Documentation

Index

Constants

View Source
const (
	IPv4ZeroCIDR = "0.0.0.0/0"
	IPv6ZeroCIDR = "::/0"
)

Variables

View Source
var (
	ErrAddressNotAllowed = errors.New("address not allowed")
	ErrNoAddresses       = errors.New("No addresses for hostname")
)

Functions

func FilterIncorrectCIDRVersion

func FilterIncorrectCIDRVersion(ipStrings []string, isIPv6Mode bool) ([]string, []string)

    FilterIncorrectCIDRVersion filters out the incorrect IP version case from a slice of CIDR strings.

    func FilterIncorrectIPVersion

    func FilterIncorrectIPVersion(ipStrings []string, isIPv6Mode bool) ([]string, []string)

      FilterIncorrectIPVersion filters out the incorrect IP version case from a slice of IP strings.

      func GetNodeAddresses

      func GetNodeAddresses(cidrs []string, nw NetworkInterfacer) (sets.String, error)

        GetNodeAddresses return all matched node IP addresses based on given cidr slice. Some callers, e.g. IPVS proxier, need concrete IPs, not ranges, which is why this exists. NetworkInterfacer is injected for test purpose. We expect the cidrs passed in is already validated. Given an empty input `[]`, it will return `0.0.0.0/0` and `::/0` directly. If multiple cidrs is given, it will return the minimal IP sets, e.g. given input `[1.2.0.0/16, 0.0.0.0/0]`, it will only return `0.0.0.0/0`. NOTE: GetNodeAddresses only accepts CIDRs, if you want concrete IPs, e.g. 1.2.3.4, then the input should be 1.2.3.4/32.

        func IPPart

        func IPPart(s string) string

          IPPart returns just the IP part of an IP or IP:port or endpoint string. If the IP part is an IPv6 address enclosed in brackets (e.g. "[fd00:1::5]:9999"), then the brackets are stripped as well.

          func IsLocalIP

          func IsLocalIP(ip string) (bool, error)

          func IsProxyableHostname

          func IsProxyableHostname(ctx context.Context, resolv Resolver, hostname string) error

            IsProxyableHostname checks if the IP addresses for a given hostname are permitted to be proxied

            func IsProxyableIP

            func IsProxyableIP(ip string) error

              IsProxyableIP checks if a given IP address is permitted to be proxied

              func IsZeroCIDR

              func IsZeroCIDR(cidr string) bool

              func LogAndEmitIncorrectIPVersionEvent

              func LogAndEmitIncorrectIPVersionEvent(recorder record.EventRecorder, fieldName, fieldValue, svcNamespace, svcName string, svcUID types.UID)

                LogAndEmitIncorrectIPVersionEvent logs and emits incorrect IP version event.

                func PortPart

                func PortPart(s string) (int, error)

                  PortPart returns just the port part of an endpoint string.

                  func RevertPorts

                  func RevertPorts(replacementPortsMap, originalPortsMap map[LocalPort]Closeable)

                    RevertPorts is closing ports in replacementPortsMap but not in originalPortsMap. In other words, it only closes the ports opened in this sync.

                    func ShouldSkipService

                    func ShouldSkipService(svcName types.NamespacedName, service *v1.Service) bool

                    func ToCIDR

                    func ToCIDR(ip net.IP) string

                      ToCIDR returns a host address of the form <ip-address>/32 for IPv4 and <ip-address>/128 for IPv6

                      Types

                      type Closeable

                      type Closeable interface {
                      	Close() error
                      }

                        Closeable is an interface around closing a port.

                        type LocalPort

                        type LocalPort struct {
                        	// Description is the identity message of a given local port.
                        	Description string
                        	// IP is the IP address part of a given local port.
                        	// If this string is empty, the port binds to all local IP addresses.
                        	IP string
                        	// Port is the port part of a given local port.
                        	Port int
                        	// Protocol is the protocol part of a given local port.
                        	// The value is assumed to be lower-case. For example, "udp" not "UDP", "tcp" not "TCP".
                        	Protocol string
                        }

                          LocalPort describes a port on specific IP address and protocol

                          func (*LocalPort) String

                          func (lp *LocalPort) String() string

                          type NetworkInterfacer

                          type NetworkInterfacer interface {
                          	Addrs(intf *net.Interface) ([]net.Addr, error)
                          	Interfaces() ([]net.Interface, error)
                          }

                            NetworkInterfacer defines an interface for several net library functions. Production code will forward to net library functions, and unit tests will override the methods for testing purposes.

                            type PortOpener

                            type PortOpener interface {
                            	OpenLocalPort(lp *LocalPort) (Closeable, error)
                            }

                              PortOpener is an interface around port opening/closing. Abstracted out for testing.

                              type RealNetwork

                              type RealNetwork struct{}

                                RealNetwork implements the NetworkInterfacer interface for production code, just wrapping the underlying net library function calls.

                                func (RealNetwork) Addrs

                                func (_ RealNetwork) Addrs(intf *net.Interface) ([]net.Addr, error)

                                  Addrs wraps net.Interface.Addrs(), it's a part of NetworkInterfacer interface.

                                  func (RealNetwork) Interfaces

                                  func (_ RealNetwork) Interfaces() ([]net.Interface, error)

                                    Interfaces wraps net.Interfaces(), it's a part of NetworkInterfacer interface.

                                    type Resolver

                                    type Resolver interface {
                                    	LookupIPAddr(ctx context.Context, host string) ([]net.IPAddr, error)
                                    }

                                      Resolver is an interface for net.Resolver

                                      Directories

                                      Path Synopsis