Documentation
¶
Index ¶
- type AclIterator
- type NatRule
- type Nats
- type NetworkIterator
- type Policy
- func (p *Policy) Action() firewall.Action
- func (p *Policy) Cli() string
- func (p *Policy) Description() string
- func (p *Policy) Extended() map[string]interface{}
- func (p *Policy) FromPorts() []api.Port
- func (p *Policy) FromZones() []string
- func (p *Policy) GetDestinationAddressObject() (firewall.FirewallNetworkObject, bool)
- func (p *Policy) GetServiceObject() (firewall.FirewallServiceObject, bool)
- func (p *Policy) GetSourceAddressObject() (firewall.FirewallNetworkObject, bool)
- func (p *Policy) ID() string
- func (p *Policy) Name() string
- func (p *Policy) PolicyEntry() policyutil.PolicyEntryInf
- func (p *Policy) ToPorts() []api.Port
- func (p *Policy) ToZones() []string
- type PolicyIterator
- type PolicySet
- type SangforAcl
- type SangforNatPoolNetworkObject
- func (p *SangforNatPoolNetworkObject) Cli() string
- func (p *SangforNatPoolNetworkObject) MarshalJSON() ([]byte, error)
- func (p *SangforNatPoolNetworkObject) Name() string
- func (p *SangforNatPoolNetworkObject) Network(_ firewall.FirewallNode) *network.NetworkGroup
- func (p *SangforNatPoolNetworkObject) Type() firewall.FirewallObjectType
- func (p *SangforNatPoolNetworkObject) TypeName() string
- func (p *SangforNatPoolNetworkObject) UnmarshalJSON(data []byte) error
- type SangforNatPoolWrapper
- func (p *SangforNatPoolWrapper) Cli() string
- func (p *SangforNatPoolWrapper) ID() string
- func (p *SangforNatPoolWrapper) MatchNetworkGroup(ng *network.NetworkGroup) bool
- func (p *SangforNatPoolWrapper) Name() string
- func (p *SangforNatPoolWrapper) Network(_ firewall.FirewallNode) *network.NetworkGroup
- type SangforNetworkObject
- func (sno *SangforNetworkObject) Cli() string
- func (sno *SangforNetworkObject) MarshalJSON() ([]byte, error)
- func (sno *SangforNetworkObject) Name() string
- func (sno *SangforNetworkObject) Network(node firewall.FirewallNode) *network.NetworkGroup
- func (sno *SangforNetworkObject) Type() firewall.FirewallObjectType
- func (sno *SangforNetworkObject) TypeName() string
- func (sno *SangforNetworkObject) UnmarshalJSON(data []byte) error
- type SangforNetworkObjectPoolWrapper
- func (p *SangforNetworkObjectPoolWrapper) Cli() string
- func (p *SangforNetworkObjectPoolWrapper) ID() string
- func (p *SangforNetworkObjectPoolWrapper) MatchNetworkGroup(ng *network.NetworkGroup) bool
- func (p *SangforNetworkObjectPoolWrapper) Name() string
- func (p *SangforNetworkObjectPoolWrapper) Network(_ firewall.FirewallNode) *network.NetworkGroup
- type SangforNode
- func (node *SangforNode) AclIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (sangfor *SangforNode) DefaultStep(fp *firewall.FirewallProcess)
- func (sangfor *SangforNode) DetermineNatObjectType(natType string, metaData map[string]interface{}) (firewall.NatObjectType, bool)
- func (node *SangforNode) DnatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (sangfor *SangforNode) ExtraInit(adapter api.Adapter, deviceConfig *config.DeviceConfig)
- func (sangfor *SangforNode) FlyConfig(cli interface{})
- func (sangfor *SangforNode) FlyObjectToFlattenCli(flyObject interface{}, ctx *firewall.PolicyContext) string
- func (sangfor *SangforNode) GenerateVipMipSnatPoolName(objectType string, intent *policyutil.Intent, metaData map[string]interface{}) string
