network

package

v1.2.0 Latest Latest Go to latest Published: Apr 28, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/code-cargo/cargowall

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AttachTC(ifname string, prog *ebpf.Program, attachType ebpf.AttachType, ...) (link.Link, error)
func ConfigureDockerDNS(dnsIP string, logger *slog.Logger) error
func FindPodInterface() (string, error)
func GetDockerBridgeIP() (string, error)
func RestartDockerDaemon(logger *slog.Logger) error
func RestoreDockerDNS(logger *slog.Logger) error
func SetupDNSRedirect(logger *slog.Logger) error
func TeardownDNSRedirect(logger *slog.Logger) error

Constants ¶

View Source

const DNSProxyFWMark = 0xCA12

DNSProxyFWMark is the firewall mark applied to the DNS proxy's own upstream queries so that iptables RETURN rules can exempt them from redirection.

Variables ¶

This section is empty.

Functions ¶

func AttachTC ¶

func AttachTC(ifname string, prog *ebpf.Program, attachType ebpf.AttachType, logger *slog.Logger) (link.Link, error)

AttachTC attaches the TC BPF program to the network interface

func ConfigureDockerDNS ¶

func ConfigureDockerDNS(dnsIP string, logger *slog.Logger) error

ConfigureDockerDNS configures Docker to use the specified DNS server. This modifies /etc/docker/daemon.json. A full Docker restart via RestartDockerDaemon is required for the changes to take effect.

func FindPodInterface ¶

func FindPodInterface() (string, error)

FindPodInterface finds the pod's primary network interface

func GetDockerBridgeIP ¶

func GetDockerBridgeIP() (string, error)

GetDockerBridgeIP returns the IP address of the docker0 bridge interface. This is typically 172.17.0.1 and is used as the gateway for Docker containers.

func RestartDockerDaemon ¶

func RestartDockerDaemon(logger *slog.Logger) error

RestartDockerDaemon performs a full Docker daemon restart and waits for it to become ready. This is required for DNS configuration changes — Docker's SIGHUP handler only reloads a subset of settings (debug, labels, registries, etc.) and does NOT reload DNS settings from daemon.json.

func RestoreDockerDNS ¶

func RestoreDockerDNS(logger *slog.Logger) error

RestoreDockerDNS restores the original Docker daemon configuration.

func SetupDNSRedirect ¶

func SetupDNSRedirect(logger *slog.Logger) error

SetupDNSRedirect adds iptables DNAT rules to redirect all outbound DNS (UDP+TCP port 53) to the local proxy at 127.0.0.1:53. Packets marked with DNSProxyFWMark (the DNS proxy's upstream queries) are exempted.

func TeardownDNSRedirect ¶

func TeardownDNSRedirect(logger *slog.Logger) error

TeardownDNSRedirect removes the iptables DNAT rules added by SetupDNSRedirect.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL