trireme-lib: go.aporeto.io/trireme-lib/controller/pkg/aclprovider Index | Files

package provider

import "go.aporeto.io/trireme-lib/controller/pkg/aclprovider"

Index

Package Files

ipsetprovider.go ipsetprovidermock.go iptablesprovider.go iptablesprovidermock.go

type BatchProvider Uses

type BatchProvider struct {
    sync.Mutex
    // contains filtered or unexported fields
}

BatchProvider uses iptables-restore to program ACLs

func NewGoIPTablesProvider Uses

func NewGoIPTablesProvider(batchTables []string) (*BatchProvider, error)

NewGoIPTablesProvider returns an IptablesProvider interface based on the go-iptables external package.

func (*BatchProvider) Append Uses

func (b *BatchProvider) Append(table, chain string, rulespec ...string) error

Append will append the provided rule to the local cache or call directly the iptables command depending on the table.

func (*BatchProvider) ClearChain Uses

func (b *BatchProvider) ClearChain(table, chain string) error

ClearChain will clear the chains.

func (*BatchProvider) Commit Uses

func (b *BatchProvider) Commit() error

Commit commits the rules to the system

func (*BatchProvider) Delete Uses

func (b *BatchProvider) Delete(table, chain string, rulespec ...string) error

Delete will delete the rule from the local cache or the system.

func (*BatchProvider) DeleteChain Uses

func (b *BatchProvider) DeleteChain(table, chain string) error

DeleteChain will delete the chains.

func (*BatchProvider) Insert Uses

func (b *BatchProvider) Insert(table, chain string, pos int, rulespec ...string) error

Insert will insert the rule in the corresponding position in the local cache or call the corresponding iptables command, depending on the table.

func (*BatchProvider) ListChains Uses

func (b *BatchProvider) ListChains(table string) ([]string, error)

ListChains will provide a list of the current chains.

func (*BatchProvider) NewChain Uses

func (b *BatchProvider) NewChain(table, chain string) error

NewChain creates a new chain.

type Ipset Uses

type Ipset interface {
    Add(entry string, timeout int) error
    AddOption(entry string, option string, timeout int) error
    Del(entry string) error
    Destroy() error
    Flush() error
    Test(entry string) (bool, error)
}

Ipset is an abstraction of all the methods an implementation of userspace ipsets need to provide.

type IpsetProvider Uses

type IpsetProvider interface {
    NewIpset(name string, hasht string, p *ipset.Params) (Ipset, error)
    GetIpset(name string) Ipset
    DestroyAll() error
}

IpsetProvider returns a fabric for Ipset.

func NewGoIPsetProvider Uses

func NewGoIPsetProvider() IpsetProvider

NewGoIPsetProvider Return a Go IPSet Provider

type IptablesProvider Uses

type IptablesProvider interface {
    // Append apends a rule to chain of table
    Append(table, chain string, rulespec ...string) error
    // Insert inserts a rule to a chain of table at the required pos
    Insert(table, chain string, pos int, rulespec ...string) error
    // Delete deletes a rule of a chain in the given table
    Delete(table, chain string, rulespec ...string) error
    // ListChains lists all the chains associated with a table
    ListChains(table string) ([]string, error)
    // ClearChain clears a chain in a table
    ClearChain(table, chain string) error
    // DeleteChain deletes a chain in the table. There should be no references to this chain
    DeleteChain(table, chain string) error
    // NewChain creates a new chain
    NewChain(table, chain string) error
    // Commit will commit changes if it is a batch provider.
    Commit() error
}

IptablesProvider is an abstraction of all the methods an implementation of userspace iptables need to provide.

type TestIpset Uses

type TestIpset interface {
    Ipset
    MockAdd(t *testing.T, impl func(entry string, timeout int) error)
    MockAddOption(t *testing.T, impl func(entry string, option string, timeout int) error)
    MockDel(t *testing.T, impl func(entry string) error)
    MockDestroy(t *testing.T, impl func() error)
    MockFlush(t *testing.T, impl func() error)
    MockTest(t *testing.T, impl func(entry string) (bool, error))
}

TestIpset is a test implementation for Ipset

func NewTestIpset Uses

func NewTestIpset() TestIpset

NewTestIpset returns a new TestManipulator.

type TestIpsetProvider Uses

type TestIpsetProvider interface {
    IpsetProvider
    MockNewIpset(t *testing.T, impl func(name string, hasht string, p *ipset.Params) (Ipset, error))
    MockGetIpset(t *testing.T, impl func(name string) Ipset)
    MockDestroyAll(t *testing.T, impl func() error)
}

TestIpsetProvider is a test implementation for IpsetProvider

func NewTestIpsetProvider Uses

func NewTestIpsetProvider() TestIpsetProvider

NewTestIpsetProvider returns a new TestManipulator.

type TestIptablesProvider Uses

type TestIptablesProvider interface {
    IptablesProvider
    MockAppend(t *testing.T, impl func(table, chain string, rulespec ...string) error)
    MockInsert(t *testing.T, impl func(table, chain string, pos int, rulespec ...string) error)
    MockDelete(t *testing.T, impl func(table, chain string, rulespec ...string) error)
    MockListChains(t *testing.T, impl func(table string) ([]string, error))
    MockClearChain(t *testing.T, impl func(table, chain string) error)
    MockDeleteChain(t *testing.T, impl func(table, chain string) error)
    MockNewChain(t *testing.T, impl func(table, chain string) error)
    MockCommit(t *testing.T, impl func() error)
}

TestIptablesProvider is a test implementation for IptablesProvider

func NewTestIptablesProvider Uses

func NewTestIptablesProvider() TestIptablesProvider

NewTestIptablesProvider returns a new TestManipulator.

Package provider imports 11 packages (graph) and is imported by 7 packages. Updated 2018-12-10. Refresh now. Tools for package owners.