- func (sangfor *SangforNode) GetObjectByNetworkGroup(ng *network.NetworkGroup, searchType firewall.ObjectSearchType, port api.Port) (firewall.FirewallNetworkObject, bool)
- func (sangfor *SangforNode) GetObjectByService(sg *service.Service, searchType firewall.ObjectSearchType) (firewall.FirewallServiceObject, bool)
- func (sangfor *SangforNode) GetObjectByVipMipSnatPool(objectType string, intent *policyutil.Intent) (firewall.FirewallNetworkObject, bool)
- func (sangfor *SangforNode) GetPolicyName(ctx *firewall.PolicyContext) (string, error)
- func (sangfor *SangforNode) GetPoolByNetworkGroup(ng *network.NetworkGroup, natType firewall.NatType) (firewall.FirewallNetworkObject, bool)
- func (sangfor *SangforNode) GetReuseNatObject(natType string, intent *policyutil.Intent, metaData map[string]interface{}) (name string, reused bool)
- func (sangfor *SangforNode) GetSupportedNatObjectTypes(natType string) []firewall.NatObjectType
- func (sangfor *SangforNode) HasNatName(name string) bool
- func (sangfor *SangforNode) HasObjectName(name string) bool
- func (sangfor *SangforNode) HasPolicyName(name string) bool
- func (sangfor *SangforNode) HasPoolName(name string) bool
- func (sangfor *SangforNode) InPacket(from, to api.Port, entry policy.PolicyEntryInf) (firewall.Action, firewall.FirewallPolicy)
- func (sangfor *SangforNode) InputNat(intent *policyutil.Intent, inPort api.Port) processor.AbstractMatchResult
- func (sangfor *SangforNode) InputNatTargetCheck(intent *policyutil.Intent, inPort, outPort api.Port) (bool, firewall.FirewallNatRule)
- func (sangfor *SangforNode) InputPolicy(intent *policyutil.Intent, inPort, outPort api.Port) processor.AbstractMatchResult
- func (sangfor *SangforNode) L4Port(name string) (*service.L4Port, bool)
- func (sangfor *SangforNode) MakeDynamicNatCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)
- func (sangfor *SangforNode) MakeInputPolicyCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList, moveRule []string)
- func (sangfor *SangforNode) MakeOutputPolicyCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)
- func (sangfor *SangforNode) MakeStaticNatCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)
- func (sangfor *SangforNode) MarshalJSON() ([]byte, error)
- func (node *SangforNode) NatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (node *SangforNode) NatPoolIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (sangfor *SangforNode) Network(zone, name string) (*network.NetworkGroup, bool)
- func (node *SangforNode) NetworkIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (sangfor *SangforNode) NextPoolId(id string) string
- func (sangfor *SangforNode) OutPacket(from, to api.Port, entry policy.PolicyEntryInf) (firewall.Action, firewall.FirewallPolicy)
- func (sangfor *SangforNode) OutputNat(intent *policyutil.Intent, inPort, outPort api.Port) processor.AbstractMatchResult
- func (sangfor *SangforNode) OutputPolicy(intent *policyutil.Intent, inPort, outPort api.Port) processor.AbstractMatchResult
- func (sangfor *SangforNode) Policies() []firewall.FirewallPolicy
- func (node *SangforNode) PolicyIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (sangfor *SangforNode) Service(name string) (*service.Service, bool)
