filter

package
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 18, 2026 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidPort    = errors.New("invalid port")
	ErrPortNotGuarded = errors.New("port is not guarded")
	ErrNotConfigured  = errors.New("filter is not configured")
)

Functions

This section is empty.

Types

type Backend 

type Backend interface {
	IsPortGuarded(ctx context.Context, port uint16) (bool, error)
	InsertPending(ctx context.Context, ip net.IP, port uint16, window time.Duration) error
	Stats(ctx context.Context) (Counters, error)
	FlushAuthorizations(ctx context.Context) (FlushResult, error)

	// работает только в режиме отладки
	VerifyPending(ctx context.Context, ip net.IP, port uint16) error
}

type Counters 

type Counters struct {
	Allowed                uint64 `json:"allowed"`
	Dropped                uint64 `json:"dropped"`
	SYNAllowed             uint64 `json:"syn_allowed"`
	SYNDropped             uint64 `json:"syn_dropped"`
	ActiveFlowHits         uint64 `json:"active_flow_hits"`
	PendingPromotions      uint64 `json:"pending_promotions"`
	PendingExpiredCleanups uint64 `json:"pending_expired_cleanups"`
	IPPortAuthHits         uint64 `json:"ip_port_auth_hits"`
	NonGuardedPortAllowed  uint64 `json:"non_guarded_port_allowed"`
	GuardedPortDropped     uint64 `json:"guarded_port_dropped"`
}

Counters — “сырые” счетчики из BPF.

type FlushResult added in v0.0.3 

type FlushResult struct {
	PendingEntriesRemoved uint64 `json:"pending_entries_removed"`
	ActiveFlowsRemoved    uint64 `json:"active_flows_removed"`
}

FlushResult описывает, сколько записей, связанных с разрешениями времени выполнения, было удалено.

type Options 

type Options struct {
	Window time.Duration
	Debug  bool
	Now    func() time.Time
}

type RuntimeConfigurator added in v0.0.3 

type RuntimeConfigurator interface {
	ConfigureRuntime(backend Backend, window time.Duration) error
}

RuntimeConfigurator updates filter runtime dependencies without recreating use case.

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func New 

func New(backend Backend, opts Options) *Service

func (*Service) Allow 

func (s *Service) Allow(ctx context.Context, ip net.IP, port uint16) (time.Time, error)

func (*Service) BlockAll added in v0.0.3 

func (s *Service) BlockAll(ctx context.Context) (FlushResult, error)

BlockAll блогирует все активные разрешения выданные в системе.

func (*Service) ConfigureRuntime added in v0.0.3 

func (s *Service) ConfigureRuntime(backend Backend, window time.Duration) error

ConfigureRuntime заменяет бэкенд и окно, используемые Allow/Stats во время выполнения.

func (*Service) Stats 

func (s *Service) Stats(ctx context.Context) (Stats, error)

type Stats 

type Stats struct {
	Counters

	AllowRatePercent float64 `json:"allow_rate_percent"`
	DropRatePercent  float64 `json:"drop_rate_percent"`
}

Stats — то, что отдаём наружу (usecase результат).

type UseCase 

type UseCase interface {
	Allow(ctx context.Context, ip net.IP, port uint16) (expires time.Time, err error)
	Stats(ctx context.Context) (Stats, error)
	BlockAll(ctx context.Context) (FlushResult, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.