trireme-lib: go.aporeto.io/trireme-lib/controller/pkg/pucontext Index | Files

package pucontext

import "go.aporeto.io/trireme-lib/controller/pkg/pucontext"

Index

Package Files

pucontext.go puerrors.go

Variables

var CounterNames = []string{
    ErrUnknownError:                 "UNKNOWNERROR",
    ErrInvalidNetState:              "INVALIDNETSTATE",
    ErrNonPUTraffic:                 "NONPUTRAFFIC",
    ErrNetSynNotSeen:                "SYNNOTSEEN",
    ErrNoConnFound:                  "CONNECTIONNOTFOUND",
    ErrRejectPacket:                 "REJECTEDPACKET",
    ErrTCPAuthNotFound:              "TCPAUTHENTICATIONOPTIONNOTFOUND",
    ErrInvalidConnState:             "INVALIDCONNECTIONSTATE",
    ErrMarkNotFound:                 "MARKNOTFOUND",
    ErrPortNotFound:                 "PORTNOTFOUND",
    ErrContextIDNotFound:            "CONTEXTNOTFOUND",
    ErrInvalidProtocol:              "INVALIDPROTOCOL",
    ErrServicePreprocessorFailed:    "PREPROCESSINGFAILED",
    ErrServicePostprocessorFailed:   "POSTPROCESSINGFAILED",
    ErrDroppedExternalService:       "ACLSYNDROPPED",
    ErrSynDroppedNoClaims:           "SYNDROPPEDNOCLAIMS",
    ErrSynDroppedInvalidToken:       "SYNDROPPEDINVALIDTOKEN",
    ErrSynDroppedTCPOption:          "SYNDROPPEDAUTHOPTIONNOTFOUND",
    ErrSynDroppedInvalidFormat:      "SYNDROPPEDINVALIDFORMAT",
    ErrSynRejectPacket:              "SYNDROPPEDPOLICY",
    ErrOutOfOrderSynAck:             "UNEXPECTEDSYNACK",
    ErrInvalidSynAck:                "DEADPUSYNACK",
    ErrSynAckMissingToken:           "SYNACKDROPPEDINVALIDTOKEN",
    ErrSynAckBadClaims:              "SYNACKDROPPEDBADCLAIMS",
    ErrSynAckMissingClaims:          "SYNACKDROPPEDNOCLAIMS",
    ErrSynAckNoTCPAuthOption:        "SYNACKAUTHOPTIONNOTFOUND",
    ErrSynAckInvalidFormat:          "SYNACKDROPPEDINVALIDFORMAT",
    ErrSynAckClaimsMisMatch:         "SYNACKDROPPEDCLAIMSMISMATCH",
    ErrSynAckRejected:               "SYNACKDROPPEDPOLICY",
    ErrSynAckDroppedExternalService: "ERRSYNACKDROPPEDEXTERNALSERVICE",
    ErrAckRejected:                  "ACKDROPPEDPOLICY",
    ErrAckTCPNoTCPAuthOption:        "ACKDROPPEDAUTHOPTIONNOTFOUND",
    ErrAckSigValidationFailed:       "ACKDROPPEDSIGVALIDATIONFAILED",
    ErrAckInvalidFormat:             "ACKDROPPEDINVALIDFORMAT",
    ErrAckInUnknownState:            "ACKDROPPEDUNKNOWNCONNSTATE",
    ErrSynUnexpectedPacket:          "SYNUNEXPECTEDPACKET",
    ErrConnectionsProcessed:         "CONNECTIONSPROCESSED",
    ErrEncrConnectionsProcessed:     "ENCRCONNECTIONSPROCESSED",
    ErrUDPInvalidNetState:           "UDPINVALIDNETSTATE",
    ErrUDPDropSynAck:                "UDPDROPSYNACK",
    ErrUDPDropFin:                   "UDPDROPFIN",
    ErrUDPDropPacket:                "UDPDROPPACKET",
    ErrUDPPreProcessingFailed:       "UDPPREPROCESSINGFAILED",
    ErrUDPRejected:                  "UDPREJECTED",
    ErrUDPPostProcessingFailed:      "UDPPOSTPROCESSINGFAILED",
    ErrUDPNoConnection:              "UDPDROPNOCONNECTION",
    ErrUDPSynInvalidToken:           "UDPSYNINVALIDTOKEN",
    ErrUDPSynMissingClaims:          "UDPSYNMISSINGCLAIMS",
    ErrUDPSynDroppedPolicy:          "UDPSYNDROPPEDPOLICY",
    ErrUDPSynAckBadClaims:           "UDPSYNACKBADCLAIMS",
    ErrUDPSynAckMissingClaims:       "UDPSYNACKMISSINGCLAIMS",
    ErrUDPSynAckPolicy:              "UDPSYNACKPOLICY",
    ErrUDPInvalidSignature:          "UDPACKINVALIDSIGNATURE",
    ErrUDPConnectionsProcessed:      "UDPCONNECTIONSPROCESSED",
    ErrUDPContextIDNotFound:         "UDPCONTEXTIDNOTFOUND",
    ErrUDPDropQueueFull:             "UDPDROPQUEUEFULL",
    ErrUDPDropInNfQueue:             "UDPDROPINNFQUEUE",
    ErrUDPSynDropped:                "UDPSYNDROPPED",
}

CounterNames is the name for each error reported to the collector

func GetErrorCounters Uses

func GetErrorCounters() []collector.Counters

GetErrorCounters returns the counters for packets whose PU is not known

func PuContextError Uses

func PuContextError(err ErrorType, logMsg string) error

PuContextError increments a global unknown PU counter and returns an error

func ToError Uses

func ToError(errType ErrorType) error

ToError returns converts error from ErrorType

type ErrorType Uses

type ErrorType int

ErrorType custom counter error type

const (
    ErrUnknownError ErrorType = iota
    ErrInvalidNetState
    ErrNonPUTraffic
    ErrNetSynNotSeen
    ErrNoConnFound
    ErrRejectPacket
    ErrTCPAuthNotFound
    ErrInvalidConnState
    ErrMarkNotFound
    ErrPortNotFound
    ErrContextIDNotFound
    ErrInvalidProtocol
    ErrServicePreprocessorFailed
    ErrServicePostprocessorFailed
    ErrDroppedExternalService
    ErrSynDroppedNoClaims
    ErrSynDroppedInvalidToken
    ErrSynDroppedTCPOption
    ErrSynDroppedInvalidFormat
    ErrSynRejectPacket
    ErrOutOfOrderSynAck
    ErrInvalidSynAck
    ErrSynAckMissingToken
    ErrSynAckBadClaims
    ErrSynAckMissingClaims
    ErrSynAckNoTCPAuthOption
    ErrSynAckInvalidFormat
    ErrSynAckClaimsMisMatch
    ErrSynAckRejected
    ErrSynAckDroppedExternalService
    ErrAckRejected
    ErrAckTCPNoTCPAuthOption
    ErrAckSigValidationFailed
    ErrAckInvalidFormat
    ErrAckInUnknownState
    ErrSynUnexpectedPacket
    ErrConnectionsProcessed
    ErrEncrConnectionsProcessed
    ErrUDPInvalidNetState
    ErrUDPDropSynAck
    ErrUDPDropFin
    ErrUDPDropPacket
    ErrUDPPreProcessingFailed
    ErrUDPRejected
    ErrUDPPostProcessingFailed
    ErrUDPNoConnection
    ErrUDPSynInvalidToken
    ErrUDPSynMissingClaims
    ErrUDPSynDroppedPolicy
    ErrUDPSynAckBadClaims
    ErrUDPSynAckMissingClaims
    ErrUDPSynAckPolicy
    ErrUDPInvalidSignature
    ErrUDPConnectionsProcessed
    ErrUDPContextIDNotFound
    ErrUDPDropQueueFull
    ErrUDPDropInNfQueue
    ErrUDPSynDropped
)