- func (node *SangforNode) ServiceIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (node *SangforNode) SnatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (node *SangforNode) StaticNatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
- func (sangfor *SangforNode) Type() terminalmode.DeviceType
- func (sangfor *SangforNode) TypeName() string
- func (sangfor *SangforNode) UnmarshalJSON(data []byte) error
- func (sangfor *SangforNode) UpdateSnatStep(from, to api.Port, intent *policyutil.Intent, fp *firewall.FirewallProcess)
- type SangforObjectSet
- func (sos *SangforObjectSet) GetObjectByNetworkGroup(ng *network.NetworkGroup, searchType firewall.ObjectSearchType, port api.Port) (firewall.FirewallNetworkObject, bool)
- func (sos *SangforObjectSet) GetObjectByService(sg *service.Service, searchType firewall.ObjectSearchType) (firewall.FirewallServiceObject, bool)
- func (sos *SangforObjectSet) HasObjectName(name string) bool
- func (sos *SangforObjectSet) L4Port(name string) (*service.L4Port, bool)
- func (sos *SangforObjectSet) Network(zone, name string) (*network.NetworkGroup, bool)
- func (sos *SangforObjectSet) Service(name string) (*service.Service, bool)
- type SangforPort
- type SangforServiceObject
- func (sso *SangforServiceObject) Cli() string
- func (sso *SangforServiceObject) MarshalJSON() ([]byte, error)
- func (sso *SangforServiceObject) Name() string
- func (sso *SangforServiceObject) Service(node firewall.FirewallNode) *service.Service
- func (sso *SangforServiceObject) Type() firewall.FirewallObjectType
- func (sso *SangforServiceObject) TypeName() string
- func (sso *SangforServiceObject) UnmarshalJSON(data []byte) error
- type ServiceIterator
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AclIterator ¶
type AclIterator struct {
*firewall.BaseIterator
}
AclIterator 实现 Sangfor 没有独立的 ACL 概念,策略名称可以作为 ACL 名称
type NatRule ¶
type NatRule struct {
// contains filtered or unexported fields
}
func (*NatRule) Original ¶
func (nr *NatRule) Original() policyutil.PolicyEntryInf
func (*NatRule) Translate ¶
func (nr *NatRule) Translate() policyutil.PolicyEntryInf
type Nats ¶
type Nats struct {
// contains filtered or unexported fields
}
func (*Nats) GetPoolByNetworkGroup ¶
func (n *Nats) GetPoolByNetworkGroup(ng *network.NetworkGroup, natType firewall.NatType) (firewall.FirewallNetworkObject, bool)
func (*Nats) HasNatName ¶
func (*Nats) HasPoolName ¶
type NetworkIterator ¶
type NetworkIterator struct {
*firewall.BaseIterator
// contains filtered or unexported fields
}
NetworkIterator 实现
type Policy ¶
type Policy struct {
// contains filtered or unexported fields
}
func (*Policy) Description ¶
func (*Policy) GetDestinationAddressObject ¶
func (p *Policy) GetDestinationAddressObject() (firewall.FirewallNetworkObject, bool)
GetDestinationAddressObject 获取策略使用的目标地址对象
func (*Policy) GetServiceObject ¶
func (p *Policy) GetServiceObject() (firewall.FirewallServiceObject, bool)
GetServiceObject 获取策略使用的服务对象
func (*Policy) GetSourceAddressObject ¶
func (p *Policy) GetSourceAddressObject() (firewall.FirewallNetworkObject, bool)
GetSourceAddressObject 获取策略使用的源地址对象
func (*Policy) PolicyEntry ¶
func (p *Policy) PolicyEntry() policyutil.PolicyEntryInf
type PolicyIterator ¶
type PolicyIterator struct {
*firewall.BaseIterator
// contains filtered or unexported fields
}
PolicyIterator 实现
type PolicySet ¶
type PolicySet struct {
// contains filtered or unexported fields
}
func (*PolicySet) HasPolicyName ¶
func (*PolicySet) Match ¶
func (ps *PolicySet) Match(from, to string, pe policyutil.PolicyEntryInf) (bool, firewall.FirewallPolicy)
Match 匹配策略,参考 FortiGate 的实现 策略按 position 排序后匹配,position 越小越优先 注意:Sangfor 的接口和 zone 没有关联关系,策略匹配时不使用 zone 信息 参数 from 和 to 是接口名称,仅用于日志记录,不参与匹配逻辑
func (*PolicySet) Policies ¶
func (ps *PolicySet) Policies() []firewall.FirewallPolicy
type SangforAcl ¶
type SangforAcl struct {
// contains filtered or unexported fields
}
SangforAcl 是一个简单的 ACL 名称包装器
func (*SangforAcl) Name ¶
func (a *SangforAcl) Name() string
type SangforNatPoolNetworkObject ¶
type SangforNatPoolNetworkObject struct {
// contains filtered or unexported fields
}
SangforNatPoolNetworkObject 表示 NAT 池的网络对象
func (*SangforNatPoolNetworkObject) Cli ¶
func (p *SangforNatPoolNetworkObject) Cli() string
func (*SangforNatPoolNetworkObject) MarshalJSON ¶
func (p *SangforNatPoolNetworkObject) MarshalJSON() ([]byte, error)
func (*SangforNatPoolNetworkObject) Name ¶
func (p *SangforNatPoolNetworkObject) Name() string
func (*SangforNatPoolNetworkObject) Network ¶
func (p *SangforNatPoolNetworkObject) Network(_ firewall.FirewallNode) *network.NetworkGroup
func (*SangforNatPoolNetworkObject) Type ¶
func (p *SangforNatPoolNetworkObject) Type() firewall.FirewallObjectType
func (*SangforNatPoolNetworkObject) TypeName ¶
func (p *SangforNatPoolNetworkObject) TypeName() string
func (*SangforNatPoolNetworkObject) UnmarshalJSON ¶
func (p *SangforNatPoolNetworkObject) UnmarshalJSON(data []byte) error
type SangforNatPoolWrapper ¶
type SangforNatPoolWrapper struct {
// contains filtered or unexported fields
}
SangforNatPoolWrapper 将 NatRule 包装为 NatPool
func (*SangforNatPoolWrapper) Cli ¶
func (p *SangforNatPoolWrapper) Cli() string
func (*SangforNatPoolWrapper) ID ¶
func (p *SangforNatPoolWrapper) ID() string
func (*SangforNatPoolWrapper) MatchNetworkGroup ¶
func (p *SangforNatPoolWrapper) MatchNetworkGroup(ng *network.NetworkGroup) bool
func (*SangforNatPoolWrapper) Name ¶
func (p *SangforNatPoolWrapper) Name() string
func (*SangforNatPoolWrapper) Network ¶
func (p *SangforNatPoolWrapper) Network(_ firewall.FirewallNode) *network.NetworkGroup
type SangforNetworkObject ¶
type SangforNetworkObject struct {
// contains filtered or unexported fields
}
func (*SangforNetworkObject) Cli ¶
func (sno *SangforNetworkObject) Cli() string
func (*SangforNetworkObject) MarshalJSON ¶
func (sno *SangforNetworkObject) MarshalJSON() ([]byte, error)
MarshalJSON 实现 JSON 序列化
func (*SangforNetworkObject) Name ¶
func (sno *SangforNetworkObject) Name() string
func (*SangforNetworkObject) Network ¶
func (sno *SangforNetworkObject) Network(node firewall.FirewallNode) *network.NetworkGroup
func (*SangforNetworkObject) Type ¶
func (sno *SangforNetworkObject) Type() firewall.FirewallObjectType
func (*SangforNetworkObject) TypeName ¶
func (sno *SangforNetworkObject) TypeName() string
TypeName 实现 TypedInterface 接口
func (*SangforNetworkObject) UnmarshalJSON ¶
func (sno *SangforNetworkObject) UnmarshalJSON(data []byte) error
UnmarshalJSON 实现 JSON 反序列化
type SangforNetworkObjectPoolWrapper ¶
type SangforNetworkObjectPoolWrapper struct {
// contains filtered or unexported fields
}
SangforNetworkObjectPoolWrapper 将 SangforNetworkObject (OBJECT_POOL) 包装为 NatPool
func (*SangforNetworkObjectPoolWrapper) Cli ¶
func (p *SangforNetworkObjectPoolWrapper) Cli() string
func (*SangforNetworkObjectPoolWrapper) ID ¶
