dptech

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 1, 2026 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Dptech_ICMP6_N2P = map[int]string{
	128: "echo-request",
	129: "echo-reply",
	130: "membership-query",
	132: "membership-termination",
	131: "membership-report",
	136: "neighbor-advertisement",
	137: "neighbor-redirect",
	135: "neighbor-solicit",
	2:   "packet-too-big",
	4:   "parameter-problem",
	134: "router-advertisement",
	138: "router-renumbering",
	133: "router-solicit",
	140: "node-information-reply",
	139: "node-information-request",
	3:   "time-exceeded",
	1:   "destination-unreachable",
}
View Source 
var Dptech_ICMP6_P2N = map[string]int{
	"echo-request":             128,
	"echo-reply":               129,
	"membership-query":         130,
	"membership-termination":   132,
	"membership-report":        131,
	"neighbor-advertisement":   136,
	"neighbor-redirect":        137,
	"neighbor-solicit":         135,
	"packet-too-big":           2,
	"parameter-problem":        4,
	"router-advertisement":     134,
	"router-renumbering":       138,
	"node-information-reply":   140,
	"node-information-request": 139,
	"router-solicit":           133,
	"time-exceeded":            3,
	"destination-unreachable":  1,
}
View Source 
var Dptech_ICMP_N2P = map[int]string{
	8:  "echo-request",
	0:  "echo-reply",
	16: "info-reply",
	15: "info-request",
	18: "mask-reply",
	17: "mask-request",
	32: "mobile-redirect",
	12: "parameter-problem",
	5:  "redirect",
	9:  "router-advertisement",
	10: "router-solicit",
	4:  "source-quench",
	11: "time-exceeded",
	14: "timestamp-reply",
	13: "timestamp",
	3:  "unreachable",
}
View Source 
var Dptech_ICMP_P2N = map[string]int{
	"echo-request":         8,
	"echo-reply":           0,
	"info-reply":           16,
	"info-request":         15,
	"mask-reply":           18,
	"mask-request":         17,
	"mobile-redirect":      32,
	"parameter-problem":    12,
	"redirect":             5,
	"router-advertisement": 9,
	"router-solicit":       10,
	"source-quench":        4,
	"time-exceeded":        11,
	"timestamp-reply":      14,
	"timestamp":            13,
	"unreachable":          3,
}
View Source 
var Dptech_NumToProtocol = map[int]string{
	51:  "ah",
	88:  "eigrp",
	58:  "icmp6",
	50:  "esp",
	47:  "gre",
	1:   "icmp",
	2:   "igmp",
	9:   "igrp",
	255: "ip",
	4:   "ipinip",
	94:  "nos",
	89:  "ospf",
	108: "pcp",
	109: "snp",
	6:   "tcp",
	132: "sctp",
	17:  "udp",
	103: "pim",

