable_reuse_port <envoy_v3_api_field_config.listener.v3.Listener.enable_reuse_port>`
	// is “true“. Otherwise, if socket options change during a listener update the update will be rejected
	// to make it clear that the options were not updated.
	SocketOptions []*v3.SocketOption `protobuf:"bytes,13,rep,name=socket_options,json=socketOptions,proto3" json:"socket_options,omitempty"`
	// Whether the listener should accept TCP Fast Open (TFO) connections.
	// When this flag is set to a value greater than 0, the option TCP_FASTOPEN is enabled on
	// the socket, with a queue length of the specified size
	// (see `details in RFC7413 <https://tools.ietf.org/html/rfc7413#section-5.1>`_).
	// When this flag is set to 0, the option TCP_FASTOPEN is disabled on the socket.
	// When this flag is not set (default), the socket is not modified,
	// i.e. the option is neither enabled nor disabled.
	//
	// On Linux, the net.ipv4.tcp_fastopen kernel parameter must include flag 0x2 to enable
	// TCP_FASTOPEN.
	// See `ip-sysctl.txt <https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt>`_.
	//
	// On macOS, only values of 0, 1, and unset are valid; other values may result in an error.
	// To set the queue length on macOS, set the net.inet.tcp.fastopen_backlog kernel parameter.
	TcpFastOpenQueueLength *wrapperspb.UInt32Value `` /* 134-byte string literal not displayed */
	// Specifies the intended direction of the traffic relative to the local Envoy.
	// This property is required on Windows for listeners using the original destination filter,
	// see :ref:`Original Destination <config_listener_filters_original_dst>`.
	TrafficDirection v3.TrafficDirection `` /* 154-byte string literal not displayed */
	// If the protocol in the listener socket address in :ref:`protocol
	// <envoy_v3_api_field_config.core.v3.SocketAddress.protocol>` is :ref:`UDP
	// <envoy_v3_api_enum_value_config.core.v3.SocketAddress.Protocol.UDP>`, this field specifies UDP
	// listener specific configuration.
	UdpListenerConfig *UdpListenerConfig `protobuf:"bytes,18,opt,name=udp_listener_config,json=udpListenerConfig,proto3" json:"udp_listener_config,omitempty"`
	// Used to represent an API listener, which is used in non-proxy clients. The type of API
	// exposed to the non-proxy application depends on the type of API listener.
	// When this field is set, no other field except for :ref:`name<envoy_v3_api_field_config.listener.v3.Listener.name>`
	// should be set.
	//
	// .. note::
	//
	//	Currently only one ApiListener can be installed; and it can only be done via bootstrap config,
	//	not LDS.
	//
	// [#next-major-version: In the v3 API, instead of this messy approach where the socket
	// listener fields are directly in the top-level Listener message and the API listener types
	// are in the ApiListener message, the socket listener messages should be in their own message,
	// and the top-level Listener should essentially be a oneof that selects between the
	// socket listener and the various types of API listener. That way, a given Listener message
	// can structurally only contain the fields of the relevant type.]
	ApiListener *ApiListener `protobuf:"bytes,19,opt,name=api_listener,json=apiListener,proto3" json:"api_listener,omitempty"`
	// The listener's connection balancer configuration, currently only applicable to TCP listeners.
	// If no configuration is specified, Envoy will not attempt to balance active connections between
	// worker threads.
	//
	// In the scenario that the listener X redirects all the connections to the listeners Y1 and Y2
	// by setting :ref:`use_original_dst <envoy_v3_api_field_config.listener.v3.Listener.use_original_dst>` in X
	// and :ref:`bind_to_port <envoy_v3_api_field_config.listener.v3.Listener.bind_to_port>` to false in Y1 and Y2,
	// it is recommended to disable the balance config in listener X to avoid the cost of balancing, and
	// enable the balance config in Y1 and Y2 to balance the connections among the workers.
	ConnectionBalanceConfig *Listener_ConnectionBalanceConfig `` /* 133-byte string literal not displayed */
	// Deprecated. Use “enable_reuse_port“ instead.
	//
	// Deprecated: Marked as deprecated in envoy/config/listener/v3/listener.proto.