func (p *SangforNetworkObjectPoolWrapper) ID() string
func (*SangforNetworkObjectPoolWrapper) MatchNetworkGroup ¶
func (p *SangforNetworkObjectPoolWrapper) MatchNetworkGroup(ng *network.NetworkGroup) bool
func (*SangforNetworkObjectPoolWrapper) Name ¶
func (p *SangforNetworkObjectPoolWrapper) Name() string
func (*SangforNetworkObjectPoolWrapper) Network ¶
func (p *SangforNetworkObjectPoolWrapper) Network(_ firewall.FirewallNode) *network.NetworkGroup
type SangforNode ¶
type SangforNode struct {
*node.DeviceNode
// contains filtered or unexported fields
}
func (*SangforNode) AclIterator ¶
func (node *SangforNode) AclIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
func (*SangforNode) DefaultStep ¶
func (sangfor *SangforNode) DefaultStep(fp *firewall.FirewallProcess)
func (*SangforNode) DetermineNatObjectType ¶
func (sangfor *SangforNode) DetermineNatObjectType(natType string, metaData map[string]interface{}) (firewall.NatObjectType, bool)
determineNatObjectType 根据natType和metaData确定NAT对象类型 所有选择都必须基于设备支持作为前提 对于DNAT和SNAT,一定会命中一种防火墙支持的对象类型清单,同时结合metaData中的配置,最终选择一种对象类型
func (*SangforNode) DnatIterator ¶
func (node *SangforNode) DnatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
DnatIterator 实现
func (*SangforNode) ExtraInit ¶
func (sangfor *SangforNode) ExtraInit(adapter api.Adapter, deviceConfig *config.DeviceConfig)
func (*SangforNode) FlyConfig ¶
func (sangfor *SangforNode) FlyConfig(cli interface{})
func (*SangforNode) FlyObjectToFlattenCli ¶
func (sangfor *SangforNode) FlyObjectToFlattenCli(flyObject interface{}, ctx *firewall.PolicyContext) string
func (*SangforNode) GenerateVipMipSnatPoolName ¶
func (sangfor *SangforNode) GenerateVipMipSnatPoolName(objectType string, intent *policyutil.Intent, metaData map[string]interface{}) string
GenerateVipMipSnatPoolName 自动生成VIP/MIP/SNAT_POOL对象名称(可选) Sangfor: 不提供自动命名,返回空字符串使用配置模板
func (*SangforNode) GetObjectByNetworkGroup ¶
func (sangfor *SangforNode) GetObjectByNetworkGroup(ng *network.NetworkGroup, searchType firewall.ObjectSearchType, port api.Port) (firewall.FirewallNetworkObject, bool)
func (*SangforNode) GetObjectByService ¶
func (sangfor *SangforNode) GetObjectByService(sg *service.Service, searchType firewall.ObjectSearchType) (firewall.FirewallServiceObject, bool)
func (*SangforNode) GetObjectByVipMipSnatPool ¶
func (sangfor *SangforNode) GetObjectByVipMipSnatPool(objectType string, intent *policyutil.Intent) (firewall.FirewallNetworkObject, bool)
GetObjectByVipMipSnatPool 检查VIP/MIP/SNAT_POOL对象是否已存在(复用检查) Sangfor: 不支持VIP/MIP/SNAT_POOL对象,返回false
func (*SangforNode) GetPolicyName ¶
func (sangfor *SangforNode) GetPolicyName(ctx *firewall.PolicyContext) (string, error)
GetPolicyName 获取策略名称(Sangfor使用命名模板,返回空字符串)
func (*SangforNode) GetPoolByNetworkGroup ¶
func (sangfor *SangforNode) GetPoolByNetworkGroup(ng *network.NetworkGroup, natType firewall.NatType) (firewall.FirewallNetworkObject, bool)
func (*SangforNode) GetReuseNatObject ¶
func (sangfor *SangforNode) GetReuseNatObject(natType string, intent *policyutil.Intent, metaData map[string]interface{}) (name string, reused bool)
GetReuseNatObject 获取可重用的NAT对象名称 Sangfor: DNAT使用NETWORK_OBJECT(地址对象),SNAT根据配置可能使用NETWORK_OBJECT、INTERFACE或INLINE 通过natType和metaData配置来决定objectType,然后进行复用查询
func (*SangforNode) GetSupportedNatObjectTypes ¶