	256: "tcp-udp",
}
View Source 
var Dptech_ProtocolToNum = map[string]int{
	"ah":      51,
	"icmp6":   58,
	"eigrp":   88,
	"esp":     50,
	"gre":     47,
	"icmp":    1,
	"igmp":    2,
	"igrp":    9,
	"ip":      255,
	"ipinip":  4,
	"nos":     94,
	"ospf":    89,
	"pcp":     108,
	"sctp":    132,
	"snp":     109,
	"tcp":     6,
	"udp":     17,
	"pim":     103,
	"ipsec":   50,
	"pptp":    47,
	"tcp-udp": 256,
}
View Source 
var Dptech_TCP_P2N = map[string]string{
	"BGP":           "tcp:--|179",
	"CHARGEN":       "tcp:--|19",
	"DAYTIME":       "tcp:--|13",
	"DHCP-relay":    "udp:--|67",
	"DNS":           "udp:--|53",
	"ECHO":          "icmp:8|0",
	"ECHO-reply":    "icmp:0|0",
	"ECHO6":         "icmp6:128|0",
	"ECHO6-reply":   "icmp6:129|0",
	"ESP":           "esp",
	"FTP":           "tcp:--|21",
	"GOPHER":        "tcp:--|70-70",
	"GRE":           "gre",
	"H323-TCP/389":  "tcp:--|389-389",
	"H323-TCP/522":  "tcp:--|522-522",
	"H323-TCP/1503": "tcp:--|1503-1503",
	"H323-TCP/1720": "tcp:--|1720-1720",
	"H323-TCP/1731": "tcp:--|1731-1731",
	"H323-UDP/1719": "udp:--|1719-1719",
	"HTTP":          "tcp:--|80",
	"HTTPS":         "tcp:--|443",
	"IMAP":          "tcp:--|143",
	"IRC":           "tcp:--|6660-6669",
	"L2TP":          "udp:--|1701",
	"LDAP":          "tcp:--|389",
	"MODBUS":        "tcp:--|502",
	"NNTP":          "tcp:--|119",
	"ORACLE":        "tcp:--|1521-1521",
	"OSPF":          "ospf",
	"POP3":          "tcp:--|110",
	"PPTP":          "tcp:--|1723",
	"RDP-TCP":       "tcp:--|3389-3389",
	"RDP-UDP":       "udp:--|3389-3389",
	"RIP":           "udp:--|520",
	"RLOGIN":        "tcp:--|513-513",
	"RSH":           "tcp:--|514",
	"RTSP-TCP":      "tcp:--|554-554",
	"RTSP-UDP":      "udp:--|554-554",
	"SIP-TCP/5060":  "tcp:--|5060-5060",
	"SIP-UDP/5060":  "udp:--|5060-5060",
	"SMTP":          "tcp:--|25",
	"SNMP-TCP/161":  "tcp:--|161-161",
	"SNMP-TCP/162":  "tcp:--|162-162",
	"SNMP-UDP/161":  "udp:--|161-161",
	"SSH":           "tcp:--|22",
	"SYSLOG":        "udp:--|514",
	"TALK":          "udp:--|517-518",
	"TELNET":        "tcp:--|23",
	"TFTP":          "udp:--|69",
	"TRACEROUTE":    "udp:--|33434-33535",
	"UUCP":          "udp:--|540",
	"x-windows":     "tcp:--|6000-6063",
}
View Source 
var Dptech_UDP_N2P = map[int]string{
	512:  "biff",
	68:   "bootpc",
	67:   "bootps",
	3020: "cifs",
	9:    "discard",
	90:   "dnsix",
	53:   "domain",
	7:    "echo",

	500:  "isakmp",
	750:  "kerberos",
	434:  "mobile-ip",
	42:   "nameserver",
	138:  "netbios-dgm",
	137:  "netbios-ns",
	2049: "nfs",
	123:  "ntp",
	5632: "pcanywhere-status",
	496:  "pim-auto-rp",
	1645: "radius",
	1646: "radius-acct",
	520:  "rip",
	5510: "secureid-udp",
	5060: "sip",
	161:  "snmp",
	162:  "snmptrap",
	111:  "sunrpc",
	514:  "syslog",
	49:   "tacacs",
	517:  "talk",
	69:   "tftp",
	37:   "time",
	513:  "who",
	43:   "whois",
	80:   "www",
	177:  "xdmcp",
}
View Source 
var Dptech_UDP_P2N = map[string]int{
	"biff":              512,
	"bootpc":            68,
	"bootps":            67,
	"cifs":              3020,
	"discard":           9,
	"dnsix":             90,
	"domain":            53,
	"echo":              7,
	"http":              80,
	"isakmp":            500,
	"kerberos":          750,
	"mobile-ip":         434,
	"nameserver":        42,
	"netbios-dgm":       138,
	"netbios-ns":        137,
	"nfs":               2049,
	"ntp":               123,
	"pcanywhere-status": 5632,
	"pim-auto-rp":       496,
	"radius":            1645,
	"radius-acct":       1646,
	"rip":               520,
	"secureid-udp":      5510,
	"sip":               5060,
	"snmp":              161,
	"snmptrap":          162,
	"sunrpc":            111,
	"syslog":            514,
	"tacacs":            49,
	"talk":              517,
	"tftp":              69,
	"time":              37,
	"who":               513,
	"whois":             43,
	"www":               80,
	"xdmcp":             177,
}
View Source 
var TCP_UDP_P2N = map[string]int{
	"cifs":        3020,
	"discard":     9,
	"domain":      53,
	"echo":        7,
	"http":        80,
	"kerberos":    88,
	"nfs":         2049,
	"pim-auto-rp": 496,
	"sip":         5060,
	"sunrpc":      111,
	"tacacs":      49,
	"talk":        517,
	"www":         80,
}

Functions

func DptechBuiltinService 

func DptechBuiltinService(name string) (*service.Service, bool)

DptechBuiltinService 根据内置服务名称返回对应的 service.Service 对象

func DptechIcmp6Parse 

func DptechIcmp6Parse(name string) (int, error)

func DptechIcmpParse 

func DptechIcmpParse(name string) (int, error)

func DptechParseProtocol 

func DptechParseProtocol(s string) (int, error)

func DptechTcpUdpPortParse 

func DptechTcpUdpPortParse(s string) (int, error)

func DptechUdpPortParse 

func DptechUdpPortParse(s string) (int, error)

func StringToNatType 

func StringToNatType(natType string) firewall.NatType

Types

type AddressBook 

type AddressBook struct {
	// contains filtered or unexported fields
}

func (*AddressBook) Count 

func (ab *AddressBook) Count() int

type DptechNatMatchState 

type DptechNatMatchState int
const (
	// NONE表示未进行实质匹配,比如NatRule的内容为空
	Dptech_NAT_MATCH_NONE DptechNatMatchState = iota
	Dptech_NAT_MATCH_OK
	// NOT_OK表示未命中策略
	Dptech_NAT_MATCH_NOT_OK
)

type DptechNatStatus 

type DptechNatStatus int
const (
	Dptech_NAT_INACTIVE DptechNatStatus = iota
	Dptech_NAT_ACTIVE
)

type DptechNetwork 

type DptechNetwork struct {
	// contains filtered or unexported fields
}

func (*DptechNetwork) Cli 

func (sn *DptechNetwork) Cli() string

func (*DptechNetwork) MarshalJSON 

func (dn *DptechNetwork) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*DptechNetwork) Name 

func (sn *DptechNetwork) Name() string

func (*DptechNetwork) Network 

func (sn *DptechNetwork) Network(node firewall.FirewallNode) *network.NetworkGroup

func (*DptechNetwork) Type 

func (sn *DptechNetwork) Type() firewall.FirewallObjectType

func (*DptechNetwork) TypeName 

func (sn *DptechNetwork) TypeName() string

func (*DptechNetwork) UnmarshalJSON 

func (dn *DptechNetwork) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type DptechNode 

type DptechNode struct {
	*node.DeviceNode
	ObjectSet      *DptechObjectSet
	PolicySet      *PolicySet
	Nats           *Nats
	SnatDesignInfo []*config.SnatDesignInfo
}

func (*DptechNode) AclIterator 

func (dp *DptechNode) AclIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

AclIterator

func (*DptechNode) AclToDb 

func (dp *DptechNode) AclToDb(db *gorm.DB, task_id uint)

func (*DptechNode) AddressGroupToDb 

func (dp *DptechNode) AddressGroupToDb(db *gorm.DB, task_id uint)

func (*DptechNode) DefaultStep 

func (dp *DptechNode) DefaultStep(fp *firewall.FirewallProcess)

func (*DptechNode) DetermineNatObjectType 

func (dp *DptechNode) DetermineNatObjectType(natType string, metaData map[string]interface{}) (firewall.NatObjectType, bool)

determineNatObjectType 根据natType和metaData确定NAT对象类型 所有选择都必须基于设备支持作为前提 对于DNAT和SNAT,一定会命中一种防火墙支持的对象类型清单,同时结合metaData中的配置,最终选择一种对象类型

func (*DptechNode) DnatIterator 

func (dp *DptechNode) DnatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

DnatIterator

func (*DptechNode) ExtraInit 

func (dp *DptechNode) ExtraInit(adapter api.Adapter, deviceConfig *config.DeviceConfig)

func (*DptechNode) ExtraToDb 

func (dp *DptechNode) ExtraToDb(db *gorm.DB, task_id uint)

func (*DptechNode) FlyConfig 

func (dp *DptechNode) FlyConfig(cli interface{})

func (*DptechNode) FlyObjectToFlattenCli 

func (dp *DptechNode) FlyObjectToFlattenCli(flyObject interface{}, ctx *firewall.PolicyContext) string

func (*DptechNode) GenerateVipMipSnatPoolName 

func (dp *DptechNode) GenerateVipMipSnatPoolName(objectType string, intent *policy.Intent, metaData map[string]interface{}) string

