drivers

package
v0.0.0-...-04e5504 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2021 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Nftables 

type Nftables struct{}

Nftables is an implmentation of LXD firewall using nftables.

func (Nftables) Compat 

func (d Nftables) Compat() (bool, bool)

Compat returns whether the host is compatible with this driver and whether the driver backend is in use.

func (Nftables) InstanceClearBridgeFilter 

func (d Nftables) InstanceClearBridgeFilter(projectName, instanceName, deviceName, parentName, hostName, hwAddr string, IPv4, IPv6 net.IP) error

InstanceClearBridgeFilter removes any filter rules that were added to apply bridged device IP filtering.

func (Nftables) InstanceClearProxyNAT 

func (d Nftables) InstanceClearProxyNAT(projectName, instanceName, deviceName string) error

InstanceClearProxyNAT remove DNAT rules for proxy devices.

func (Nftables) InstanceSetupBridgeFilter 

func (d Nftables) InstanceSetupBridgeFilter(projectName, instanceName, deviceName, parentName, hostName, hwAddr string, IPv4, IPv6 net.IP) error

InstanceSetupBridgeFilter sets up the filter rules to apply bridged device IP filtering.

func (Nftables) InstanceSetupProxyNAT 

func (d Nftables) InstanceSetupProxyNAT(projectName, instanceName, deviceName string, listen, connect *deviceConfig.ProxyAddress) error

InstanceSetupProxyNAT creates DNAT rules for proxy devices.

func (Nftables) NetworkClear 

func (d Nftables) NetworkClear(networkName string, ipVersion uint) error

NetworkClear removes the LXD network related chains.

func (Nftables) NetworkSetupDHCPDNSAccess 

func (d Nftables) NetworkSetupDHCPDNSAccess(networkName string, ipVersion uint) error

NetworkSetupDHCPDNSAccess sets up basic nftables overrides for DHCP/DNS.

func (Nftables) NetworkSetupDHCPv4Checksum 

func (d Nftables) NetworkSetupDHCPv4Checksum(networkName string) error

NetworkSetupDHCPv4Checksum attempts a workaround for broken DHCP clients. No-op as not supported by nftables. See https://wiki.nftables.org/wiki-nftables/index.php/Supported_features_compared_to_xtables#CHECKSUM.

func (Nftables) NetworkSetupForwardingPolicy 

func (d Nftables) NetworkSetupForwardingPolicy(networkName string, ipVersion uint, allow bool) error

NetworkSetupForwardingPolicy allows forwarding dependent on boolean argument

func (Nftables) NetworkSetupOutboundNAT 

func (d Nftables) NetworkSetupOutboundNAT(networkName string, subnet *net.IPNet, srcIP net.IP, _ bool) error

NetworkSetupOutboundNAT configures outbound NAT. If srcIP is non-nil then SNAT is used with the specified address, otherwise MASQUERADE mode is used. Append mode is always on and so the append argument is ignored.

func (Nftables) String 

func (d Nftables) String() string

String returns the driver name.

type Xtables 

type Xtables struct{}

Xtables is an implmentation of LXD firewall using {ip, ip6, eb}tables

func (Xtables) Compat 

func (d Xtables) Compat() (bool, bool)

Compat returns whether the host is compatible with this driver and whether the driver backend is in use.

func (Xtables) InstanceClearBridgeFilter 

func (d Xtables) InstanceClearBridgeFilter(projectName, instanceName, deviceName, parentName, hostName, hwAddr string, IPv4, IPv6 net.IP) error

InstanceClearBridgeFilter removes any filter rules that were added to apply bridged device IP filtering.

func (Xtables) InstanceClearProxyNAT 

func (d Xtables) InstanceClearProxyNAT(projectName, instanceName, deviceName string) error

InstanceClearProxyNAT remove DNAT rules for proxy devices.

func (Xtables) InstanceSetupBridgeFilter 

func (d Xtables) InstanceSetupBridgeFilter(projectName, instanceName, deviceName, parentName, hostName, hwAddr string, IPv4, IPv6 net.IP) error

InstanceSetupBridgeFilter sets up the filter rules to apply bridged device IP filtering.

func (Xtables) InstanceSetupProxyNAT 

func (d Xtables) InstanceSetupProxyNAT(projectName, instanceName, deviceName string, listen, connect *deviceConfig.ProxyAddress) error

InstanceSetupProxyNAT creates DNAT rules for proxy devices.

func (Xtables) NetworkClear 

func (d Xtables) NetworkClear(networkName string, ipVersion uint) error

NetworkClear removes network rules from filter, mangle and nat tables.

func (Xtables) NetworkSetupDHCPDNSAccess 

func (d Xtables) NetworkSetupDHCPDNSAccess(networkName string, ipVersion uint) error

NetworkSetupDHCPDNSAccess sets up basic iptables overrides for DHCP/DNS.

func (Xtables) NetworkSetupDHCPv4Checksum 

func (d Xtables) NetworkSetupDHCPv4Checksum(networkName string) error

NetworkSetupDHCPv4Checksum attempts a workaround for broken DHCP clients.

func (Xtables) NetworkSetupForwardingPolicy 

func (d Xtables) NetworkSetupForwardingPolicy(networkName string, ipVersion uint, allow bool) error

NetworkSetupForwardingPolicy allows forwarding dependent on boolean argument

func (Xtables) NetworkSetupOutboundNAT 

func (d Xtables) NetworkSetupOutboundNAT(networkName string, subnet *net.IPNet, srcIP net.IP, appendRule bool) error

NetworkSetupOutboundNAT configures outbound NAT. If srcIP is non-nil then SNAT is used with the specified address, otherwise MASQUERADE mode is used.

func (Xtables) String 

func (d Xtables) String() string

String returns the driver name.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.