func (sangfor *SangforNode) GetSupportedNatObjectTypes(natType string) []firewall.NatObjectType
GetSupportedNatObjectTypes 获取该防火墙支持的NAT对象类型 Sangfor: DNAT支持MIP(NetworkObject),SNAT不支持SNAT_POOL
func (*SangforNode) HasNatName ¶
func (sangfor *SangforNode) HasNatName(name string) bool
func (*SangforNode) HasObjectName ¶
func (sangfor *SangforNode) HasObjectName(name string) bool
func (*SangforNode) HasPolicyName ¶
func (sangfor *SangforNode) HasPolicyName(name string) bool
func (*SangforNode) HasPoolName ¶
func (sangfor *SangforNode) HasPoolName(name string) bool
func (*SangforNode) InPacket ¶
func (sangfor *SangforNode) InPacket(from, to api.Port, entry policy.PolicyEntryInf) (firewall.Action, firewall.FirewallPolicy)
func (*SangforNode) InputNat ¶
func (sangfor *SangforNode) InputNat(intent *policyutil.Intent, inPort api.Port) processor.AbstractMatchResult
func (*SangforNode) InputNatTargetCheck ¶
func (sangfor *SangforNode) InputNatTargetCheck(intent *policyutil.Intent, inPort, outPort api.Port) (bool, firewall.FirewallNatRule)
func (*SangforNode) InputPolicy ¶
func (sangfor *SangforNode) InputPolicy(intent *policyutil.Intent, inPort, outPort api.Port) processor.AbstractMatchResult
func (*SangforNode) L4Port ¶
func (sangfor *SangforNode) L4Port(name string) (*service.L4Port, bool)
func (*SangforNode) MakeDynamicNatCli ¶
func (sangfor *SangforNode) MakeDynamicNatCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)
func (*SangforNode) MakeInputPolicyCli ¶
func (sangfor *SangforNode) MakeInputPolicyCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList, moveRule []string)
func (*SangforNode) MakeOutputPolicyCli ¶
func (sangfor *SangforNode) MakeOutputPolicyCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)
func (*SangforNode) MakeStaticNatCli ¶
func (sangfor *SangforNode) MakeStaticNatCli(from, out api.Port, intent *policyutil.Intent, ctx *firewall.PolicyContext) (flyObject interface{}, cmdList command.CmdList)
FirewallTemplates 接口实现
func (*SangforNode) MarshalJSON ¶
func (sangfor *SangforNode) MarshalJSON() ([]byte, error)
MarshalJSON 实现 JSON 序列化
func (*SangforNode) NatIterator ¶
func (node *SangforNode) NatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
NatIterator 实现
func (*SangforNode) NatPoolIterator ¶
func (node *SangforNode) NatPoolIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
NatPoolIterator 实现
func (*SangforNode) Network ¶
func (sangfor *SangforNode) Network(zone, name string) (*network.NetworkGroup, bool)
func (*SangforNode) NetworkIterator ¶
func (node *SangforNode) NetworkIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
func (*SangforNode) NextPoolId ¶
func (sangfor *SangforNode) NextPoolId(id string) string
NextPoolId 返回下一个可用的 IP Pool ID Sangfor 使用名称而不是数字 ID,所以返回一个基于名称的 ID
func (*SangforNode) OutPacket ¶
func (sangfor *SangforNode) OutPacket(from, to api.Port, entry policy.PolicyEntryInf) (firewall.Action, firewall.FirewallPolicy)
func (*SangforNode) OutputNat ¶
func (sangfor *SangforNode) OutputNat(intent *policyutil.Intent, inPort, outPort api.Port) processor.AbstractMatchResult
func (*SangforNode) OutputPolicy ¶
func (sangfor *SangforNode) OutputPolicy(intent *policyutil.Intent, inPort, outPort api.Port) processor.AbstractMatchResult
func (*SangforNode) Policies ¶
func (sangfor *SangforNode) Policies() []firewall.FirewallPolicy
func (*SangforNode) PolicyIterator ¶