Error Constants

func GetError Uses

func GetError(err error) ErrorType

GetError gives the errortype for an error

type PUContext Uses

type PUContext struct {
    ApplicationACLs *acls.ACLCache

    DNSACLs      policy.DNSRuleList
    DNSProxyPort string

    Extension interface{}

    sync.RWMutex
    // contains filtered or unexported fields
}

PUContext holds data indexed by the PU ID

func NewPU Uses

func NewPU(contextID string, puInfo *policy.PUInfo, timeout time.Duration) (*PUContext, error)

NewPU creates a new PU context

func (*PUContext) Annotations Uses

func (p *PUContext) Annotations() *policy.TagStore

Annotations returns the annotations

func (*PUContext) ApplicationACLPolicyFromAddr Uses

func (p *PUContext) ApplicationACLPolicyFromAddr(addr net.IP, port uint16) (report *policy.FlowPolicy, action *policy.FlowPolicy, err error)

ApplicationACLPolicyFromAddr retrieve the policy given an address and port.

func (*PUContext) Autoport Uses

func (p *PUContext) Autoport() bool

Autoport returns if auto port feature is set on the PU

func (*PUContext) CacheExternalFlowPolicy Uses

func (p *PUContext) CacheExternalFlowPolicy(packet *packet.Packet, plc interface{})

CacheExternalFlowPolicy will cache an external flow

func (*PUContext) CompressedTags Uses

func (p *PUContext) CompressedTags() *policy.TagStore

CompressedTags returns the compressed tags.

func (*PUContext) CreateRcvRules Uses

func (p *PUContext) CreateRcvRules(policyRules policy.TagSelectorList)

CreateRcvRules create receive rules for this PU based on the update of the policy.

func (*PUContext) CreateTxtRules Uses

func (p *PUContext) CreateTxtRules(policyRules policy.TagSelectorList)

CreateTxtRules create receive rules for this PU based on the update of the policy.

func (*PUContext) GetCachedTokenAndServiceContext Uses

func (p *PUContext) GetCachedTokenAndServiceContext() ([]byte, []byte, error)

GetCachedTokenAndServiceContext returns the cached syn packet token

func (*PUContext) GetErrorCounters Uses

func (p *PUContext) GetErrorCounters() []collector.Counters

GetErrorCounters returns the error counters and resets the counters to zero

func (*PUContext) GetJWT Uses

func (p *PUContext) GetJWT() (string, error)

GetJWT retrieves the JWT if it exists in the cache. Returns error otherwise.

func (*PUContext) GetPolicyFromFQDN Uses

func (p *PUContext) GetPolicyFromFQDN(fqdn string) ([]policy.PortProtocolPolicy, error)

GetPolicyFromFQDN gets the list of policies that are mapped with the hostname

func (*PUContext) GetProcessKeys Uses

func (p *PUContext) GetProcessKeys() (string, []string, []string)

GetProcessKeys returns the cache keys for a process

func (*PUContext) HashID Uses

func (p *PUContext) HashID() string

HashID returns the hash of the ID of the PU

func (*PUContext) ID Uses

func (p *PUContext) ID() string

ID returns the ID of the PU

func (*PUContext) Identity Uses

func (p *PUContext) Identity() *policy.TagStore

Identity returns the indentity

func (*PUContext) ManagementID Uses

func (p *PUContext) ManagementID() string

ManagementID returns the management ID

func (*PUContext) ManagementNamespace Uses

func (p *PUContext) ManagementNamespace() string

ManagementNamespace returns the management namespace

func (*PUContext) Mark Uses

func (p *PUContext) Mark() string

Mark returns the PU mark

func (*PUContext) NetworkACLPolicy Uses

func (p *PUContext) NetworkACLPolicy(packet *packet.Packet) (report *policy.FlowPolicy, action *policy.FlowPolicy, err error)

