sockets

package

v1.18.4 Latest Latest Go to latest Published: Nov 12, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cilium/cilium

Links

Documentation ¶

Index ¶

Constants
func Destroy(logger *slog.Logger, filter SocketFilter) error
func DestroySocket(logger *slog.Logger, sock netlink.Socket, proto netlink.Proto, ...) error
func Iterate(proto uint8, family uint8, stateFilter uint32, ...) error
type DestroySocketCB
type Socket
- func (s *Socket) Deserialize(b []byte) error
type SocketDestroyer
type SocketFilter
- func (f *SocketFilter) MatchSocket(socket netlink.SocketID) bool
type SocketRequest
- func (r *SocketRequest) Len() int
- func (r SocketRequest) Serialize() []byte

Constants ¶

View Source

const (
	SOCK_DESTROY = 21
)

Variables ¶

This section is empty.

Functions ¶

func Destroy ¶

func Destroy(logger *slog.Logger, filter SocketFilter) error

Destroy destroys sockets matching the passed filter parameters using the sock_diag netlink framework.

Supported families in the filter: syscall.AF_INET, syscall.AF_INET6 Supported protocols in the filter: unix.IPPROTO_UDP

func DestroySocket ¶ added in v1.18.0

func DestroySocket(logger *slog.Logger, sock netlink.Socket, proto netlink.Proto, stateFilter uint32) error

DestroySocket sends a socket destroy message via netlink and waits for a ack response. This is implemented using primitives in vishvananda library, however the default SocketDestroy() function is insufficient for our purposes as it identifies socket only on src/dst address whereas this allows destroying socket precisely via the netlink.Socket object.

func Iterate ¶ added in v1.18.0

func Iterate(proto uint8, family uint8, stateFilter uint32, fn func(*netlink.Socket, error) error) error

Iterate iterates netlink sockets via a callback.

Types ¶

type DestroySocketCB ¶

type DestroySocketCB func(id netlink.SocketID) bool

type Socket ¶ added in v1.18.0

type Socket netlink.Socket

Socket is an alias of the netlink library Socket type but it implements deserialization functions.

func (*Socket) Deserialize ¶ added in v1.18.0

func (s *Socket) Deserialize(b []byte) error

Deserialize accepts raw byte data of a netlink socket diag response and deserializes it into the target socket.

type SocketDestroyer ¶

type SocketDestroyer interface {
	Destroy(filter SocketFilter) error
}

type SocketFilter ¶

type SocketFilter struct {
	DestIp   net.IP
	DestPort uint16
	Family   uint8
	Protocol uint8
	// Optional callback function to determine whether a filtered socket needs to be destroyed
	DestroyCB DestroySocketCB
}

func (*SocketFilter) MatchSocket ¶

func (f *SocketFilter) MatchSocket(socket netlink.SocketID) bool

type SocketRequest ¶ added in v1.18.0

type SocketRequest struct {
	Family   uint8
	Protocol uint8
	Ext      uint8

	States uint32
	ID     netlink.SocketID
	// contains filtered or unexported fields
}

SocketRequest implements netlink.NetlinkRequestData to be used to send socket requests to netlink.

func (*SocketRequest) Len ¶ added in v1.18.0

func (r *SocketRequest) Len() int

func (SocketRequest) Serialize ¶ added in v1.18.0

func (r SocketRequest) Serialize() []byte

Source Files ¶

View all Source files

sockets.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL