netlink

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 16, 2018 License: Apache-2.0 Imports: 16 Imported by: 0

README

Build Status GoDoc

The netlink package provides a simple netlink library for go. Netlink is the interface a user-space program in linux uses to communicate with the kernel. It can be used to add and remove interfaces, set ip addresses and routes, and configure ipsec. Netlink communication requires elevated privileges, so in most cases this code needs to be run as root. Since low-level netlink messages are inscrutable at best, the library attempts to provide an api that is loosely modeled on the CLI provided by iproute2. Actions like ip link add will be accomplished via a similarly named function like AddLink(). This library began its life as a fork of the netlink functionality in docker/libcontainer but was heavily rewritten to improve testability, performance, and to add new functionality like ipsec xfrm handling.

Local Build and Test

You can use go get command:

go get github.com/vishvananda/netlink

Testing dependencies:

go get github.com/vishvananda/netns

Testing (requires root):

sudo -E go test github.com/vishvananda/netlink

Examples

Add a new bridge and add eth1 into it:

package main

import (
    "fmt"
    "github.com/vishvananda/netlink"
)

func main() {
    la := netlink.NewLinkAttrs()
    la.Name = "foo"
    mybridge := &netlink.Bridge{LinkAttrs: la}
    err := netlink.LinkAdd(mybridge)
    if err != nil  {
        fmt.Printf("could not add %s: %v\n", la.Name, err)
    }
    eth1, _ := netlink.LinkByName("eth1")
    netlink.LinkSetMaster(eth1, mybridge)
}

Note NewLinkAttrs constructor, it sets default values in structure. For now it sets only TxQLen to -1, so kernel will set default by itself. If you're using simple initialization(LinkAttrs{Name: "foo"}) TxQLen will be set to 0 unless you specify it like LinkAttrs{Name: "foo", TxQLen: 1000}.

Add a new ip address to loopback:

package main

import (
    "github.com/vishvananda/netlink"
)

func main() {
    lo, _ := netlink.LinkByName("lo")
    addr, _ := netlink.ParseAddr("169.254.169.254/32")
    netlink.AddrAdd(lo, addr)
}

Future Work

Many pieces of netlink are not yet fully supported in the high-level interface. Aspects of virtually all of the high-level objects don't exist. Many of the underlying primitives are there, so its a matter of putting the right fields into the high-level objects and making sure that they are serialized and deserialized correctly in the Add and List methods.

There are also a few pieces of low level netlink functionality that still need to be implemented. Routing rules are not in place and some of the more advanced link types. Hopefully there is decent structure and testing in place to make these fairly straightforward to add.

Documentation

Overview

Package netlink provides a simple library for netlink. Netlink is the interface a user-space program in linux uses to communicate with the kernel. It can be used to add and remove interfaces, set up ip addresses and routes, and confiugre ipsec. Netlink communication requires elevated privileges, so in most cases this code needs to be run as root. The low level primitives for netlink are contained in the nl subpackage. This package attempts to provide a high-level interface that is loosly modeled on the iproute2 cli.

Index

Constants

View Source 
const (
	OperUnknown        = iota // Status can't be determined.
	OperNotPresent            // Some component is missing.
	OperDown                  // Down.
	OperLowerLayerDown        // Down due to state of lower layer.
	OperTesting               // In some test mode.
	OperDormant               // Not up but pending an external event.
	OperUp                    // Up, ready to send packets.
)
View Source 
const (
	BOND_MODE_MASK uint64 = 1 << (1 + iota)
	BOND_ACTIVE_SLAVE_MASK
	BOND_MIIMON_MASK
	BOND_UPDELAY_MASK
	BOND_DOWNDELAY_MASK
	BOND_USE_CARRIER_MASK
	BOND_ARP_INTERVAL_MASK
	BOND_ARP_VALIDATE_MASK
	BOND_ARP_ALL_TARGETS_MASK
	BOND_PRIMARY_MASK
	BOND_PRIMARY_RESELECT_MASK
	BOND_FAIL_OVER_MAC_MASK
	BOND_XMIT_HASH_POLICY_MASK
	BOND_RESEND_IGMP_MASK
	BOND_NUM_PEER_NOTIF_MASK
	BOND_ALL_SLAVES_ACTIVE_MASK
	BOND_MIN_LINKS_MASK
	BOND_LP_INTERVAL_MASK
	BOND_PACKETS_PER_SLAVE_MASK
	BOND_LACP_RATE_MASK
	BOND_AD_SELECT_MASK
)

Flag mask for bond options. Bond.Flagmask must be set to on for option to work.