func (node *SangforNode) PolicyIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
func (*SangforNode) Service ¶
func (sangfor *SangforNode) Service(name string) (*service.Service, bool)
func (*SangforNode) ServiceIterator ¶
func (node *SangforNode) ServiceIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
func (*SangforNode) SnatIterator ¶
func (node *SangforNode) SnatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
SnatIterator 实现
func (*SangforNode) StaticNatIterator ¶
func (node *SangforNode) StaticNatIterator(opts ...firewall.IteratorOption) firewall.NamerIterator
StaticNatIterator 实现
func (*SangforNode) Type ¶
func (sangfor *SangforNode) Type() terminalmode.DeviceType
func (*SangforNode) TypeName ¶
func (sangfor *SangforNode) TypeName() string
TypeName 实现 TypeInterface 接口
func (*SangforNode) UnmarshalJSON ¶
func (sangfor *SangforNode) UnmarshalJSON(data []byte) error
UnmarshalJSON 实现 JSON 反序列化
func (*SangforNode) UpdateSnatStep ¶
func (sangfor *SangforNode) UpdateSnatStep(from, to api.Port, intent *policyutil.Intent, fp *firewall.FirewallProcess)
type SangforObjectSet ¶
type SangforObjectSet struct {
// contains filtered or unexported fields
}
func NewSangforObjectSet ¶
func NewSangforObjectSet(node *SangforNode) *SangforObjectSet
func (*SangforObjectSet) GetObjectByNetworkGroup ¶
func (sos *SangforObjectSet) GetObjectByNetworkGroup(ng *network.NetworkGroup, searchType firewall.ObjectSearchType, port api.Port) (firewall.FirewallNetworkObject, bool)
func (*SangforObjectSet) GetObjectByService ¶
func (sos *SangforObjectSet) GetObjectByService(sg *service.Service, searchType firewall.ObjectSearchType) (firewall.FirewallServiceObject, bool)
func (*SangforObjectSet) HasObjectName ¶
func (sos *SangforObjectSet) HasObjectName(name string) bool
func (*SangforObjectSet) L4Port ¶
func (sos *SangforObjectSet) L4Port(name string) (*service.L4Port, bool)
func (*SangforObjectSet) Network ¶
func (sos *SangforObjectSet) Network(zone, name string) (*network.NetworkGroup, bool)
type SangforPort ¶
func NewSangforPort ¶
func NewSangforPortFromNodePort ¶
func NewSangforPortFromNodePort(p *node.NodePort) *SangforPort
func (*SangforPort) TypeName ¶
func (sp *SangforPort) TypeName() string
func (*SangforPort) WithZone ¶
func (sp *SangforPort) WithZone(name string) *SangforPort
func (*SangforPort) Zone ¶
func (sp *SangforPort) Zone() string
type SangforServiceObject ¶
type SangforServiceObject struct {
// contains filtered or unexported fields
}
func (*SangforServiceObject) Cli ¶
func (sso *SangforServiceObject) Cli() string
func (*SangforServiceObject) MarshalJSON ¶
func (sso *SangforServiceObject) MarshalJSON() ([]byte, error)
MarshalJSON 实现 JSON 序列化
func (*SangforServiceObject) Name ¶
func (sso *SangforServiceObject) Name() string
func (*SangforServiceObject) Service ¶
func (sso *SangforServiceObject) Service(node firewall.FirewallNode) *service.Service
func (*SangforServiceObject) Type ¶
func (sso *SangforServiceObject) Type() firewall.FirewallObjectType
func (*SangforServiceObject) TypeName ¶
func (sso *SangforServiceObject) TypeName() string
TypeName 实现 TypedInterface 接口
func (*SangforServiceObject) UnmarshalJSON ¶
func (sso *SangforServiceObject) UnmarshalJSON(data []byte) error
UnmarshalJSON 实现 JSON 反序列化
type ServiceIterator ¶
type ServiceIterator struct {
*firewall.BaseIterator
// contains filtered or unexported fields
}
ServiceIterator 实现