network

package
v0.0.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 21, 2022 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	UPDATE_INTERVAL = 5
	TASK_COMM_LEN   = 16
	NEW_UTS_LEN     = 64
	PADDING_LEN     = 7
	SRCIP_V4_LEN    = 4
	DSTIP_V4_LEN    = 4
	SRCIP_V6_LEN    = 16
	DSTIP_V6_LEN    = 16

	ACTION_MONITOR        uint8 = 0
	ACTION_BLOCKED        uint8 = 1
	ACTION_MONITOR_STRING       = "MONITOR"
	ACTION_BLOCKED_STRING       = "BLOCKED"
	ACTION_UNKNOWN_STRING       = "UNKNOWN"

	BLOCKED_IPV4 int32 = 0
	BLOCKED_IPV6 int32 = 1

	LSM_HOOK_POINT_CONNECT uint8 = 0
	LSM_HOOK_POINT_SENDMSG uint8 = 1
)
View Source 
const (
	TCP                     = 1
	UDP                     = 2
	TCP_STRING              = "TCP"
	UDP_STRING              = "UDP"
	PROTOCOL_UNKNOWN_STRING = "UNKOWN"
)
View Source 
const (
	MODE_MONITOR uint32 = 0
	MODE_BLOCK   uint32 = 1

	TARGET_HOST      uint32 = 0
	TAREGT_CONTAINER uint32 = 1

	// BPF Map Names
	RESTRICT_NETWORK_CONFIG_MAP_NAME = "network_bouheki_config_map"
	ALLOWED_V4_CIDR_LIST_MAP_NAME    = "allowed_v4_cidr_list"
	ALLOWED_V6_CIDR_LIST_MAP_NAME    = "allowed_v6_cidr_list"
	DENIED_V4_CIDR_LIST_MAP_NAME     = "denied_v4_cidr_list"
	DENIED_V6_CIDR_LIST_MAP_NAME     = "denied_v6_cidr_list"
	ALLOWED_UID_LIST_MAP_NAME        = "allowed_uid_list"
	DENIED_UID_LIST_MAP_NAME         = "denied_uid_list"
	ALLOWED_GID_LIST_MAP_NAME        = "allowed_gid_list"
	DENIED_GID_LIST_MAP_NAME         = "denied_gid_list"
	ALLOWED_COMMAND_LIST_MAP_NAME    = "allowed_command_list"
	DENIED_COMMAND_LIST_MAP_NAME     = "denied_command_list"

	MAP_SIZE                = 20
	MAP_MODE_START          = 0
	MAP_MODE_END            = 4
	MAP_TARGET_START        = 4
	MAP_TARGET_END          = 8
	MAP_ALLOW_COMMAND_INDEX = 8
	MAP_ALLOW_UID_INDEX     = 12
	MAP_ALLOW_GID_INDEX     = 16
)
View Source 
const (
	BPF_OBJECT_NAME = "restricted-network"
)

Variables

This section is empty.

Functions

func RunAudit 

func RunAudit(ctx context.Context, wg *sync.WaitGroup, conf *config.Config) error

Types

type DNSAnswer added in v0.0.8 

type DNSAnswer struct {
	Domain    string
	Addresses []net.IP
	TTL       uint32
}

type DNSProxy added in v0.0.9 

type DNSProxy struct {
	// contains filtered or unexported fields
}

func (*DNSProxy) ServeDNS added in v0.0.9 

func (this *DNSProxy) ServeDNS(w dns.ResponseWriter, r *dns.Msg)

type DNSResolver 

type DNSResolver interface {
	Resolve(host string, recordType uint16) (*DNSAnswer, error)
}

type DefaultResolver 

type DefaultResolver struct {
	// contains filtered or unexported fields
}

func (*DefaultResolver) Resolve 

func (r *DefaultResolver) Resolve(host string, recordType uint16) (*DNSAnswer, error)

type IPAddress 

type IPAddress struct {
	// contains filtered or unexported fields
}

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

func (*Manager) AsyncResolve added in v0.0.9 

func (mgr *Manager) AsyncResolve()

func (*Manager) Attach 

func (m *Manager) Attach() error

func (*Manager) Close 

func (m *Manager) Close()

func (*Manager) ResolveAddressv4 added in v0.0.8 

func (mgr *Manager) ResolveAddressv4(domain string) (*DNSAnswer, error)

func (*Manager) ResolveAddressv6 added in v0.0.8 

func (mgr *Manager) ResolveAddressv6(domain string) (*DNSAnswer, error)

func (*Manager) SetConfigToMap 

func (m *Manager) SetConfigToMap() error

func (*Manager) Start 

func (m *Manager) Start(eventsChannel chan []byte) error

func (*Manager) StartDNSServer added in v0.0.9 

func (mgr *Manager) StartDNSServer(bindAddress string) error

func (*Manager) Stop 

func (m *Manager) Stop()

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.