View Source 
const (
	HANDLE_NONE      = 0
	HANDLE_INGRESS   = 0xFFFFFFF1
	HANDLE_CLSACT    = HANDLE_INGRESS
	HANDLE_ROOT      = 0xFFFFFFFF
	PRIORITY_MAP_LEN = 16
)
View Source 
const (
	HANDLE_MIN_INGRESS = 0xFFFFFFF2
	HANDLE_MIN_EGRESS  = 0xFFFFFFF3
)

Variables

View Source 
var (
	// ErrAttrHeaderTruncated is returned when a netlink attribute's header is
	// truncated.
	ErrAttrHeaderTruncated = errors.New("attribute header truncated")
	// ErrAttrBodyTruncated is returned when a netlink attribute's body is
	// truncated.
	ErrAttrBodyTruncated = errors.New("attribute body truncated")
)
View Source 
var (
	// ErrNotImplemented is returned when a requested feature is not implemented.
	ErrNotImplemented = errors.New("not implemented")
)
View Source 
var StringToBondLacpRateMap = map[string]BondLacpRate{
	"slow": BOND_LACP_RATE_SLOW,
	"fast": BOND_LACP_RATE_FAST,
}
View Source 
var StringToBondModeMap = map[string]BondMode{
	"balance-rr":    BOND_MODE_BALANCE_RR,
	"active-backup": BOND_MODE_ACTIVE_BACKUP,
	"balance-xor":   BOND_MODE_BALANCE_XOR,
	"broadcast":     BOND_MODE_BROADCAST,
	"802.3ad":       BOND_MODE_802_3AD,
	"balance-tlb":   BOND_MODE_BALANCE_TLB,
	"balance-alb":   BOND_MODE_BALANCE_ALB,
}
View Source 
var StringToBondXmitHashPolicyMap = map[string]BondXmitHashPolicy{
	"layer2":   BOND_XMIT_HASH_POLICY_LAYER2,
	"layer3+4": BOND_XMIT_HASH_POLICY_LAYER3_4,
	"layer2+3": BOND_XMIT_HASH_POLICY_LAYER2_3,
	"encap2+3": BOND_XMIT_HASH_POLICY_ENCAP2_3,
	"encap3+4": BOND_XMIT_HASH_POLICY_ENCAP3_4,
}

Functions

func AddrAdd 

func AddrAdd(link Link, addr *Addr) error

func AddrDel 

func AddrDel(link Link, addr *Addr) error

func ConntrackDeleteFilter 

func ConntrackDeleteFilter(table ConntrackTableType, family InetFamily, filter *ConntrackFilter) (uint, error)

ConntrackDeleteFilter deletes entries on the specified table on the base of the filter conntrack -D [table] parameters Delete conntrack or expectation

func ConntrackTableFlush 

func ConntrackTableFlush(table ConntrackTableType) error

ConntrackTableFlush flushes all the flows of a specified table conntrack -F [table] Flush table The flush operation applies to all the family types

