Affected by GO-2025-3560 and 3 other vulnerabilities

GO-2025-3560: Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers in github.com/cilium/cilium

GO-2025-3635: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium

GO-2025-4167: Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium

GO-2026-4856: Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic in github.com/cilium/cilium

cidr

package

v1.15.13 Latest Latest Go to latest Published: Jan 16, 2025 License: Apache-2.0 Imports: 4 Imported by: 63

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cilium/cilium

Links

Documentation ¶

Rendered for

Index ¶

Constants
func Contains(ipNets []*net.IPNet, ipNet *net.IPNet) bool
func ContainsAll(ipNets1, ipNets2 []*net.IPNet) bool
func Equal(n, o *net.IPNet) bool
func RemoveAll(ipNets, toRemove []*net.IPNet) []*net.IPNet
func ZeroNet(family int) *net.IPNet
type CIDR

Constants ¶

View Source

const (
	FAMILY_ALL  = nl.FAMILY_ALL
	FAMILY_V4   = nl.FAMILY_V4
	FAMILY_V6   = nl.FAMILY_V6
	FAMILY_MPLS = nl.FAMILY_MPLS
)

Family type definitions

Variables ¶

This section is empty.

Functions ¶

func Contains ¶

func Contains(ipNets []*net.IPNet, ipNet *net.IPNet) bool

Contains returns true if 'ipNets' contains ipNet.

func ContainsAll ¶

func ContainsAll(ipNets1, ipNets2 []*net.IPNet) bool

ContainsAll returns true if 'ipNets1' contains all net.IPNet of 'ipNets2'

func Equal ¶

func Equal(n, o *net.IPNet) bool

Equal returns true if the n and o net.IPNet CIDRs are Equal.

func RemoveAll ¶

func RemoveAll(ipNets, toRemove []*net.IPNet) []*net.IPNet

RemoveAll removes all cidrs specified in 'toRemove' from 'ipNets'. ipNets is clobbered (to ensure removed CIDRs can be garbage collected) and must not be used after this function has been called. Example usage:

cidrs = cidr.RemoveAll(cidrs, toRemove)

func ZeroNet ¶

func ZeroNet(family int) *net.IPNet

ZeroNet generates a zero net.IPNet object for the given address family

Types ¶

type CIDR ¶

type CIDR struct {
	*net.IPNet
}

CIDR is a network CIDR representation based on net.IPNet

func DiffCIDRLists ¶

func DiffCIDRLists(old, new []*CIDR) (add, remove []*CIDR)

DiffCIDRLists compares an old and new list of CIDRs and returns the list of removed and added CIDRs

func MustParseCIDR ¶

func MustParseCIDR(str string) *CIDR

MustParseCIDR parses the CIDR string using net.ParseCIDR and panics if the CIDR cannot be parsed

func NewCIDR ¶

func NewCIDR(ipnet *net.IPNet) *CIDR

NewCIDR returns a new CIDR using a net.IPNet

func ParseCIDR ¶

func ParseCIDR(str string) (*CIDR, error)

ParseCIDR parses the CIDR string using net.ParseCIDR

func (*CIDR) AvailableIPs ¶

func (n *CIDR) AvailableIPs() int

AvailableIPs returns the number of IPs available in a CIDR

func (*CIDR) DeepCopy ¶

func (n *CIDR) DeepCopy() *CIDR

DeepCopy creates a deep copy of a CIDR

func (*CIDR) DeepCopyInto ¶

func (in *CIDR) DeepCopyInto(out *CIDR)

DeepCopyInto is a deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CIDR) DeepEqual ¶

func (in *CIDR) DeepEqual(other *CIDR) bool

DeepEqual is an deepequal function, deeply comparing the receiver with other. in must be non-nil.

func (*CIDR) Equal ¶

func (n *CIDR) Equal(o *CIDR) bool

Equal returns true if the receiver's CIDR equals the other CIDR.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL