The highest tagged major version is v11.

acls

package

v10.358.0+incompatible Latest Latest Go to latest Published: Apr 23, 2021 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aporeto-inc/trireme-lib

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Variables
type ACLCache
- func NewACLCache() *ACLCache
type Address
- func ParseAddress(address string) (*Address, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoMatch = errors.New("No Match")

ErrNoMatch is error returned when no match is found.

Functions ¶

This section is empty.

Types ¶

type ACLCache ¶

type ACLCache struct {
	// contains filtered or unexported fields
}

ACLCache holds all the ACLS in an internal DB map[prefixes][subnets] -> list of ports with their actions

func (*ACLCache) AddRule ¶

func (c *ACLCache) AddRule(rule policy.IPRule) (err error)

AddRule adds a single rule to the ACL Cache

func (*ACLCache) AddRuleList ¶

func (c *ACLCache) AddRuleList(rules policy.IPRuleList) (err error)

AddRuleList adds a list of rules to the cache

func (*ACLCache) GetMatchingAction ¶

func (c *ACLCache) GetMatchingAction(ip net.IP, port uint16, proto uint8, defaultFlowPolicy *policy.FlowPolicy) (report *policy.FlowPolicy, packet *policy.FlowPolicy, err error)

GetMatchingAction gets the action from the acl cache

func (*ACLCache) GetMatchingICMPAction ¶

func (c *ACLCache) GetMatchingICMPAction(ip net.IP, icmpType, icmpCode int8, defaultFlowPolicy *policy.FlowPolicy) (report *policy.FlowPolicy, packet *policy.FlowPolicy, err error)

GetMatchingICMPAction gets the action based on icmp policy

func (*ACLCache) RemoveIPMask ¶

func (c *ACLCache) RemoveIPMask(ip net.IP, mask int)

RemoveIPMask removes the entries indexed with (ip, mask). This is an idempotent operation and thus does not returns an error

func (*ACLCache) RemoveRulesForAddress ¶

func (c *ACLCache) RemoveRulesForAddress(address *Address, protocol string, ports []string, policy *policy.FlowPolicy) error

RemoveRulesForAddress is going to remove all rules for the provided address, protocol and ports.

func ParseAddress ¶

func ParseAddress(address string) (*Address, error)

ParseAddress parses `address` as an IP or CIDR address - based on the notation that we allow in our backend. If the address is prefixed with a "!"", then the NoMatch attribute will be true. If the Address is of the format "IP/BitMask" (e.g. 192.0.2.0/24), then the mask will be set to 24. If the address is of the form "IP" (e.g. 192.0.2.1), then the mask will be added automatically.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL