Documentation

Index

Constants

View Source
const (

	// RejectReported represents that flow was reported as rejected
	RejectReported bool = true

	// AcceptReported represents that flow was reported as accepted
	AcceptReported bool = false
)
View Source
const MaximumUDPQueueLen = 50

    MaximumUDPQueueLen is the maximum number of UDP packets buffered.

    Variables

    This section is empty.

    Functions

    func TCPConnectionExpirationNotifier

    func TCPConnectionExpirationNotifier(c cache.DataStore, id interface{}, item interface{})

      TCPConnectionExpirationNotifier handles processing the expiration of an element

      Types

      type AuthInfo

      type AuthInfo struct {
      	LocalContext         []byte
      	RemoteContext        []byte
      	RemoteContextID      string
      	RemotePublicKey      interface{}
      	RemoteIP             string
      	RemotePort           string
      	LocalServiceContext  []byte
      	RemoteServiceContext []byte
      }

        AuthInfo keeps authentication information about a connection

        type PingConfig

        type PingConfig struct {
        	StartTime   time.Time
        	Type        claimsheader.PingType
        	Passthrough bool
        	SessionID   string
        	Request     int
        }

          PingConfig holds ping configuration per connection.

          type ProxyConnState

          type ProxyConnState int

            ProxyConnState identifies the constants of the state of a proxied connection

            const (
            	// ClientTokenSend Init token send for client
            	ClientTokenSend ProxyConnState = iota
            
            	// ServerReceivePeerToken -- waiting to receive peer token
            	ServerReceivePeerToken
            
            	// ServerSendToken -- Send our own token and the client tokens
            	ServerSendToken
            
            	// ClientPeerTokenReceive -- Receive signed tokens from server
            	ClientPeerTokenReceive
            
            	// ClientSendSignedPair -- Sign the (token/nonce pair) and send
            	ClientSendSignedPair
            
            	// ServerAuthenticatePair -- Authenticate pair of tokens
            	ServerAuthenticatePair
            )

            type ProxyConnection

            type ProxyConnection struct {
            	sync.Mutex
            
            	Auth             AuthInfo
            	ReportFlowPolicy *policy.FlowPolicy
            	PacketFlowPolicy *policy.FlowPolicy
            
            	Secrets secrets.Secrets
            	// contains filtered or unexported fields
            }

              ProxyConnection is a record to keep state of proxy auth

              func NewProxyConnection

              func NewProxyConnection() *ProxyConnection

                NewProxyConnection returns a new Proxy Connection

                func (*ProxyConnection) GetState

                func (c *ProxyConnection) GetState() ProxyConnState

                  GetState returns the state of a proxy connection

                  func (*ProxyConnection) SetReported

                  func (c *ProxyConnection) SetReported(reported bool)

                    SetReported sets the flag to reported when the conn is reported

                    func (*ProxyConnection) SetState

                    func (c *ProxyConnection) SetState(state ProxyConnState)

                      SetState is used to setup the state for the Proxy Connection

                      type TCPConnection

                      type TCPConnection struct {
                      	sync.RWMutex
                      
                      	Auth AuthInfo
                      
                      	// ServiceData allows services to associate state with a connection
                      	ServiceData interface{}
                      
                      	// Context is the pucontext.PUContext that is associated with this connection
                      	// Minimizes the number of caches and lookups
                      	Context *pucontext.PUContext
                      
                      	// TimeOut signals the timeout to be used by the state machines
                      	TimeOut time.Duration
                      
                      	// ServiceConnection indicates that this connection is handled by a service
                      	ServiceConnection bool
                      
                      	// ReportFlowPolicy holds the last matched observed policy
                      	ReportFlowPolicy *policy.FlowPolicy
                      
                      	// PacketFlowPolicy holds the last matched actual policy
                      	PacketFlowPolicy *policy.FlowPolicy
                      
                      	// MarkForDeletion -- this is is used only in conjunction with serviceconnection. Its a hint for us if we have a fin for an earlier connection
                      	// and this is reused port flow.
                      	MarkForDeletion bool
                      
                      	RetransmittedSynAck bool
                      
                      	TCPtuple *TCPTuple
                      
                      	PingConfig *PingConfig
                      
                      	Secrets secrets.Secrets
                      	// contains filtered or unexported fields
                      }

                        TCPConnection is information regarding TCP Connection

                        func NewTCPConnection

                        func NewTCPConnection(context *pucontext.PUContext, p *packet.Packet) *TCPConnection

                          NewTCPConnection returns a TCPConnection information struct

                          func (*TCPConnection) Cleanup

                          func (c *TCPConnection) Cleanup(expiration bool)

                            Cleanup will provide information when a connection is removed by a timer.

                            func (*TCPConnection) GetState

                            func (c *TCPConnection) GetState() TCPFlowState

                              GetState is used to return the state

                              func (*TCPConnection) IsLoopbackConnection

                              func (c *TCPConnection) IsLoopbackConnection() bool

                                IsLoopbackConnection sets LoopbackConnection field.

                                func (*TCPConnection) SetLoopbackConnection

                                func (c *TCPConnection) SetLoopbackConnection(isLoopback bool)

                                  SetLoopbackConnection sets LoopbackConnection field.

                                  func (*TCPConnection) SetReported

                                  func (c *TCPConnection) SetReported(flowState bool)

                                    SetReported is used to track if a flow is reported

                                    func (*TCPConnection) SetState

                                    func (c *TCPConnection) SetState(state TCPFlowState)

                                      SetState is used to setup the state for the TCP connection

                                      func (*TCPConnection) String

                                      func (c *TCPConnection) String() string

                                        String returns a printable version of connection

                                        type TCPFlowState

                                        type TCPFlowState int

                                          TCPFlowState identifies the constants of the state of a TCP connectioncon

                                          const (
                                          
                                          	// TCPSynSend is the state where the Syn packets has been send, but no response has been received
                                          	TCPSynSend TCPFlowState = iota
                                          
                                          	// TCPSynReceived indicates that the syn packet has been received
                                          	TCPSynReceived
                                          
                                          	// TCPSynAckSend indicates that the SynAck packet has been send
                                          	TCPSynAckSend
                                          
                                          	// TCPSynAckReceived is the state where the SynAck has been received
                                          	TCPSynAckReceived
                                          
                                          	// TCPAckSend indicates that the ack packets has been sent
                                          	TCPAckSend
                                          
                                          	// TCPAckProcessed is the state that the negotiation has been completed
                                          	TCPAckProcessed
                                          
                                          	// TCPData indicates that the packets are now data packets
                                          	TCPData
                                          
                                          	// UnknownState indicates that this an existing connection in the uknown state.
                                          	UnknownState
                                          )

                                          type TCPTuple

                                          type TCPTuple struct {
                                          	SourceAddress      net.IP
                                          	DestinationAddress net.IP
                                          	SourcePort         uint16
                                          	DestinationPort    uint16
                                          }

                                            TCPTuple contains the 4 tuple for tcp connection

                                            func (*TCPTuple) String

                                            func (tcpTuple *TCPTuple) String() string

                                            type UDPConnection

                                            type UDPConnection struct {
                                            	sync.RWMutex
                                            
                                            	Context *pucontext.PUContext
                                            	Auth    AuthInfo
                                            
                                            	ReportFlowPolicy *policy.FlowPolicy
                                            	PacketFlowPolicy *policy.FlowPolicy
                                            	// ServiceData allows services to associate state with a connection
                                            	ServiceData interface{}
                                            
                                            	// PacketQueue indicates app UDP packets queued while authorization is in progress.
                                            	PacketQueue chan *packet.Packet
                                            	Writer      afinetrawsocket.SocketWriter
                                            
                                            	// ServiceConnection indicates that this connection is handled by a service
                                            	ServiceConnection bool
                                            
                                            	TestIgnore bool
                                            
                                            	Secrets secrets.Secrets
                                            	// contains filtered or unexported fields
                                            }

                                              UDPConnection is information regarding UDP connection.

                                              func NewUDPConnection

                                              func NewUDPConnection(context *pucontext.PUContext, writer afinetrawsocket.SocketWriter) *UDPConnection

                                                NewUDPConnection returns UDPConnection struct.

                                                func (*UDPConnection) AckChannel

                                                func (c *UDPConnection) AckChannel() chan bool

                                                  AckChannel returns the Ack stop channel.

                                                  func (*UDPConnection) AckStop

                                                  func (c *UDPConnection) AckStop()

                                                    AckStop issues a stop in the Ack channel.

                                                    func (*UDPConnection) DropPackets

                                                    func (c *UDPConnection) DropPackets()

                                                      DropPackets drops packets on errors during Authorization.

                                                      func (*UDPConnection) GetState

                                                      func (c *UDPConnection) GetState() UDPFlowState

                                                        GetState is used to get state of UDP Connection.

                                                        func (*UDPConnection) QueuePackets

                                                        func (c *UDPConnection) QueuePackets(udpPacket *packet.Packet) (err error)

                                                          QueuePackets queues UDP packets till the flow is authenticated.

                                                          func (*UDPConnection) ReadPacket

                                                          func (c *UDPConnection) ReadPacket() *packet.Packet

                                                            ReadPacket reads a packet from the queue.

                                                            func (*UDPConnection) SetReported

                                                            func (c *UDPConnection) SetReported(flowState bool)

                                                              SetReported is used to track if a flow is reported

                                                              func (*UDPConnection) SetState

                                                              func (c *UDPConnection) SetState(state UDPFlowState)

                                                                SetState is used to setup the state for the UDP Connection.

                                                                func (*UDPConnection) SynAckChannel

                                                                func (c *UDPConnection) SynAckChannel() chan bool

                                                                  SynAckChannel returns the SynAck stop channel.

                                                                  func (*UDPConnection) SynAckStop

                                                                  func (c *UDPConnection) SynAckStop()

                                                                    SynAckStop issues a stop in the synAckStop channel.

                                                                    func (*UDPConnection) SynChannel

                                                                    func (c *UDPConnection) SynChannel() chan bool

                                                                      SynChannel returns the SynStop channel.

                                                                      func (*UDPConnection) SynStop

                                                                      func (c *UDPConnection) SynStop()

                                                                        SynStop issues a stop on the synStop channel.

                                                                        type UDPFlowState

                                                                        type UDPFlowState int

                                                                          UDPFlowState identifies the constants of the state of a UDP connection.

                                                                          const (
                                                                          	// UDPStart is the state where a syn will be sent.
                                                                          	UDPStart UDPFlowState = iota
                                                                          
                                                                          	// UDPClientSendSyn is the state where a syn has been sent.
                                                                          	UDPClientSendSyn
                                                                          
                                                                          	// UDPClientSendAck  is the state where application side has send the ACK.
                                                                          	UDPClientSendAck
                                                                          
                                                                          	// UDPReceiverSendSynAck is the state where syn ack packet has been sent.
                                                                          	UDPReceiverSendSynAck
                                                                          
                                                                          	// UDPReceiverProcessedAck is the state that the negotiation has been completed.
                                                                          	UDPReceiverProcessedAck
                                                                          
                                                                          	// UDPData is the state where data is being transmitted.
                                                                          	UDPData
                                                                          )

                                                                          Source Files