iptables

package
v0.0.0-...-7ac82bb Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2024 License: Apache-2.0 Imports: 11 Imported by: 3

Documentation

Index

Constants

View Source 
const LockKey = "/var/run/garden-iptables.lock"
View Source 
const SetupScript = `` /* 7530-byte string literal not displayed */

Variables

This section is empty.

Functions

This section is empty.

Types

type Chains 

type Chains struct {
	Prerouting, Postrouting, Input, Forward, Default string
}

type FirewallOpener 

type FirewallOpener struct {
	// contains filtered or unexported fields
}

func NewFirewallOpener 

func NewFirewallOpener(ruleTranslator RuleTranslator, iptables IPTables) *FirewallOpener

func (*FirewallOpener) BulkOpen 

func (f *FirewallOpener) BulkOpen(logger lager.Logger, instance, handle string, rules []garden.NetOutRule) error

func (*FirewallOpener) Open 

func (f *FirewallOpener) Open(logger lager.Logger, instance, handle string, rule garden.NetOutRule) error

type IPTables 

type IPTables interface {
	CreateChain(table, chain string) error
	DeleteChain(table, chain string) error
	FlushChain(table, chain string) error
	DeleteChainReferences(table, targetChain, referencedChain string) error
	PrependRule(chain string, rule Rule) error
	BulkPrependRules(chain string, rules []Rule) error
	InstanceChain(instanceId string) string
}

type IPTablesController 

type IPTablesController struct {
	// contains filtered or unexported fields
}

func New 

func New(iptablesBinPath, iptablesRestoreBinPath string, runner commandrunner.CommandRunner, locksmith Locksmith, chainPrefix string) *IPTablesController

func (*IPTablesController) BulkPrependRules 

func (iptables *IPTablesController) BulkPrependRules(chain string, rules []Rule) error

func (*IPTablesController) CreateChain 

func (iptables *IPTablesController) CreateChain(table, chain string) error

func (*IPTablesController) DeleteChain 

func (iptables *IPTablesController) DeleteChain(table, chain string) error

func (*IPTablesController) DeleteChainReferences 

func (iptables *IPTablesController) DeleteChainReferences(table, targetChain, referencedChain string) error

func (*IPTablesController) FlushChain 

func (iptables *IPTablesController) FlushChain(table, chain string) error

func (*IPTablesController) InstanceChain 

func (iptables *IPTablesController) InstanceChain(instanceId string) string

func (*IPTablesController) PrependRule 

func (iptables *IPTablesController) PrependRule(chain string, rule Rule) error

type InstanceChainCreator 

type InstanceChainCreator struct {
	// contains filtered or unexported fields
}

func NewInstanceChainCreator 

func NewInstanceChainCreator(iptables *IPTablesController) *InstanceChainCreator

func (*InstanceChainCreator) Create 

func (cc *InstanceChainCreator) Create(logger lager.Logger, handle, instanceId, bridgeName string, ip net.IP, network *net.IPNet) error

func (*InstanceChainCreator) Destroy 

func (cc *InstanceChainCreator) Destroy(logger lager.Logger, instanceId string) error

type Locksmith 

type Locksmith interface {
	Lock(key string) (locksmith.Unlocker, error)
}

type PortForwarder 

type PortForwarder struct {
	// contains filtered or unexported fields
}

func NewPortForwarder 

func NewPortForwarder(iptables *IPTablesController) *PortForwarder

func (*PortForwarder) Forward 

func (p *PortForwarder) Forward(spec kawasaki.PortForwarderSpec) error

type Rule 

type Rule interface {
	Flags(chain string) []string
}

type RuleTranslator 

type RuleTranslator interface {
	TranslateRule(handle string, gardenRule garden.NetOutRule) ([]Rule, error)
}

func NewRuleTranslator 

func NewRuleTranslator() RuleTranslator

type SingleFilterRule 

type SingleFilterRule struct {
	Protocol garden.Protocol
	Networks *garden.IPRange
	Ports    *garden.PortRange
	ICMPs    *garden.ICMPControl
	Log      bool
	Handle   string
}

func (SingleFilterRule) Flags 

func (r SingleFilterRule) Flags(chain string) (params []string)

type Starter 

type Starter struct {
	// contains filtered or unexported fields
}

func NewStarter 

func NewStarter(iptables *IPTablesController, allowHostAccess bool, nicPrefix string, denyNetworks []string, destroyContainersOnStartup bool, logger lager.Logger) *Starter

func (Starter) Start 

func (s Starter) Start() error

Source Files

View all Source files

Directories

Path Synopsis
Code generated by counterfeiter.
 Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.