Documentation

Index

Constants

View Source
const (
	// FlowReject indicates that a flow was rejected
	FlowReject = "reject"
	// FlowAccept logs that a flow is accepted
	FlowAccept = "accept"
	// MissingToken indicates that the token was missing
	MissingToken = "missingtoken"
	// InvalidToken indicates that the token was invalid
	InvalidToken = "token"
	// InvalidFormat indicates that the packet metadata were not correct
	InvalidFormat = "format"
	// InvalidHeader indicates that the TCP header was not there.
	InvalidHeader = "header"
	// InvalidPayload indicates that the TCP payload was not there or bad.
	InvalidPayload = "payload"
	// InvalidContext indicates that there was no context in the metadata
	InvalidContext = "context"
	// InvalidConnection indicates that there was no connection found
	InvalidConnection = "connection"
	// InvalidState indicates that a packet was received without proper state information
	InvalidState = "state"
	// InvalidNonse indicates that the nonse check failed
	InvalidNonse = "nonse"
	// PolicyDrop indicates that the flow is rejected because of the policy decision
	PolicyDrop = "policy"
	// APIPolicyDrop indicates that the request was dropped because of failed API validation.
	APIPolicyDrop = "api"
	// UnableToDial indicates that the proxy cannot dial out the connection
	UnableToDial = "dial"
	// CompressedTagMismatch indicates that the compressed tag version is dissimilar
	CompressedTagMismatch = "compressedtagmismatch"
	// EncryptionMismatch indicates that the policy encryption varies between client and server enforcer
	EncryptionMismatch = "encryptionmismatch"
	// DatapathVersionMismatch indicates that the datapath version is dissimilar
	DatapathVersionMismatch = "datapathversionmismatch"
	// PacketDrop indicate a single packet drop
	PacketDrop = "packetdrop"
)

    Flow event description

    View Source
    const (
    	// ContainerStart indicates a container start event
    	ContainerStart = "start"
    	// ContainerStop indicates a container stop event
    	ContainerStop = "stop"
    	// ContainerCreate indicates a container create event
    	ContainerCreate = "create"
    	// ContainerDelete indicates a container delete event
    	ContainerDelete = "delete"
    	// ContainerUpdate indicates a container policy update event
    	ContainerUpdate = "update"
    	// ContainerFailed indicates an event that a container was stopped because of policy issues
    	ContainerFailed = "forcestop"
    	// ContainerIgnored indicates that the container will be ignored by Trireme
    	ContainerIgnored = "ignore"
    	// ContainerDeleteUnknown indicates that policy for an unknown  container was deleted
    	ContainerDeleteUnknown = "unknowncontainer"
    )

      Container event description

      View Source
      const (
      	// PolicyValid Normal flow accept
      	PolicyValid = "V"
      	// DefaultEndPoint  provides a string for unknown container sources
      	DefaultEndPoint = "default"
      	// SomeClaimsSource provides a string for some claims flow source.
      	SomeClaimsSource = "some-claims"
      )

      Variables

      This section is empty.

      Functions

      func HashHashWithNamespace

      func HashHashWithNamespace(claimsHash string, namespace string) (string, error)

        HashHashWithNamespace hash the given claim hash with the given namespace.

        func StatsFlowHash

        func StatsFlowHash(r *FlowRecord) string

          StatsFlowHash is a hash function to hash flows

          func StatsUserHash

          func StatsUserHash(r *UserRecord) error

            StatsUserHash is a hash function to hash user records.

            Types

            type ContainerRecord

            type ContainerRecord struct {
            	ContextID string
            	IPAddress policy.ExtendedMap
            	Tags      *policy.TagStore
            	Event     string
            }

              ContainerRecord is a statistics record for a container

              type CounterReport

              type CounterReport struct {
              	Namespace string
              	ContextID string
              	Counters  []Counters
              }

                CounterReport is called from the PU which reports Counters from the datapath

                type Counters

                type Counters struct {
                	Name  string
                	Value uint32
                }

                  Counters represent a single entry with name and current val

                  type DNSRequestReport

                  type DNSRequestReport struct {
                  	Namespace  string
                  	Source     *EndPoint
                  	NameLookup string
                  	Error      string
                  	Count      int
                  	Ts         time.Time
                  }

                    DNSRequestReport object is used to report dns requests being made by PU's

                    type DefaultCollector

                    type DefaultCollector struct{}

                      DefaultCollector implements a default collector infrastructure to syslog

                      func (*DefaultCollector) CollectContainerEvent

                      func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord)

                        CollectContainerEvent is part of the EventCollector interface.

                        func (*DefaultCollector) CollectCounterEvent

                        func (d *DefaultCollector) CollectCounterEvent(report *CounterReport)

                          CollectCounterEvent collect counters from the datapath

                          func (*DefaultCollector) CollectDNSRequests

                          func (d *DefaultCollector) CollectDNSRequests(report *DNSRequestReport)

                            CollectDNSRequests collect counters from the datapath

                            func (*DefaultCollector) CollectFlowEvent

                            func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord)

                              CollectFlowEvent is part of the EventCollector interface.

