type ConntrackTableType … const ConntrackTable … const ConntrackExpectTable … const seekCurrent … type InetFamily … // ConntrackTableList returns the flow list of a table of a specific family // conntrack -L [table] [options] List conntrack or expectation table func ConntrackTableList(table ConntrackTableType, family InetFamily) ([]*ConntrackFlow, error) { … } // ConntrackTableFlush flushes all the flows of a specified table // conntrack -F [table] Flush table // The flush operation applies to all the family types func ConntrackTableFlush(table ConntrackTableType) error { … } // ConntrackCreate creates a new conntrack flow in the desired table // conntrack -I [table] Create a conntrack or expectation func ConntrackCreate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error { … } // ConntrackUpdate updates an existing conntrack flow in the desired table using the handle // conntrack -U [table] Update a conntrack func ConntrackUpdate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error { … } // ConntrackDeleteFilter deletes entries on the specified table on the base of the filter // conntrack -D [table] parameters Delete conntrack or expectation // // Deprecated: use [ConntrackDeleteFilters] instead. func ConntrackDeleteFilter(table ConntrackTableType, family InetFamily, filter CustomConntrackFilter) (uint, error) { … } // ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters // conntrack -D [table] parameters Delete conntrack or expectation func ConntrackDeleteFilters(table ConntrackTableType, family InetFamily, filters ...CustomConntrackFilter) (uint, error) { … } // ConntrackTableList returns the flow list of a table of a specific family using the netlink handle passed // conntrack -L [table] [options] List conntrack or expectation table func (h *Handle) ConntrackTableList(table ConntrackTableType, family InetFamily) ([]*ConntrackFlow, error) { … } // ConntrackTableFlush flushes all the flows of a specified table using the netlink handle passed // conntrack -F [table] Flush table // The flush operation applies to all the family types func (h *Handle) ConntrackTableFlush(table ConntrackTableType) error { … } // ConntrackCreate creates a new conntrack flow in the desired table using the handle // conntrack -I [table] Create a conntrack or expectation func (h *Handle) ConntrackCreate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error { … } // ConntrackUpdate updates an existing conntrack flow in the desired table using the handle // conntrack -U [table] Update a conntrack func (h *Handle) ConntrackUpdate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error { … } // ConntrackDeleteFilter deletes entries on the specified table on the base of the filter using the netlink handle passed // conntrack -D [table] parameters Delete conntrack or expectation // // Deprecated: use [Handle.ConntrackDeleteFilters] instead. func (h *Handle) ConntrackDeleteFilter(table ConntrackTableType, family InetFamily, filter CustomConntrackFilter) (uint, error) { … } // ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters using the netlink handle passed // conntrack -D [table] parameters Delete conntrack or expectation func (h *Handle) ConntrackDeleteFilters(table ConntrackTableType, family InetFamily, filters ...CustomConntrackFilter) (uint, error) { … } func (h *Handle) newConntrackRequest(table ConntrackTableType, family InetFamily, operation, flags int) *nl.NetlinkRequest { … } func (h *Handle) dumpConntrackTable(table ConntrackTableType, family InetFamily) ([][]byte, error) { … } type ProtoInfo … type ProtoInfoTCP … // Protocol returns "tcp". func (*ProtoInfoTCP) Protocol() string { … } func (p *ProtoInfoTCP) toNlData() ([]*nl.RtAttr, error) { … } type ProtoInfoSCTP … // Protocol returns "sctp". func (*ProtoInfoSCTP) Protocol() string { … } type ProtoInfoDCCP … // Protocol returns "dccp". func (*ProtoInfoDCCP) Protocol() string { … } type IPTuple … // toNlData generates the inner fields of a nested tuple netlink datastructure // does not generate the "nested"-flagged outer message. func (t *IPTuple) toNlData(family uint8) ([]*nl.RtAttr, error) { … } type ConntrackFlow … func (s *ConntrackFlow) String() string { … } // toNlData generates netlink messages representing the flow. func (s *ConntrackFlow) toNlData() ([]*nl.RtAttr, error) { … } // This method parse the ip tuple structure // The message structure is the following: // <len, [CTA_IP_V4_SRC|CTA_IP_V6_SRC], 16 bytes for the IP> // <len, [CTA_IP_V4_DST|CTA_IP_V6_DST], 16 bytes for the IP> // <len, NLA_F_NESTED|nl.CTA_TUPLE_PROTO, 1 byte for the protocol, 3 bytes of padding> // <len, CTA_PROTO_SRC_PORT, 2 bytes for the source port, 2 bytes of padding> // <len, CTA_PROTO_DST_PORT, 2 bytes for the source port, 2 bytes of padding> func parseIpTuple(reader *bytes.Reader, tpl *IPTuple) uint8 { … } func parseNfAttrTLV(r *bytes.Reader) (isNested bool, attrType, len uint16, value []byte) { … } func parseNfAttrTL(r *bytes.Reader) (isNested bool, attrType, len uint16) { … } // skipNfAttrValue seeks `r` past attr of length `len`. // Maintains buffer alignment. // Returns length of the seek performed. func skipNfAttrValue(r *bytes.Reader, len uint16) uint16 { … } func parseBERaw16(r *bytes.Reader, v *uint16) { … } func parseBERaw32(r *bytes.Reader, v *uint32) { … } func parseBERaw64(r *bytes.Reader, v *uint64) { … } func parseRaw32(r *bytes.Reader, v *uint32) { … } func parseByteAndPacketCounters(r *bytes.Reader) (bytes, packets uint64) { … } // when the flow is alive, only the timestamp_start is returned in structure func parseTimeStamp(r *bytes.Reader, readSize uint16) (tstart, tstop uint64) { … } func parseProtoInfoTCPState(r *bytes.Reader) (s uint8) { … } // parseProtoInfoTCP reads the entire nested protoinfo structure, but only parses the state attr. func parseProtoInfoTCP(r *bytes.Reader, attrLen uint16) (*ProtoInfoTCP) { … } func parseProtoInfo(r *bytes.Reader, attrLen uint16) (p ProtoInfo) { … } func parseTimeOut(r *bytes.Reader) (ttimeout uint32) { … } func parseConnectionMark(r *bytes.Reader) (mark uint32) { … } func parseConnectionLabels(r *bytes.Reader) (label []byte) { … } func parseConnectionZone(r *bytes.Reader) (zone uint16) { … } func parseRawData(data []byte) *ConntrackFlow { … } type ConntrackFilterType … const ConntrackOrigSrcIP … const ConntrackOrigDstIP … const ConntrackReplySrcIP … const ConntrackReplyDstIP … const ConntrackReplyAnyIP … const ConntrackOrigSrcPort … const ConntrackOrigDstPort … const ConntrackMatchLabels … const ConntrackUnmatchLabels … const ConntrackNatSrcIP … const ConntrackNatDstIP … const ConntrackNatAnyIP … type CustomConntrackFilter … type ConntrackFilter … // AddIPNet adds a IP subnet to the conntrack filter func (f *ConntrackFilter) AddIPNet(tp ConntrackFilterType, ipNet *net.IPNet) error { … } // AddIP adds an IP to the conntrack filter func (f *ConntrackFilter) AddIP(tp ConntrackFilterType, ip net.IP) error { … } // AddPort adds a Port to the conntrack filter if the Layer 4 protocol allows it func (f *ConntrackFilter) AddPort(tp ConntrackFilterType, port uint16) error { … } // AddProtocol adds the Layer 4 protocol to the conntrack filter func (f *ConntrackFilter) AddProtocol(proto uint8) error { … } // AddLabels adds the provided list (zero or more) of labels to the conntrack filter // ConntrackFilterType here can be either: // 1. ConntrackMatchLabels: This matches every flow that has a label value (len(flow.Labels) > 0) // against the list of provided labels. If `flow.Labels` contains ALL the provided labels // it is considered a match. This can be used when you want to match flows that contain // one or more labels. // 2. ConntrackUnmatchLabels: This matches every flow that has a label value (len(flow.Labels) > 0) // against the list of provided labels. If `flow.Labels` does NOT contain ALL the provided labels // it is considered a match. This can be used when you want to match flows that don't contain // one or more labels. func (f *ConntrackFilter) AddLabels(tp ConntrackFilterType, labels [][]byte) error { … } // AddZone adds a zone to the conntrack filter func (f *ConntrackFilter) AddZone(zone uint16) error { … } // MatchConntrackFlow applies the filter to the flow and returns true if the flow matches the filter // false otherwise func (f *ConntrackFilter) MatchConntrackFlow(flow *ConntrackFlow) bool { … } var _ …
Codebase Browser
kubernetes