func FouAdd 

func FouAdd(f Fou) error

func FouDel 

func FouDel(f Fou) error

func HandleStr 

func HandleStr(handle uint32) string

func LinkAdd 

func LinkAdd(link Link) error

func LinkDel 

func LinkDel(link Link) error

func LinkSetARPOff 

func LinkSetARPOff(link Link) error

func LinkSetARPOn 

func LinkSetARPOn(link Link) error

func LinkSetAlias 

func LinkSetAlias(link Link, name string) error

func LinkSetDown 

func LinkSetDown(link Link) error

func LinkSetFastLeave 

func LinkSetFastLeave(link Link, mode bool) error

func LinkSetFlood 

func LinkSetFlood(link Link, mode bool) error

func LinkSetGuard 

func LinkSetGuard(link Link, mode bool) error

func LinkSetHairpin 

func LinkSetHairpin(link Link, mode bool) error

func LinkSetHardwareAddr 

func LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error

func LinkSetLearning 

func LinkSetLearning(link Link, mode bool) error

func LinkSetMTU 

func LinkSetMTU(link Link, mtu int) error

func LinkSetMaster 

func LinkSetMaster(link Link, master *Bridge) error

func LinkSetMasterByIndex 

func LinkSetMasterByIndex(link Link, masterIndex int) error

func LinkSetName 

func LinkSetName(link Link, name string) error

func LinkSetNoMaster 

func LinkSetNoMaster(link Link) error

func LinkSetNsFd 

func LinkSetNsFd(link Link, fd int) error

func LinkSetNsPid 

func LinkSetNsPid(link Link, nspid int) error

func LinkSetRootBlock 

func LinkSetRootBlock(link Link, mode bool) error

func LinkSetTxQLen 

func LinkSetTxQLen(link Link, qlen int) error

func LinkSetUp 

func LinkSetUp(link Link) error

func LinkSetVfHardwareAddr 

func LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAddr) error

func LinkSetVfTxRate 

func LinkSetVfTxRate(link Link, vf, rate int) error

func LinkSetVfVlan 

func LinkSetVfVlan(link Link, vf, vlan int) error

func LinkSetXdpFd 

func LinkSetXdpFd(link Link, fd int) error

func MajorMinor 

func MajorMinor(handle uint32) (uint16, uint16)

func MakeHandle 

func MakeHandle(major, minor uint16) uint32

func NeighAdd 

func NeighAdd(neigh *Neigh) error

func NeighAppend 

func NeighAppend(neigh *Neigh) error

func NeighDel 

func NeighDel(neigh *Neigh) error

func NeighSet 

func NeighSet(neigh *Neigh) error

func NewIPNet 

func NewIPNet(ip net.IP) *net.IPNet

NewIPNet generates an IPNet from an ip address using a netmask of 32 or 128.

func ParseIPNet 

func ParseIPNet(s string) (*net.IPNet, error)

ParseIPNet parses a string in ip/net format and returns a net.IPNet. This is valuable because addresses in netlink are often IPNets and ParseCIDR returns an IPNet with the IP part set to the base IP of the range.

func Percentage2u32 

func Percentage2u32(percentage float32) uint32

func RouteAdd 

func RouteAdd(route *Route) error

func RouteDel 

func RouteDel(route *Route) error

func SetFastLeave 

func SetFastLeave(link Link, mode bool) error

func SetFlood 

func SetFlood(link Link, mode bool) error

func SetGuard 

func SetGuard(link Link, mode bool) error

func SetHairpin 

func SetHairpin(link Link, mode bool) error

func SetLearning 

func SetLearning(link Link, mode bool) error

func SetRootBlock 

func SetRootBlock(link Link, mode bool) error

func XfrmPolicyAdd 

func XfrmPolicyAdd(policy *XfrmPolicy) error

func XfrmPolicyDel 

func XfrmPolicyDel(policy *XfrmPolicy) error

func XfrmStateAdd 

func XfrmStateAdd(policy *XfrmState) error

func XfrmStateDel 

func XfrmStateDel(policy *XfrmState) error

Types

type Action 

type Action interface {
	Attrs() *ActionAttrs
	Type() string
}

Action represents an action in any supported filter.

type ActionAttrs 

type ActionAttrs struct {
	Index   int
	Capab   int
	Action  TcAct
	Refcnt  int
	Bindcnt int
}

func (ActionAttrs) String 

func (q ActionAttrs) String() string

type Addr 

type Addr struct {
	*net.IPNet
	Label       string
	Flags       int
	Scope       int
	Peer        *net.IPNet
	Broadcast   net.IP
	PreferedLft int
	ValidLft    int
}

Addr represents an IP address from netlink. Netlink ip addresses include a mask, so it stores the address as a net.IPNet.

func AddrList 

func AddrList(link Link, family int) ([]Addr, error)

func ParseAddr 

func ParseAddr(s string) (*Addr, error)

ParseAddr parses the string representation of an address in the form $ip/$netmask $label. The label portion is optional

func (Addr) Equal 

func (a Addr) Equal(x Addr) bool

Equal returns true if both Addrs have the same net.IPNet value.

func (Addr) PeerEqual 

func (a Addr) PeerEqual(x Addr) bool

func (Addr) String 

func (a Addr) String() string

String returns $ip/$netmask $label

type Bond 

type Bond struct {
	LinkAttrs
	Mode            BondMode
	ActiveSlave     int
	Miimon          int
	UpDelay         int
	DownDelay       int
	UseCarrier      int
	ArpInterval     int
	ArpIpTargets    []net.IP
	ArpValidate     BondArpValidate
	ArpAllTargets   BondArpAllTargets
	Primary         int
	PrimaryReselect BondPrimaryReselect
	FailOverMac     BondFailOverMac
	XmitHashPolicy  BondXmitHashPolicy
	ResendIgmp      int
	NumPeerNotif    int
	AllSlavesActive int
	MinLinks        int
	LpInterval      int
	PackersPerSlave int
	LacpRate        BondLacpRate
	AdSelect        BondAdSelect
	// looking at iproute tool AdInfo can only be retrived. It can't be set.
	AdInfo         *BondAdInfo
	AdActorSysPrio int
	AdUserPortKey  int
	AdActorSystem  net.HardwareAddr
	TlbDynamicLb   int
}

Bond representation

func NewLinkBond 

func NewLinkBond(atr LinkAttrs) *Bond

func (*Bond) Attrs 

func (bond *Bond) Attrs() *LinkAttrs

Attrs implementation.

func (*Bond) Type 

func (bond *Bond) Type() string

Type implementation fro Vxlan.

type BondAdInfo 

type BondAdInfo struct {
	AggregatorId int
	NumPorts     int
	ActorKey     int
	PartnerKey   int
	PartnerMac   net.HardwareAddr
}

BondAdInfo represents ad info for bond

type BondAdSelect 

type BondAdSelect int

BondAdSelect type 

const (
	BOND_AD_SELECT_STABLE BondAdSelect = iota
	BOND_AD_SELECT_BANDWIDTH
	BOND_AD_SELECT_COUNT
)

Possible BondAdSelect value

type BondArpAllTargets 

type BondArpAllTargets int

BondArpAllTargets type 

const (
	BOND_ARP_ALL_TARGETS_ANY BondArpAllTargets = iota
	BOND_ARP_ALL_TARGETS_ALL
)

Possible BondArpAllTargets value

type BondArpValidate 

type BondArpValidate int

BondArpValidate type 

const (
	BOND_ARP_VALIDATE_NONE BondArpValidate = iota
	BOND_ARP_VALIDATE_ACTIVE
	BOND_ARP_VALIDATE_BACKUP
	BOND_ARP_VALIDATE_ALL
)

Possible BondArpValidate value

type BondFailOverMac 

type BondFailOverMac int

BondFailOverMac type 

const (
	BOND_FAIL_OVER_MAC_NONE BondFailOverMac = iota
	BOND_FAIL_OVER_MAC_ACTIVE
	BOND_FAIL_OVER_MAC_FOLLOW
)

Possible BondFailOverMac value

type BondLacpRate 

type BondLacpRate int

BondLacpRate type 

const (
	BOND_LACP_RATE_SLOW BondLacpRate = iota
	BOND_LACP_RATE_FAST
	BOND_LACP_RATE_UNKNOWN
)

Possible BondLacpRate value

func StringToBondLacpRate 

func StringToBondLacpRate(s string) BondLacpRate

StringToBondLacpRate returns bond lacp arte, or uknonw is the s is invalid.

func (BondLacpRate) String 

func (b BondLacpRate) String() string

type BondMode 

type BondMode int

BondMode type 

const (
	BOND_MODE_BALANCE_RR BondMode = iota
	BOND_MODE_ACTIVE_BACKUP
	BOND_MODE_BALANCE_XOR
	BOND_MODE_BROADCAST
	BOND_MODE_802_3AD
	BOND_MODE_BALANCE_TLB
	BOND_MODE_BALANCE_ALB
	BOND_MODE_UNKNOWN
)

Possible BondMode

func StringToBondMode 

func StringToBondMode(s string) BondMode

StringToBondMode returns bond mode, or uknonw is the s is invalid.

func (BondMode) String 

func (b BondMode) String() string

type BondPrimaryReselect 

type BondPrimaryReselect int

BondPrimaryReselect type 

const (
	BOND_PRIMARY_RESELECT_ALWAYS BondPrimaryReselect = iota
	BOND_PRIMARY_RESELECT_BETTER
	BOND_PRIMARY_RESELECT_FAILURE
)