GenerateVipMipSnatPoolName 自动生成VIP/MIP/SNAT_POOL对象名称(可选) DPTech: 不提供自动命名,返回空字符串使用配置模板

func (*DptechNode) GetObjectByNetworkGroup 

func (dp *DptechNode) GetObjectByNetworkGroup(ng *network.NetworkGroup, searchType firewall.ObjectSearchType, port api.Port) (firewall.FirewallNetworkObject, bool)

func (*DptechNode) GetObjectByService 

func (dp *DptechNode) GetObjectByService(s *service.Service, searchType firewall.ObjectSearchType) (firewall.FirewallServiceObject, bool)

func (*DptechNode) GetObjectByVipMipSnatPool 

func (dp *DptechNode) GetObjectByVipMipSnatPool(objectType string, intent *policy.Intent) (firewall.FirewallNetworkObject, bool)

GetObjectByVipMipSnatPool 检查VIP/MIP/SNAT_POOL对象是否已存在(复用检查) DPTech: 支持MIP和SNAT_POOL,都使用address-pool对象

func (*DptechNode) GetPolicyName 

func (dp *DptechNode) GetPolicyName(ctx *firewall.PolicyContext) (string, error)

GetPolicyName 实现FirewallNode接口,返回策略名称 DPTech使用命名模板,所以返回空字符串表示使用模板生成

func (*DptechNode) GetPoolByNetworkGroup 

func (dp *DptechNode) GetPoolByNetworkGroup(ng *network.NetworkGroup, natType firewall.NatType) (firewall.FirewallNetworkObject, bool)

func (*DptechNode) GetReuseNatObject 

func (dp *DptechNode) GetReuseNatObject(natType string, intent *policy.Intent, metaData map[string]interface{}) (name string, reused bool)

GetReuseNatObject 获取可重用的NAT对象名称 DPTech:

  • DNAT: 总是使用MIP(address-pool)
  • SNAT: 根据snat_object_type配置,可能使用SNAT_POOL、NETWORK_OBJECT、INTERFACE或INLINE

通过natType和metaData配置来决定objectType,然后进行复用查询

func (*DptechNode) GetSupportedNatObjectTypes 

func (dp *DptechNode) GetSupportedNatObjectTypes(natType string) []firewall.NatObjectType

GetSupportedNatObjectTypes 获取该防火墙支持的NAT对象类型 DPTech: DNAT支持MIP(特殊语法address-pool),SNAT支持SNAT_POOL(特殊语法address-pool)

func (*DptechNode) HasNatName 

func (dp *DptechNode) HasNatName(name string) bool

func (*DptechNode) HasObjectName 

func (dp *DptechNode) HasObjectName(name string) bool

func (*DptechNode) HasPolicyName 

func (dp *DptechNode) HasPolicyName(name string) bool

func (*DptechNode) HasPoolName 

func (dp *DptechNode) HasPoolName(name string) bool

func (*DptechNode) InPacket 

func (dp *DptechNode) InPacket(from, to api.Port, entry policy.PolicyEntryInf) (firewall.Action, firewall.FirewallPolicy)

func (*DptechNode) InputNat 

func (dp *DptechNode) InputNat(intent *policy.Intent, inPort api.Port) processor.AbstractMatchResult

func (*DptechNode) InputNatTargetCheck 

func (dp *DptechNode) InputNatTargetCheck(intent *policy.Intent, inPort, outPort api.Port) (bool, firewall.FirewallNatRule)

func (*DptechNode) InputPolicy 

func (dp *DptechNode) InputPolicy(intent *policy.Intent, inPort, outPort api.Port) processor.AbstractMatchResult

func (*DptechNode) L4Port 

func (dp *DptechNode) L4Port(name string) (*service.L4Port, bool)

func (*DptechNode) MakeDynamicNatCli 

func (dp *DptechNode) MakeDynamicNatCli(from, out api.Port, intent *policy.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)

func (*DptechNode) MakeInputPolicyCli 

func (dp *DptechNode) MakeInputPolicyCli(from, out api.Port, intent *policy.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList, moveRule []string)

func (*DptechNode) MakeOutputPolicyCli 

func (dp *DptechNode) MakeOutputPolicyCli(from, out api.Port, intent *policy.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)

func (*DptechNode) MakeStaticNatCli 

func (dp *DptechNode) MakeStaticNatCli(from, out api.Port, intent *policy.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)

func (*DptechNode) MarshalJSON 

func (dn *DptechNode) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*DptechNode) NatIterator 

func (dp *DptechNode) NatIterator(options ...firewall.IteratorOption) firewall.NamerIterator

NatIterator

func (*DptechNode) NatPoolIterator 

func (dp *DptechNode) NatPoolIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

NatPoolIterator

func (*DptechNode) NatsToDb 

func (dp *DptechNode) NatsToDb(db *gorm.DB, task_id uint)

func (*DptechNode) Network 

func (dp *DptechNode) Network(zone, name string) (*network.NetworkGroup, bool)

func (*DptechNode) NetworkIterator 

func (dp *DptechNode) NetworkIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

NetworkIterator

func (*DptechNode) NetworkObjectToDb 

func (dp *DptechNode) NetworkObjectToDb(db *gorm.DB, task_id uint)

func (*DptechNode) NextPoolId 

func (dp *DptechNode) NextPoolId(id string) string

func (*DptechNode) OutPacket 

func (dp *DptechNode) OutPacket(from, to api.Port, entry policy.PolicyEntryInf) (firewall.Action, firewall.FirewallPolicy)

func (*DptechNode) OutputNat 

func (dp *DptechNode) OutputNat(intent *policy.Intent, inPort, outPort api.Port) processor.AbstractMatchResult

func (*DptechNode) OutputPolicy 

func (dp *DptechNode) OutputPolicy(intent *policy.Intent, inPort, outPort api.Port) processor.AbstractMatchResult

func (*DptechNode) Policies 

func (dp *DptechNode) Policies() []firewall.FirewallPolicy

func (*DptechNode) PolicyIterator 

func (dp *DptechNode) PolicyIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

PolicyIterator

func (*DptechNode) PolicyToDb 

func (dp *DptechNode) PolicyToDb(db *gorm.DB, task_id uint)

func (*DptechNode) Service 

func (dp *DptechNode) Service(name string) (*service.Service, bool)

func (*DptechNode) ServiceIterator 

func (dp *DptechNode) ServiceIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

ServiceIterator

func (*DptechNode) ServiceObjectToDb 

func (dp *DptechNode) ServiceObjectToDb(db *gorm.DB, task_id uint)

func (*DptechNode) SnatIterator 

func (dp *DptechNode) SnatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

SnatIterator

func (*DptechNode) StaticNatIterator 

func (dp *DptechNode) StaticNatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator

StaticNatIterator

func (*DptechNode) Type 

func (dp *DptechNode) Type() terminalmode.DeviceType

func (*DptechNode) TypeName 

func (dn *DptechNode) TypeName() string

TypeName 实现 TypeInterface 接口

func (*DptechNode) UnmarshalJSON 

func (dn *DptechNode) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

func (*DptechNode) UpdateSnatStep 

func (dp *DptechNode) UpdateSnatStep(in, out api.Port, intent *policy.Intent, fp *firewall.FirewallProcess)

type DptechObjectSet 

type DptechObjectSet struct {
	// contains filtered or unexported fields
}

func NewDptechObjectSet 

func NewDptechObjectSet(node *DptechNode) *DptechObjectSet

func (*DptechObjectSet) GetObjectByNetworkGroup 

func (dos *DptechObjectSet) GetObjectByNetworkGroup(ng *network.NetworkGroup, searchType firewall.ObjectSearchType, port api.Port) (firewall.FirewallNetworkObject, bool)

func (*DptechObjectSet) GetObjectByService 

func (dos *DptechObjectSet) GetObjectByService(s *service.Service, searchType firewall.ObjectSearchType) (firewall.FirewallServiceObject, bool)

func (*DptechObjectSet) GetPoolByeNetworkGroup 

func (dos *DptechObjectSet) GetPoolByeNetworkGroup(ng *network.NetworkGroup) (firewall.FirewallNetworkObject, bool)

func (*DptechObjectSet) L4Port 

func (dos *DptechObjectSet) L4Port(name string) (*service.L4Port, bool)

func (*DptechObjectSet) MarshalJSON 

func (dos *DptechObjectSet) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*DptechObjectSet) Network 

func (dos *DptechObjectSet) Network(_, name string) (string, *network.NetworkGroup, bool)

func (*DptechObjectSet) ParseConfig 

func (adapter *DptechObjectSet) ParseConfig(config string) *parse.ParseResult

func (*DptechObjectSet) Pool 

func (dos *DptechObjectSet) Pool(name string) (firewall.FirewallNetworkObject, bool)

func (*DptechObjectSet) Service 

func (dos *DptechObjectSet) Service(name string) (string, *service.Service, bool)
	if obj, ok := dos.serviceMap[name]; !ok {
		return nil, ok
	} else {
		ng := obj.Service(dos.serviceMap)
		return ng, true
	}
}

func (*DptechObjectSet) UnmarshalJSON 

func (dos *DptechObjectSet) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type DptechPort 

type DptechPort struct {
	node.NodePort
}

func NewDptechPort 

func NewDptechPort(name, tenant string, ip_list map[network.IPFamily][]string, members []api.Member) *DptechPort

func (*DptechPort) MainIpv4 

func (dp *DptechPort) MainIpv4() string

func (*DptechPort) MainIpv6 

func (dp *DptechPort) MainIpv6() string

func (*DptechPort) TypeName 

func (dp *DptechPort) TypeName() string

func (*DptechPort) WithMainIpv4 

func (dp *DptechPort) WithMainIpv4(ip string) *DptechPort

func (*DptechPort) WithMainIpv6 

func (dp *DptechPort) WithMainIpv6(ip string) *DptechPort

func (*DptechPort) WithZone 

func (dp *DptechPort) WithZone(name string) *DptechPort

func (*DptechPort) Zone 

func (dp *DptechPort) Zone() string

type DptechService 

type DptechService struct {
	// contains filtered or unexported fields
}

func (*DptechService) Cli 

func (rs *DptechService) Cli() string

func (*DptechService) MarshalJSON 

func (ds *DptechService) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*DptechService) Name 

func (rs *DptechService) Name() string

func (*DptechService) Service 

func (rs *DptechService) Service(node firewall.FirewallNode) *service.Service

func (rs *DptechService) Service(serviceMap map[string]firewall.FirewallServiceObject) *service.Service {

func (*DptechService) Type 

func (rs *DptechService) Type() firewall.FirewallObjectType

func (*DptechService) TypeName 

func (rs *DptechService) TypeName() string

func (*DptechService) UnmarshalJSON 

func (ds *DptechService) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type NatIterator 

type NatIterator struct {
	*firewall.BaseIterator
	// contains filtered or unexported fields
}

type NatPool 

type NatPool struct {
	// contains filtered or unexported fields
}

func (*NatPool) Cli 

func (pool *NatPool) Cli() string

Cli() string Name() string Network(map[string]FirewallNetworkObject) *network.NetworkGroup Type() FirewallObjectType

func (*NatPool) ID 

func (pool *NatPool) ID() string

func (*NatPool) L4Port 

func (pool *NatPool) L4Port() *service.L4Port

func (*NatPool) MarshalJSON 

func (np *NatPool) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*NatPool) MatchNetworkGroup 

func (pool *NatPool) MatchNetworkGroup(ng *network.NetworkGroup) bool

func (*NatPool) Name 

func (pool *NatPool) Name() string

func (*NatPool) NatType 

func (pool *NatPool) NatType() firewall.NatType

func (*NatPool) Network 

func (pool *NatPool) Network(_ firewall.FirewallNode) *network.NetworkGroup

func (*NatPool) Type 

func (pool *NatPool) Type() firewall.FirewallObjectType

func (*NatPool) TypeName 

func (np *NatPool) TypeName() string

实现 TypeInterface 接口

func (*NatPool) UnmarshalJSON 

func (np *NatPool) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type NatRule 

type NatRule struct {
	// contains filtered or unexported fields
}

func (*NatRule) Cli 

func (rule *NatRule) Cli() string

func (*NatRule) Extended 

func (rule *NatRule) Extended() map[string]interface{}

func (*NatRule) MarshalJSON 

func (nr *NatRule) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*NatRule) Name 

func (rule *NatRule) Name() string

func (*NatRule) Original 

func (rule *NatRule) Original() policy.PolicyEntryInf

func (*NatRule) Translate 

func (rule *NatRule) Translate() policy.PolicyEntryInf

func (*NatRule) TypeName 

func (nr *NatRule) TypeName() string

TypeName 实现 TypeInterface 接口

func (*NatRule) UnmarshalJSON 

func (nr *NatRule) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type NatRuleSet 

type NatRuleSet struct {
	// from, to *DptechPort
	NatType     firewall.NatType
	RuleSetName string
	Rules       []*NatRule
	Configs     []string
}

func (*NatRuleSet) Name 

func (ns *NatRuleSet) Name() string

func (*NatRuleSet) NatRule 

func (ns *NatRuleSet) NatRule(name string) (*NatRule, bool)

type Nats 

type Nats struct {
	Objects *DptechObjectSet
	Node    *DptechNode
	// RuleSetMap map[firewall.NatType]map[string]*NatRuleSet
	// 都是以ruleSet的名称为key
	StaticNatRules      []*NatRuleSet
	SourceNatRules      []*NatRuleSet
	DestinationNatRules []*NatRuleSet
}

func (*Nats) GetNatRuleSet 

func (nat *Nats) GetNatRuleSet(natType firewall.NatType, name string) (*NatRuleSet, bool)

func (*Nats) MarshalJSON 

func (n *Nats) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*Nats) NatRule 

func (nat *Nats) NatRule(natType firewall.NatType, ruleSetName, name string) (*NatRule, bool)

func (*Nats) TypeName 

func (n *Nats) TypeName() string

TypeName 实现 TypeInterface 接口

func (*Nats) UnmarshalJSON 

func (n *Nats) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type Policy 

type Policy struct {
	// contains filtered or unexported fields
}

func (*Policy) Action 

func (plc *Policy) Action() firewall.Action

func (*Policy) Cli 

func (plc *Policy) Cli() string

func (*Policy) Description 

func (plc *Policy) Description() string

func (*Policy) Extended 

func (plc *Policy) Extended() map[string]interface{}

func (*Policy) FromPorts 

func (plc *Policy) FromPorts() []api.Port

func (*Policy) FromZones 

func (plc *Policy) FromZones() []string

func (*Policy) GetDestinationAddressObject 

func (plc *Policy) GetDestinationAddressObject() (firewall.FirewallNetworkObject, bool)

GetDestinationAddressObject 获取策略使用的目标地址对象

func (*Policy) GetServiceObject 

func (plc *Policy) GetServiceObject() (firewall.FirewallServiceObject, bool)

GetServiceObject 获取策略使用的服务对象

func (*Policy) GetSourceAddressObject 

func (plc *Policy) GetSourceAddressObject() (firewall.FirewallNetworkObject, bool)

GetSourceAddressObject 获取策略使用的源地址对象

func (*Policy) ID 

func (plc *Policy) ID() string

func (*Policy) MarshalJSON 

func (p *Policy) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*Policy) Match 

func (plc *Policy) Match(pe policy.PolicyEntryInf) bool

func (*Policy) Name 

func (plc *Policy) Name() string

func (*Policy) PolicyEntry 

func (plc *Policy) PolicyEntry() policy.PolicyEntryInf

func (*Policy) ToPorts 

func (plc *Policy) ToPorts() []api.Port

func (*Policy) ToZones 

func (plc *Policy) ToZones() []string

func (*Policy) TypeName 

func (p *Policy) TypeName() string

TypeName 实现 TypeInterface 接口

func (*Policy) UnmarshalJSON 

func (p *Policy) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

type PolicySet 

type PolicySet struct {
	// contains filtered or unexported fields
}

func (*PolicySet) MarshalJSON 

func (ps *PolicySet) MarshalJSON() ([]byte, error)

MarshalJSON 实现 JSON 序列化

func (*PolicySet) Match 

func (ps *PolicySet) Match(in, to string, pe policy.PolicyEntryInf) (bool, firewall.FirewallPolicy)

func (*PolicySet) TypeName 

func (ps *PolicySet) TypeName() string

TypeName 实现 TypeInterface 接口

func (*PolicySet) UnmarshalJSON 

func (ps *PolicySet) UnmarshalJSON(data []byte) error

UnmarshalJSON 实现 JSON 反序列化

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.