	ReusePort bool `protobuf:"varint,21,opt,name=reuse_port,json=reusePort,proto3" json:"reuse_port,omitempty"`
	// When this flag is set to true, listeners set the “SO_REUSEPORT“ socket option and
	// create one socket for each worker thread. This makes inbound connections
	// distribute among worker threads roughly evenly in cases where there are a high number
	// of connections. When this flag is set to false, all worker threads share one socket. This field
	// defaults to true. The change of field will be rejected during an listener update when the
	// runtime flag “envoy.reloadable_features.enable_update_listener_socket_options“ is enabled.
	// Otherwise, the update of this field will be ignored quietly.
	//
	// .. attention::
	//
	//	Although this field defaults to true, it has different behavior on different platforms. See
	//	the following text for more information.
	//
	//   - On Linux, reuse_port is respected for both TCP and UDP listeners. It also works correctly
	//     with hot restart.
	//   - On macOS, reuse_port for TCP does not do what it does on Linux. Instead of load balancing,
	//     the last socket wins and receives all connections/packets. For TCP, reuse_port is force
	//     disabled and the user is warned. For UDP, it is enabled, but only one worker will receive
	//     packets. For QUIC/H3, SW routing will send packets to other workers. For "raw" UDP, only
	//     a single worker will currently receive packets.
	//   - On Windows, reuse_port for TCP has undefined behavior. It is force disabled and the user
	//     is warned similar to macOS. It is left enabled for UDP with undefined behavior currently.
	EnableReusePort *wrapperspb.BoolValue `protobuf:"bytes,29,opt,name=enable_reuse_port,json=enableReusePort,proto3" json:"enable_reuse_port,omitempty"`
	// Configuration for :ref:`access logs <arch_overview_access_logs>`
	// emitted by this listener.
	AccessLog []*v33.AccessLog `protobuf:"bytes,22,rep,name=access_log,json=accessLog,proto3" json:"access_log,omitempty"`
	// The maximum length a tcp listener's pending connections queue can grow to. If no value is
	// provided net.core.somaxconn will be used on Linux and 128 otherwise.
	TcpBacklogSize *wrapperspb.UInt32Value `protobuf:"bytes,24,opt,name=tcp_backlog_size,json=tcpBacklogSize,proto3" json:"tcp_backlog_size,omitempty"`
	// The maximum number of connections to accept from the kernel per socket
	// event. Envoy may decide to close these connections after accepting them
	// from the kernel e.g. due to load shedding, or other policies.
	// If there are more than max_connections_to_accept_per_socket_event
	// connections pending accept, connections over this threshold will be
	// accepted in later event loop iterations.
	// If no value is provided Envoy will accept all connections pending accept
	// from the kernel.
	MaxConnectionsToAcceptPerSocketEvent *wrapperspb.UInt32Value `` /* 180-byte string literal not displayed */
	// Whether the listener should bind to the port. A listener that doesn't
	// bind can only receive connections redirected from other listeners that set
	// :ref:`use_original_dst <envoy_v3_api_field_config.listener.v3.Listener.use_original_dst>`
	// to true. Default is true.
	BindToPort *wrapperspb.BoolValue `protobuf:"bytes,26,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"`
	// The exclusive listener type and the corresponding config.
	//
	// Types that are assignable to ListenerSpecifier:
	//
	//	*Listener_InternalListener
	ListenerSpecifier isListener_ListenerSpecifier `protobuf_oneof:"listener_specifier"`
	// Enable MPTCP (multi-path TCP) on this listener. Clients will be allowed to establish
	// MPTCP connections. Non-MPTCP clients will fall back to regular TCP.
	EnableMptcp bool `protobuf:"varint,30,opt,name=enable_mptcp,json=enableMptcp,proto3" json:"enable_mptcp,omitempty"`
	// Whether the listener should limit connections based upon the value of
	// :ref:`global_downstream_max_connections <config_overload_manager_limiting_connections>`.
	IgnoreGlobalConnLimit bool `` /* 130-byte string literal not displayed */
	// contains filtered or unexported fields
}