Possible BondPrimaryReselect value

type BondXmitHashPolicy 

type BondXmitHashPolicy int

BondXmitHashPolicy type 

const (
	BOND_XMIT_HASH_POLICY_LAYER2 BondXmitHashPolicy = iota
	BOND_XMIT_HASH_POLICY_LAYER3_4
	BOND_XMIT_HASH_POLICY_LAYER2_3
	BOND_XMIT_HASH_POLICY_ENCAP2_3
	BOND_XMIT_HASH_POLICY_ENCAP3_4
	BOND_XMIT_HASH_POLICY_UNKNOWN
)

Possible BondXmitHashPolicy value

func StringToBondXmitHashPolicy 

func StringToBondXmitHashPolicy(s string) BondXmitHashPolicy

StringToBondXmitHashPolicy returns bond lacp arte, or uknonw is the s is invalid.

func (BondXmitHashPolicy) String 

func (b BondXmitHashPolicy) String() string

type BpfAction 

type BpfAction struct {
	ActionAttrs
	Fd   int
	Name string
}

func (*BpfAction) Attrs 

func (action *BpfAction) Attrs() *ActionAttrs

func (*BpfAction) Type 

func (action *BpfAction) Type() string

type BpfFilter 

type BpfFilter struct {
	FilterAttrs
	ClassId      uint32
	Fd           int
	Name         string
	DirectAction bool
}

func (*BpfFilter) Attrs 

func (filter *BpfFilter) Attrs() *FilterAttrs

func (*BpfFilter) Type 

func (filter *BpfFilter) Type() string

type Bridge 

type Bridge struct {
	LinkAttrs
	MulticastSnooping *bool
	HelloTime         *uint32
}

Bridge links are simple linux bridges

func (*Bridge) Attrs 

func (bridge *Bridge) Attrs() *LinkAttrs

func (*Bridge) Type 

func (bridge *Bridge) Type() string

type Class 

type Class interface {
	Attrs() *ClassAttrs
	Type() string
}

type ClassAttrs 

type ClassAttrs struct {
	LinkIndex int
	Handle    uint32
	Parent    uint32
	Leaf      uint32
}

ClassAttrs represents a netlink class. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.

func (ClassAttrs) String 

func (q ClassAttrs) String() string

type ConntrackFilter 

type ConntrackFilter struct{}

ConntrackFilter placeholder

type ConntrackFlow 

type ConntrackFlow struct{}

ConntrackFlow placeholder

func ConntrackTableList 

func ConntrackTableList(table ConntrackTableType, family InetFamily) ([]*ConntrackFlow, error)

ConntrackTableList returns the flow list of a table of a specific family conntrack -L [table] [options] List conntrack or expectation table

type ConntrackTableType 

type ConntrackTableType uint8

ConntrackTableType Conntrack table for the netlink operation

type Destination 

type Destination interface {
	Family() int
	Decode([]byte) error
	Encode() ([]byte, error)
	String() string
	Equal(Destination) bool
}

type Device 

type Device struct {
	LinkAttrs
}

Device links cannot be created via netlink. These links are links created by udev like 'lo' and 'etho0'

func (*Device) Attrs 

func (device *Device) Attrs() *LinkAttrs

func (*Device) Type 

func (device *Device) Type() string

type Dir 

type Dir uint8

Dir is an enum representing an ipsec template direction. 

const (
	XFRM_DIR_IN Dir = iota
	XFRM_DIR_OUT
	XFRM_DIR_FWD
	XFRM_SOCKET_IN
	XFRM_SOCKET_OUT
	XFRM_SOCKET_FWD
)

func (Dir) String 

func (d Dir) String() string

type Dummy 

type Dummy struct {
	LinkAttrs
}

Dummy links are dummy ethernet devices

func (*Dummy) Attrs 

func (dummy *Dummy) Attrs() *LinkAttrs

func (*Dummy) Type 

func (dummy *Dummy) Type() string

type Encap 

type Encap interface {
	Type() int
	Decode([]byte) error
	Encode() ([]byte, error)
	String() string
	Equal(Encap) bool
}

type EncapType 

type EncapType uint8

EncapType is an enum representing the optional packet encapsulation. 

const (
	XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1
	XFRM_ENCAP_ESPINUDP
)

func (EncapType) String 

func (e EncapType) String() string

type Filter 

type Filter interface {
	Attrs() *FilterAttrs
	Type() string
}

type FilterAttrs 

type FilterAttrs struct {
	LinkIndex int
	Handle    uint32
	Parent    uint32
	Priority  uint16 // lower is higher priority
	Protocol  uint16 // unix.ETH_P_*
}