NetworkACLPolicy retrieves the policy based on ACLs

func (*PUContext) NetworkACLPolicyFromAddr Uses

func (p *PUContext) NetworkACLPolicyFromAddr(addr net.IP, port uint16) (report *policy.FlowPolicy, action *policy.FlowPolicy, err error)

NetworkACLPolicyFromAddr retrieve the policy given an address and port.

func (*PUContext) PuContextError Uses

func (p *PUContext) PuContextError(err ErrorType, logMsg string) error

PuContextError increments the error counter and returns an error

func (*PUContext) RemoveApplicationACL Uses

func (p *PUContext) RemoveApplicationACL(addr net.IP, mask int)

RemoveApplicationACL removes the application ACLs which are indexed with (ip, mask) key

func (*PUContext) RetrieveCachedExternalFlowPolicy Uses

func (p *PUContext) RetrieveCachedExternalFlowPolicy(id string) (interface{}, error)

RetrieveCachedExternalFlowPolicy returns the policy for an external IP

func (*PUContext) Scopes Uses

func (p *PUContext) Scopes() []string

Scopes returns the scopes.

func (*PUContext) SearchRcvRules Uses

func (p *PUContext) SearchRcvRules(
    tags *policy.TagStore,
) (report *policy.FlowPolicy, packet *policy.FlowPolicy)

SearchRcvRules searches both receive and observed receive rules and returns the index and action

func (*PUContext) SearchTxtRules Uses

func (p *PUContext) SearchTxtRules(
    tags *policy.TagStore,
    skipRejectPolicies bool,
) (report *policy.FlowPolicy, packet *policy.FlowPolicy)

SearchTxtRules searches both receive and observed transmit rules and returns the index and action

func (*PUContext) SynServiceContext Uses

func (p *PUContext) SynServiceContext() []byte

SynServiceContext returns synServiceContext

func (*PUContext) TCPPorts Uses

func (p *PUContext) TCPPorts() []string

TCPPorts returns the PU TCP ports

func (*PUContext) Type Uses

func (p *PUContext) Type() common.PUType

Type return the pu type

func (*PUContext) UDPPorts Uses

func (p *PUContext) UDPPorts() []string

UDPPorts returns the PU UDP ports

func (*PUContext) UpdateApplicationACLs Uses

func (p *PUContext) UpdateApplicationACLs(rules policy.IPRuleList) error

UpdateApplicationACLs updates the application ACL policy

func (*PUContext) UpdateCachedTokenAndServiceContext Uses

func (p *PUContext) UpdateCachedTokenAndServiceContext(token []byte, serviceContext []byte)

UpdateCachedTokenAndServiceContext updates the local cached token

func (*PUContext) UpdateJWT Uses

func (p *PUContext) UpdateJWT(jwt string, expiration time.Time)

UpdateJWT updates the JWT and provides a new expiration date.

func (*PUContext) UpdateNetworkACLs Uses

func (p *PUContext) UpdateNetworkACLs(rules policy.IPRuleList) error

UpdateNetworkACLs updates the network ACL policy

func (*PUContext) UpdateSynServiceContext Uses

func (p *PUContext) UpdateSynServiceContext(synServiceContext []byte)

UpdateSynServiceContext updates the synServiceContext

func (*PUContext) Username Uses

func (p *PUContext) Username() string

Username returns the ID of the PU

type PuErrors Uses

type PuErrors struct {
    // contains filtered or unexported fields
}

PuErrors holds the string,integer for each error

func (PuErrors) Error Uses

func (e PuErrors) Error() string

Error implemented to satisfy the error interface

Package pucontext imports 17 packages (graph) and is imported by 21 packages. Updated 2019-09-17. Refresh now. Tools for package owners.