type ListenerCollection struct {
	Entries []*v31.CollectionEntry `protobuf:"bytes,1,rep,name=entries,proto3" json:"entries,omitempty"`
	// contains filtered or unexported fields
}

type ListenerFilter struct {

	// The name of the filter configuration.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Types that are assignable to ConfigType:
	//
	//	*ListenerFilter_TypedConfig
	//	*ListenerFilter_ConfigDiscovery
	ConfigType isListenerFilter_ConfigType `protobuf_oneof:"config_type"`
	// Optional match predicate used to disable the filter. The filter is enabled when this field is empty.
	// See :ref:`ListenerFilterChainMatchPredicate <envoy_v3_api_msg_config.listener.v3.ListenerFilterChainMatchPredicate>`
	// for further examples.
	FilterDisabled *ListenerFilterChainMatchPredicate `protobuf:"bytes,4,opt,name=filter_disabled,json=filterDisabled,proto3" json:"filter_disabled,omitempty"`
	// contains filtered or unexported fields
}

type ListenerFilterChainMatchPredicate struct {

	// Types that are assignable to Rule:
	//
	//	*ListenerFilterChainMatchPredicate_OrMatch
	//	*ListenerFilterChainMatchPredicate_AndMatch
	//	*ListenerFilterChainMatchPredicate_NotMatch
	//	*ListenerFilterChainMatchPredicate_AnyMatch
	//	*ListenerFilterChainMatchPredicate_DestinationPortRange
	Rule isListenerFilterChainMatchPredicate_Rule `protobuf_oneof:"rule"`
	// contains filtered or unexported fields
}

type ListenerFilterChainMatchPredicate_AndMatch struct {
	// A set that describes a logical AND. If all members of the set match, the match configuration
	// matches.
	AndMatch *ListenerFilterChainMatchPredicate_MatchSet `protobuf:"bytes,2,opt,name=and_match,json=andMatch,proto3,oneof"`
}

type ListenerFilterChainMatchPredicate_AnyMatch struct {
	// The match configuration will always match.
	AnyMatch bool `protobuf:"varint,4,opt,name=any_match,json=anyMatch,proto3,oneof"`
}

type ListenerFilterChainMatchPredicate_DestinationPortRange struct {
	// Match destination port. Particularly, the match evaluation must use the recovered local port if
	// the owning listener filter is after :ref:`an original_dst listener filter <config_listener_filters_original_dst>`.
	DestinationPortRange *v31.Int32Range `protobuf:"bytes,5,opt,name=destination_port_range,json=destinationPortRange,proto3,oneof"`
}

type ListenerFilterChainMatchPredicate_MatchSet struct {

	// The list of rules that make up the set.
	Rules []*ListenerFilterChainMatchPredicate `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
	// contains filtered or unexported fields
}

type ListenerFilterChainMatchPredicate_NotMatch struct {
	// A negation match. The match configuration will match if the negated match condition matches.
	NotMatch *ListenerFilterChainMatchPredicate `protobuf:"bytes,3,opt,name=not_match,json=notMatch,proto3,oneof"`
}

type ListenerFilterChainMatchPredicate_OrMatch struct {
	// A set that describes a logical OR. If any member of the set matches, the match configuration
	// matches.
	OrMatch *ListenerFilterChainMatchPredicate_MatchSet `protobuf:"bytes,1,opt,name=or_match,json=orMatch,proto3,oneof"`
}

type ListenerFilter_ConfigDiscovery struct {
	// Configuration source specifier for an extension configuration discovery
	// service. In case of a failure and without the default configuration, the
	// listener closes the connections.
	ConfigDiscovery *v3.ExtensionConfigSource `protobuf:"bytes,5,opt,name=config_discovery,json=configDiscovery,proto3,oneof"`
}

type ListenerFilter_TypedConfig struct {
	// Filter specific configuration which depends on the filter being
	// instantiated. See the supported filters for further documentation.
	// [#extension-category: envoy.filters.listener,envoy.filters.udp_listener]
	TypedConfig *anypb.Any `protobuf:"bytes,3,opt,name=typed_config,json=typedConfig,proto3,oneof"`
}

type ListenerManager struct {
	// contains filtered or unexported fields
}

type Listener_ConnectionBalanceConfig struct {

	// Types that are assignable to BalanceType:
	//
	//	*Listener_ConnectionBalanceConfig_ExactBalance_
	//	*Listener_ConnectionBalanceConfig_ExtendBalance
	BalanceType isListener_ConnectionBalanceConfig_BalanceType `protobuf_oneof:"balance_type"`
	// contains filtered or unexported fields
}

type Listener_ConnectionBalanceConfig_ExactBalance struct {
	// contains filtered or unexported fields
}

