Documentation ¶
Overview ¶
Package class implements tools for classifying and acting on network packets.
A class is a named condition that exposes an Eval method; when Eval yields true for a ClsPkt, that packet is considered to be part of that class.
The following conditions are supported: AnyOf, AllOf, Boolean true, Boolean false and IPv4. AnyOf returns true if at least one subcondition returns true. AllOf returns true if all subconditions return true. AllOf or AnyOf without subconditions return true. Boolean conditions always return their internal value. IPv4 conditions include predicates that compare the analyzed packet to preset values. Supported IPv4 conditions currently include destination network match, source network match and ToS/DSCP fields match. Multiple predicates can be checked by enumerating them under AllOf or AnyOf.
Actions are marshalable objects that describe a process. Currently, the only supported actions are Path Filters (ActionFilterPaths), which are containers for a pathmgr.PathPredicate object.
Marshalable policies can be implemented by external code by mapping Cond items to Action items.
Package class supports JSON marshaling and unmarshaling of classes and actions. Due to the custom formatting of the JSON output, marshaling must be done by first adding the classes and actions to a ClassMap or ActionMap, respectively. Unmarshaling back to the Map is guaranteed to yield an object that is identical to the initial one.
Index ¶
Constants ¶
const ( TypeCondAllOf = "CondAllOf" TypeCondAnyOf = "CondAnyOf" TypeCondBool = "CondBool" TypeCondIPv4 = "CondIPv4" TypeActionFilterPaths = "ActionFilterPaths" TypeIPv4MatchSource = "MatchSource" TypeIPv4MatchDestination = "MatchDestination" TypeIPv4MatchToS = "MatchToS" TypeIPv4MatchDSCP = "MatchDSCP" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Action ¶
type Action interface { Act(interface{}) interface{} GetName() string Typer // contains filtered or unexported methods }
Interface Action defines how paths and packets may be processed in a way that can be exported to JSON. Types implementing Action must not be marshaled to JSON directly; instead, first create an ActionMap, add the desired actions to it and then marshal the entire ActionMap.
type ActionFilterPaths ¶
type ActionFilterPaths struct { Contains *pathmgr.PathPredicate Name string `json:"-"` }
Filter only paths which match the embedded PathPredicate.
func NewActionFilterPaths ¶
func NewActionFilterPaths(name string, pp *pathmgr.PathPredicate) *ActionFilterPaths
func (*ActionFilterPaths) Act ¶
func (a *ActionFilterPaths) Act(aps interface{}) interface{}
Act takes an AppPathSet and returns a new AppPathSet containing only the paths permitted by the filter.
func (*ActionFilterPaths) GetName ¶
func (a *ActionFilterPaths) GetName() string
func (*ActionFilterPaths) Type ¶
func (a *ActionFilterPaths) Type() string
type ActionMap ¶
ActionMap is a container for Actions, keyed by their unique name. Attempting to add an Action with the same name twice returns an error. ActionMap can be used to marshal Actions to JSON. Unmarshaling back to ActionMap is guaranteed to yield an object that is identical to the initial one.
func NewActionMap ¶
func NewActionMap() ActionMap
func (ActionMap) MarshalJSON ¶
func (*ActionMap) UnmarshalJSON ¶
type Class ¶
type Class struct { Cond Cond // contains filtered or unexported fields }
Type Class is used to define classes of network traffic. All packets matching Cond are said to be part of the class. Class must not be marshaled to JSON directly; instead, first create a ClassMap, add the desired classes to it and then marshal the entire ClassMap.
func (*Class) MarshalJSON ¶
func (*Class) UnmarshalJSON ¶
type ClassMap ¶
ClassMap is a container for Classes, keyed by their unique name. Attempting to add a Class with the same name twice returns an error. ClassMap can be used to marshal Classes to JSON. Unmarshaling back to ClassMap is guaranteed to yield an object that is identical to the initial one.
func NewClassMap ¶
func NewClassMap() ClassMap
func (ClassMap) MarshalJSON ¶
func (*ClassMap) UnmarshalJSON ¶
type Cond ¶
Cond is used to decide which packets match a class. Types implementing Cond should not be marshaled directly to JSON. Instead, embed them into a Class and add the Class to a ClassMap; finally, marshal the entire ClassMap.
type CondAllOf ¶
type CondAllOf []Cond
CondAllOf conditions return true if at least one subcondition returns true.
func NewCondAllOf ¶
func (CondAllOf) MarshalJSON ¶
func (*CondAllOf) UnmarshalJSON ¶
type CondAnyOf ¶
type CondAnyOf []Cond
CondAnyOf conditions return true if all subconditions return true.
func NewCondAnyOf ¶
func (CondAnyOf) MarshalJSON ¶
func (*CondAnyOf) UnmarshalJSON ¶
type CondBool ¶
type CondBool bool
CondBool contains a true or false value, useful for debugging and testing.
type CondIPv4 ¶
type CondIPv4 struct {
Predicate IPv4Predicate
}
CondIPv4 conditions return true if the embedded IPv4 predicate returns true.
func NewCondIPv4 ¶
func NewCondIPv4(p IPv4Predicate) *CondIPv4
func (*CondIPv4) MarshalJSON ¶
func (*CondIPv4) UnmarshalJSON ¶
type IPv4MatchDSCP ¶
type IPv4MatchDSCP struct {
DSCP uint8
}
IPv4MatchDSCP checks whether the DSCP subset of the TOS field matches.
func (*IPv4MatchDSCP) MarshalJSON ¶
func (m *IPv4MatchDSCP) MarshalJSON() ([]byte, error)
func (*IPv4MatchDSCP) Type ¶
func (m *IPv4MatchDSCP) Type() string
func (*IPv4MatchDSCP) UnmarshalJSON ¶
func (m *IPv4MatchDSCP) UnmarshalJSON(b []byte) error
type IPv4MatchDestination ¶
IPv4MatchDestination checks whether the destination IPv4 address is contained in Net.
func (*IPv4MatchDestination) MarshalJSON ¶
func (m *IPv4MatchDestination) MarshalJSON() ([]byte, error)
func (*IPv4MatchDestination) Type ¶
func (m *IPv4MatchDestination) Type() string
func (*IPv4MatchDestination) UnmarshalJSON ¶
func (m *IPv4MatchDestination) UnmarshalJSON(b []byte) error
type IPv4MatchSource ¶
IPv4MatchSource checks whether the source IPv4 address is contained in Net.
func (*IPv4MatchSource) MarshalJSON ¶
func (m *IPv4MatchSource) MarshalJSON() ([]byte, error)
func (*IPv4MatchSource) Type ¶
func (m *IPv4MatchSource) Type() string
func (*IPv4MatchSource) UnmarshalJSON ¶
func (m *IPv4MatchSource) UnmarshalJSON(b []byte) error
type IPv4MatchToS ¶
type IPv4MatchToS struct {
TOS uint8
}
IPv4MatchToS checks whether the ToS field matches.
func (*IPv4MatchToS) MarshalJSON ¶
func (m *IPv4MatchToS) MarshalJSON() ([]byte, error)
func (*IPv4MatchToS) Type ¶
func (m *IPv4MatchToS) Type() string
func (*IPv4MatchToS) UnmarshalJSON ¶
func (m *IPv4MatchToS) UnmarshalJSON(b []byte) error
type IPv4Predicate ¶
type IPv4Predicate interface { // Eval returns true if the IPv4 packet matched the predicate Eval(*layers.IPv4) bool Typer }
IPv4Predicate describes a single test on various IPv4 packet fields.