The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
View Source
const ( //IPv6DefaultIP is the default ip of v6 IPv6DefaultIP = "::/0" //IPv4DefaultIP is the default ip for v4 IPv4DefaultIP = "0.0.0.0/0" //IPsetV4 version for ipv4 IPsetV4 = iota //IPsetV6 version for ipv6 IPsetV6 )
View Source
const ( //IPv6DefaultIP is the default ip of v6 IPv6DefaultIP = "::/0" //IPv4DefaultIP is the default ip for v4 IPv4DefaultIP = "0.0.0.0/0" //IPsetV4 version for ipv4 IPsetV4 = iota //IPsetV6 version for ipv6 IPsetV6 )
Variables ¶
This section is empty.
Functions ¶
func SetIpsetTestInstance ¶
func SetIpsetTestInstance(ipsetprovider IpsetProvider)
SetIpsetTestInstance sets a test instance of ipsetprovider
Types ¶
type ACLL3 ¶
type ACLL3 interface {
//RegisterExternalNets registers the ipsets corresponding the external networks.
RegisterExternalNets(contextID string, extnets policy.IPRuleList) error
//AddACLIPsets adds the IPs in the ipsets corresponding to the external network service ID.
UpdateACLIPsets([]string, string)
//DestroyUnusedIPsets will remove the unused ipsets.
DestroyUnusedIPsets()
//RemoveExternalNets removes the external networks corresponding to the PU contextID.
RemoveExternalNets(contextID string)
//GetACLIPsets returns the ipset string that correspond to the external networks in the argument
GetACLIPsetsNames(extnets policy.IPRuleList) []string
// DeleteEntryFromIPset delete an entry from an ipset
DeleteEntryFromIPset(ips []string, serviceID string)
}
ACLL3 interface is used to interact with the ipsets required for application and network acl's in L3.
type ACLManager ¶
type ACLManager interface {
AddToIPset(set provider.Ipset, data string) error
DelFromIPset(set provider.Ipset, data string) error
RegisterExternalNets(contextID string, extnets policy.IPRuleList) error
DestroyUnusedIPsets()
RemoveExternalNets(contextID string)
GetIPsets(extnets policy.IPRuleList, ipver int) []string
UpdateIPsets([]string, string)
}
ACLManager interface is used by supervisor. This interface provides the supervisor to create ipsets corresponding to service ID.
func CreateIPsetManager ¶
func CreateIPsetManager(ipsetv4 provider.IpsetProvider, ipsetv6 provider.IpsetProvider) ACLManager
CreateIPsetManager creates the handle with Interface ACLManager
type DestroyAll ¶
type DestroyAll interface {
//DestroyAllIPsets destroys the created ipsets.
DestroyAllIPsets() error
}
DestroyAll destroys all the ipsets created.
type IPSetManager ¶
type IPSetManager interface {
TargetAndExcludedNetworks
ServerL3
ACLL3
ProxyL4
DestroyAll
IPsetPrefix
Reset()
}
IPSetManager interface is used by supervisor. This interface provides the supervisor to create ipsets corresponding to service ID.
type IPsetPrefix ¶
type IPsetPrefix interface {
//GetIPsetPrefix returns the prefix.
GetIPsetPrefix() string
}
IPsetPrefix returns the prefix used to construct the ipset.
type Ipset ¶
type Ipset interface {
Add(entry string, timeout int) error
AddOption(entry string, option string, timeout int) error
Del(entry string) error
Destroy() error
Flush() error
Test(entry string) (bool, error)
}
Ipset is an abstraction of all the methods an implementation of userspace ipsets need to provide.
type IpsetProvider ¶
type IpsetProvider interface {
NewIpset(name string, ipsetType string, p *ipset.Params) (Ipset, error)
GetIpset(name string) Ipset
DestroyAll(prefix string) error
ListIPSets() ([]string, error)
}
IpsetProvider returns a fabric for Ipset.
type ProxyL4 ¶
type ProxyL4 interface {
//CreateProxySets creates the ipsets to implement L4/L7 services
CreateProxySets(contextID string) error
//GetProxyIPsetNames returns the ipset strings that correspond to the pu
GetProxySetNames(contextID string) (string, string)
//DestroyProxySet destroys the ipsets being used for L4/L7 services
DestroyProxySets(contextID string)
//FlushProxySets flushes the proxy IPsets
FlushProxySets(contextID string)
//AddIPPortToDependentService adds ip port to the dependent service
AddIPPortToDependentService(contextID string, ip *net.IPNet, port string) error
//AddPortToExposedService adds the port that this service is exposing
AddPortToExposedService(contextID string, port string) error
}
ProxyL4 interface is used to interact with the ipsets required for L4/L7 Services. These include dependent services and exposed Services
type ServerL3 ¶
type ServerL3 interface {
//CreateServerPortSet creates the ipset.
CreateServerPortSet(contextID string) error
//GetServerPortSetName returns the name of the portset created
GetServerPortSetName(contextID string) string
//DestroyServerPortSet destroys the server port set.
DestroyServerPortSet(contextID string) error
//AddPortToServerPortSet adds port to the portset.
AddPortToServerPortSet(contextID string, port string) error
//DeletePortFromServerPortSet deletes the port from port set.
DeletePortFromServerPortSet(contextID string, port string) error
}
ServerL3 interface is used to interact with the ipsets required to program ports that the server(PU) listens on in L3 datapath.
type TargetAndExcludedNetworks ¶
type TargetAndExcludedNetworks interface {
//CreateIPsetsForTargetAndExcludedNetworks creates the ipsets for target and excluded networks
CreateIPsetsForTargetAndExcludedNetworks() error
//UpdateIPsetsForTargetAndExcludedNetworks updates the ipsets accordingly.
UpdateIPsetsForTargetAndExcludedNetworks([]string, []string, []string) error
//GetIPsetNamesForTargetAndExcludedNetworks returns the ipsets names for tcp, udp and excluded networks
GetIPsetNamesForTargetAndExcludedNetworks() (string, string, string)
}
TargetAndExcludedNetworks interface is used to interact with target and excluded networks
type TestIpset ¶
type TestIpset interface {
Ipset
MockAdd(t *testing.T, impl func(entry string, timeout int) error)
MockAddOption(t *testing.T, impl func(entry string, option string, timeout int) error)
MockDel(t *testing.T, impl func(entry string) error)
MockDestroy(t *testing.T, impl func() error)
MockFlush(t *testing.T, impl func() error)
MockTest(t *testing.T, impl func(entry string) (bool, error))
}
TestIpset is a test implementation for Ipset
type TestIpsetProvider ¶
type TestIpsetProvider interface {
IpsetProvider
MockNewIpset(t *testing.T, impl func(name string, hasht string, p *ipset.Params) (Ipset, error))
MockGetIpset(t *testing.T, impl func(name string) Ipset)
MockDestroyAll(t *testing.T, impl func(string) error)
MockListIPSets(t *testing.T, impl func() ([]string, error))
}
TestIpsetProvider is a test implementation for IpsetProvider
func NewTestIpsetProvider ¶
func NewTestIpsetProvider() TestIpsetProvider
NewTestIpsetProvider returns a new TestManipulator.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package mock_ipsetmanager is a generated GoMock package.
|
Package mock_ipsetmanager is a generated GoMock package. |
Click to show internal directories.
Click to hide internal directories.