type Listener_ConnectionBalanceConfig_ExactBalance_ struct {
	// If specified, the listener will use the exact connection balancer.
	ExactBalance *Listener_ConnectionBalanceConfig_ExactBalance `protobuf:"bytes,1,opt,name=exact_balance,json=exactBalance,proto3,oneof"`
}

type Listener_ConnectionBalanceConfig_ExtendBalance struct {
	// The listener will use the connection balancer according to “type_url“. If “type_url“ is invalid,
	// Envoy will not attempt to balance active connections between worker threads.
	// [#extension-category: envoy.network.connection_balance]
	ExtendBalance *v3.TypedExtensionConfig `protobuf:"bytes,2,opt,name=extend_balance,json=extendBalance,proto3,oneof"`
}

type Listener_DeprecatedV1 struct {

	// Whether the listener should bind to the port. A listener that doesn't
	// bind can only receive connections redirected from other listeners that
	// set use_original_dst parameter to true. Default is true.
	//
	// This is deprecated. Use :ref:`Listener.bind_to_port
	// <envoy_v3_api_field_config.listener.v3.Listener.bind_to_port>`
	BindToPort *wrapperspb.BoolValue `protobuf:"bytes,1,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"`
	// contains filtered or unexported fields
}

type Listener_DrainType int32

type Listener_InternalListener struct {
	// Used to represent an internal listener which does not listen on OSI L4 address but can be used by the
	// :ref:`envoy cluster <envoy_v3_api_msg_config.cluster.v3.Cluster>` to create a user space connection to.
	// The internal listener acts as a TCP listener. It supports listener filters and network filter chains.
	// Upstream clusters refer to the internal listeners by their :ref:`name
	// <envoy_v3_api_field_config.listener.v3.Listener.name>`. :ref:`Address
	// <envoy_v3_api_field_config.listener.v3.Listener.address>` must not be set on the internal listeners.
	//
	// There are some limitations that are derived from the implementation. The known limitations include:
	//
	//   - :ref:`ConnectionBalanceConfig <envoy_v3_api_msg_config.listener.v3.Listener.ConnectionBalanceConfig>` is not
	//     allowed because both the cluster connection and the listener connection must be owned by the same dispatcher.
	//   - :ref:`tcp_backlog_size <envoy_v3_api_field_config.listener.v3.Listener.tcp_backlog_size>`
	//   - :ref:`freebind <envoy_v3_api_field_config.listener.v3.Listener.freebind>`
	//   - :ref:`transparent <envoy_v3_api_field_config.listener.v3.Listener.transparent>`
	InternalListener *Listener_InternalListenerConfig `protobuf:"bytes,27,opt,name=internal_listener,json=internalListener,proto3,oneof"`
}

type Listener_InternalListenerConfig struct {
	// contains filtered or unexported fields
}