                              func (*DefaultCollector) CollectPacketEvent

                              func (d *DefaultCollector) CollectPacketEvent(report *PacketReport)

                                CollectPacketEvent collects packet events from the datapath

                                func (*DefaultCollector) CollectPingEvent

                                func (d *DefaultCollector) CollectPingEvent(report *PingReport)

                                  CollectPingEvent collects ping events from the datapath

                                  func (*DefaultCollector) CollectTraceEvent

                                  func (d *DefaultCollector) CollectTraceEvent(records []string)

                                    CollectTraceEvent collects iptables trace events

                                    func (*DefaultCollector) CollectUserEvent

                                    func (d *DefaultCollector) CollectUserEvent(record *UserRecord)

                                      CollectUserEvent is part of the EventCollector interface.

                                      type EndPoint

                                      type EndPoint struct {
                                      	ID         string
                                      	IP         string
                                      	URI        string
                                      	HTTPMethod string
                                      	UserID     string
                                      	Type       EndPointType
                                      	Port       uint16
                                      }

                                        EndPoint is a structure that holds all the endpoint information

                                        type EndPointType

                                        type EndPointType byte

                                          EndPointType is the type of an endpoint (PU or an external IP address )

                                          const (
                                          	// EndPointTypeExternalIP indicates that the endpoint is an external IP address
                                          	EndPointTypeExternalIP EndPointType = iota
                                          	// EnpointTypePU indicates that the endpoint is a PU.
                                          	EnpointTypePU
                                          	// EndpointTypeClaims indicates that the endpoint is of type claims.
                                          	EndpointTypeClaims
                                          )

                                          func (*EndPointType) String

                                          func (e *EndPointType) String() string

                                          type EventCollector

                                          type EventCollector interface {
                                          
                                          	// CollectFlowEvent collect a  flow event.
                                          	CollectFlowEvent(record *FlowRecord)
                                          
                                          	// CollectContainerEvent collects a container events
                                          	CollectContainerEvent(record *ContainerRecord)
                                          
                                          	// CollectUserEvent  collects a user event
                                          	CollectUserEvent(record *UserRecord)
                                          
                                          	// CollectTraceEvent collects a set of trace messages generated with Iptables trace command
                                          	CollectTraceEvent(records []string)
                                          
                                          	// CollectPacketEvent collects packet event from nfqdatapath
                                          	CollectPacketEvent(report *PacketReport)
                                          
                                          	// CollectCounterEvent collects the counters from
                                          	CollectCounterEvent(counterReport *CounterReport)
                                          
                                          	// CollectDNSRequests collects the dns requests
                                          	CollectDNSRequests(request *DNSRequestReport)
                                          
                                          	// CollectPingEvent collects the ping events
                                          	CollectPingEvent(report *PingReport)
                                          }

                                            EventCollector is the interface for collecting events.

                                            func NewDefaultCollector

                                            func NewDefaultCollector() EventCollector

                                              NewDefaultCollector returns a default implementation of an EventCollector

                                              type FlowRecord

                                              type FlowRecord struct {
                                              	ContextID        string
                                              	Namespace        string
                                              	Source           *EndPoint
                                              	Destination      *EndPoint
                                              	Tags             *policy.TagStore
                                              	DropReason       string
                                              	PolicyID         string
                                              	ObservedPolicyID string
                                              	ServiceType      policy.ServiceType
                                              	ServiceID        string
                                              	Count            int
                                              	Action           policy.ActionType
                                              	ObservedAction   policy.ActionType
                                              	L4Protocol       uint8
                                              }

                                                FlowRecord describes a flow record for statistis

                                                func (*FlowRecord) String

                                                func (f *FlowRecord) String() string

                                                type PacketReport

                                                type PacketReport struct {
                                                	TCPFlags        int
                                                	Claims          []string
                                                	DestinationIP   string
                                                	DestinationPort int
                                                	DropReason      string
                                                	Encrypt         bool
                                                	Event           packettracing.PacketEvent
                                                	Length          int
                                                	Mark            int
                                                	Namespace       string
                                                	PacketID        int
                                                	Protocol        int
                                                	PUID            string
                                                	SourceIP        string
                                                	SourcePort      int
                                                	TriremePacket   bool
                                                	Payload         []byte
                                                }

                                                  PacketReport is the struct which is used to report packets captured in datapath

                                                  type PingReport

                                                  type PingReport struct {
                                                  	SourceID             string
                                                  	SourceNamespace      string
                                                  	DestinationID        string
                                                  	DestinationNamespace string
                                                  	FlowTuple            string
                                                  	Latency              string
                                                  	AgentVersion         string
                                                  	Protocol             int
                                                  	ServiceType          string
                                                  	PayloadSize          int
                                                  	Request              int
                                                  	Type                 claimsheader.PingType
                                                  	Stage                Stage
                                                  	SessionID            string
                                                  }

                                                    PingReport represents a single ping report from datapath.

                                                    type Stage

                                                    type Stage int

                                                      Stage represents the checkpoint when the report is sent.

                                                      const (
                                                      	Origin Stage = iota
                                                      	Reply
                                                      )

                                                        Stage options.

                                                        func (Stage) String

                                                        func (s Stage) String() string

                                                        type UserRecord

                                                        type UserRecord struct {
                                                        	ID        string
                                                        	Namespace string
                                                        	Claims    []string
                                                        }

                                                          UserRecord reports a new user access. These will be reported periodically.

                                                          Directories

                                                          Path Synopsis
                                                          Package mockcollector is a generated GoMock package.
                                                          Package mockcollector is a generated GoMock package.