trireme-lib: Index | Files | Directories

package enforcer

import ""


Package Files


type DebugInfo Uses

type DebugInfo interface {
    //  EnableDatapathPacketTracing will enable tracing of packets received by the datapath for a particular PU. Setting Disabled as tracing direction will stop tracing for the contextID
    EnableDatapathPacketTracing(contextID string, direction packettracing.TracingDirection, interval time.Duration) error

DebugInfo is interface to implement methods to configure datapath packet tracing in the nfqdatapath

type Enforcer Uses

type Enforcer interface {

    // Enforce starts enforcing policies for the given policy.PUInfo.
    Enforce(contextID string, puInfo *policy.PUInfo) error

    // Unenforce stops enforcing policy for the given IP.
    Unenforce(contextID string) error

    // GetFilterQueue returns the current FilterQueueConfig.
    GetFilterQueue() *fqconfig.FilterQueue

    // Run starts the PolicyEnforcer.
    Run(ctx context.Context) error

    // UpdateSecrets -- updates the secrets of running enforcers managed by trireme. Remote enforcers will get the secret updates with the next policy push
    UpdateSecrets(secrets secrets.Secrets) error

    SetTargetNetworks(cfg *runtime.Configuration) error

A Enforcer is an implementation of the enforcer datapath. The interface can be implemented by one or multiple datapaths.

func New Uses

func New(
    mutualAuthorization bool,
    fqConfig *fqconfig.FilterQueue,
    collector collector.EventCollector,
    service packetprocessor.PacketProcessor,
    secrets secrets.Secrets,
    serverID string,
    validity time.Duration,
    mode constants.ModeType,
    procMountPoint string,
    externalIPCacheTimeout time.Duration,
    packetLogs bool,
    cfg *runtime.Configuration,
) (Enforcer, error)

New returns a new policy enforcer that implements both the data paths.

func NewWithDefaults Uses

func NewWithDefaults(
    serverID string,
    collector collector.EventCollector,
    service packetprocessor.PacketProcessor,
    secrets secrets.Secrets,
    mode constants.ModeType,
    procMountPoint string,
    targetNetworks []string,
) Enforcer

NewWithDefaults create a new data path with most things used by default


proxyPackage enforcerproxy :: This is the implementation of the RPC client It implements the interface of Trireme Enforcer and forwards these requests to the actual remote enforcer instead of implementing locally
utils/packetgenPackage packetgen "PacketGen" is a Packet Generator library Current version: V1.0, Updates are coming soon
utils/rpcwrapper/mockrpcwrapperPackage mockrpcwrapper is a generated GoMock package.

Package enforcer imports 17 packages (graph) and is imported by 8 packages. Updated 2019-03-20. Refresh now. Tools for package owners.