type QuicProtocolOptions struct {
	QuicProtocolOptions *v3.QuicProtocolOptions `protobuf:"bytes,1,opt,name=quic_protocol_options,json=quicProtocolOptions,proto3" json:"quic_protocol_options,omitempty"`
	// Maximum number of milliseconds that connection will be alive when there is
	// no network activity.
	//
	// If it is less than 1ms, Envoy will use 1ms. 300000ms if not specified.
	IdleTimeout *durationpb.Duration `protobuf:"bytes,2,opt,name=idle_timeout,json=idleTimeout,proto3" json:"idle_timeout,omitempty"`
	// Connection timeout in milliseconds before the crypto handshake is finished.
	//
	// If it is less than 5000ms, Envoy will use 5000ms. 20000ms if not specified.
	CryptoHandshakeTimeout *durationpb.Duration `` /* 129-byte string literal not displayed */
	// Runtime flag that controls whether the listener is enabled or not. If not specified, defaults
	// to enabled.
	Enabled *v3.RuntimeFeatureFlag `protobuf:"bytes,4,opt,name=enabled,proto3" json:"enabled,omitempty"`
	// A multiplier to number of connections which is used to determine how many packets to read per
	// event loop. A reasonable number should allow the listener to process enough payload but not
	// starve TCP and other UDP sockets and also prevent long event loop duration.
	// The default value is 32. This means if there are N QUIC connections, the total number of
	// packets to read in each read event will be 32 * N.
	// The actual number of packets to read in total by the UDP listener is also
	// bound by 6000, regardless of this field or how many connections there are.
	PacketsToReadToConnectionCountRatio *wrapperspb.UInt32Value `` /* 176-byte string literal not displayed */
	// Configure which implementation of “quic::QuicCryptoClientStreamBase“ to be used for this listener.
	// If not specified the :ref:`QUICHE default one configured by <envoy_v3_api_msg_extensions.quic.crypto_stream.v3.CryptoServerStreamConfig>` will be used.
	// [#extension-category: envoy.quic.server.crypto_stream]
	CryptoStreamConfig *v3.TypedExtensionConfig `protobuf:"bytes,6,opt,name=crypto_stream_config,json=cryptoStreamConfig,proto3" json:"crypto_stream_config,omitempty"`
	// Configure which implementation of “quic::ProofSource“ to be used for this listener.
	// If not specified the :ref:`default one configured by <envoy_v3_api_msg_extensions.quic.proof_source.v3.ProofSourceConfig>` will be used.
	// [#extension-category: envoy.quic.proof_source]
	ProofSourceConfig *v3.TypedExtensionConfig `protobuf:"bytes,7,opt,name=proof_source_config,json=proofSourceConfig,proto3" json:"proof_source_config,omitempty"`
	// Config which implementation of “quic::ConnectionIdGeneratorInterface“ to be used for this listener.
	// If not specified the :ref:`default one configured by <envoy_v3_api_msg_extensions.quic.connection_id_generator.v3.DeterministicConnectionIdGeneratorConfig>` will be used.
	// [#extension-category: envoy.quic.connection_id_generator]
	ConnectionIdGeneratorConfig *v3.TypedExtensionConfig `` /* 146-byte string literal not displayed */
	// Configure the server's preferred address to advertise so that client can migrate to it. See :ref:`example <envoy_v3_api_msg_extensions.quic.server_preferred_address.v3.FixedServerPreferredAddressConfig>` which configures a pair of v4 and v6 preferred addresses.
	// The current QUICHE implementation will advertise only one of the preferred IPv4 and IPv6 addresses based on the address family the client initially connects with.
	// If not specified, Envoy will not advertise any server's preferred address.
	// [#extension-category: envoy.quic.server_preferred_address]
	ServerPreferredAddressConfig *v3.TypedExtensionConfig `` /* 149-byte string literal not displayed */
	// Configure the server to send transport parameter `disable_active_migration <https://www.rfc-editor.org/rfc/rfc9000#section-18.2-4.30.1>`_.
	// Defaults to false (do not send this transport parameter).
	SendDisableActiveMigration *wrapperspb.BoolValue `` /* 144-byte string literal not displayed */
	// contains filtered or unexported fields
}

type UdpListenerConfig struct {

	// UDP socket configuration for the listener. The default for
	// :ref:`prefer_gro <envoy_v3_api_field_config.core.v3.UdpSocketConfig.prefer_gro>` is false for
	// listener sockets. If receiving a large amount of datagrams from a small number of sources, it
	// may be worthwhile to enable this option after performance testing.
	DownstreamSocketConfig *v3.UdpSocketConfig `` /* 129-byte string literal not displayed */
	// Configuration for QUIC protocol. If empty, QUIC will not be enabled on this listener. Set
	// to the default object to enable QUIC without modifying any additional options.
	QuicOptions *QuicProtocolOptions `protobuf:"bytes,7,opt,name=quic_options,json=quicOptions,proto3" json:"quic_options,omitempty"`
	// Configuration for the UDP packet writer. If empty, HTTP/3 will use GSO if available
	// (:ref:`UdpDefaultWriterFactory <envoy_v3_api_msg_extensions.udp_packet_writer.v3.UdpGsoBatchWriterFactory>`)
	// or the default kernel sendmsg if not,
	// (:ref:`UdpDefaultWriterFactory <envoy_v3_api_msg_extensions.udp_packet_writer.v3.UdpDefaultWriterFactory>`)
	// and raw UDP will use kernel sendmsg.
	// [#extension-category: envoy.udp_packet_writer]
	UdpPacketPacketWriterConfig *v3.TypedExtensionConfig `` /* 148-byte string literal not displayed */
	// contains filtered or unexported fields
}

type ValidationListenerManager struct {
	// contains filtered or unexported fields
}