FilterAttrs represents a netlink filter. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.

func (FilterAttrs) String 

func (q FilterAttrs) String() string

type FilterFwAttrs 

type FilterFwAttrs struct {
	ClassId   uint32
	InDev     string
	Mask      uint32
	Index     uint32
	Buffer    uint32
	Mtu       uint32
	Mpu       uint16
	Rate      uint32
	AvRate    uint32
	PeakRate  uint32
	Action    TcPolAct
	Overhead  uint16
	LinkLayer int
}

type Fou 

type Fou struct {
	Family    int
	Port      int
	Protocol  int
	EncapType int
}

func FouList 

func FouList(fam int) ([]Fou, error)

type Fq 

type Fq struct {
	QdiscAttrs
	PacketLimit     uint32
	FlowPacketLimit uint32
	// In bytes
	Quantum        uint32
	InitialQuantum uint32
	// called RateEnable under the hood
	Pacing          uint32
	FlowDefaultRate uint32
	FlowMaxRate     uint32
	// called BucketsLog under the hood
	Buckets          uint32
	FlowRefillDelay  uint32
	LowRateThreshold uint32
}

Fq is a classless packet scheduler meant to be mostly used for locally generated traffic.

func NewFq 

func NewFq(attrs QdiscAttrs) *Fq

func (*Fq) Attrs 

func (qdisc *Fq) Attrs() *QdiscAttrs

func (*Fq) Type 

func (qdisc *Fq) Type() string

type FqCodel 

type FqCodel struct {
	QdiscAttrs
	Target   uint32
	Limit    uint32
	Interval uint32
	ECN      uint32
	Flows    uint32
	Quantum  uint32
}

FQ_Codel (Fair Queuing Controlled Delay) is queuing discipline that combines Fair Queuing with the CoDel AQM scheme.

func NewFqCodel 

func NewFqCodel(attrs QdiscAttrs) *FqCodel

func (*FqCodel) Attrs 

func (qdisc *FqCodel) Attrs() *QdiscAttrs

func (*FqCodel) Type 

func (qdisc *FqCodel) Type() string

type GTP 

type GTP struct {
	LinkAttrs
	FD0         int
	FD1         int
	Role        int
	PDPHashsize int
}

func (*GTP) Attrs 

func (gtp *GTP) Attrs() *LinkAttrs

func (*GTP) Type 

func (gtp *GTP) Type() string

type GenericAction 

type GenericAction struct {
	ActionAttrs
}

func (*GenericAction) Attrs 

func (action *GenericAction) Attrs() *ActionAttrs

func (*GenericAction) Type 

func (action *GenericAction) Type() string

type GenericClass 

type GenericClass struct {
	ClassAttrs
	ClassType string
}

GenericClass classes represent types that are not currently understood by this netlink library.

func (*GenericClass) Attrs 

func (class *GenericClass) Attrs() *ClassAttrs

func (*GenericClass) Type 

func (class *GenericClass) Type() string

type GenericFilter 

type GenericFilter struct {
	FilterAttrs
	FilterType string
}

GenericFilter filters represent types that are not currently understood by this netlink library.

func (*GenericFilter) Attrs 

func (filter *GenericFilter) Attrs() *FilterAttrs

func (*GenericFilter) Type 

func (filter *GenericFilter) Type() string
type GenericLink struct {
	LinkAttrs
	LinkType string
}

GenericLink links represent types that are not currently understood by this netlink library.

func (*GenericLink) Attrs 

func (generic *GenericLink) Attrs() *LinkAttrs

func (*GenericLink) Type 

func (generic *GenericLink) Type() string

type GenericQdisc 

type GenericQdisc struct {
	QdiscAttrs
	QdiscType string
}

GenericQdisc qdiscs represent types that are not currently understood by this netlink library.

func (*GenericQdisc) Attrs 

func (qdisc *GenericQdisc) Attrs() *QdiscAttrs

func (*GenericQdisc) Type 

func (qdisc *GenericQdisc) Type() string

type GenlFamily 

type GenlFamily struct{}

func GenlFamilyGet 

func GenlFamilyGet(name string) (*GenlFamily, error)

func GenlFamilyList 

func GenlFamilyList() ([]*GenlFamily, error)

type GenlMulticastGroup 

type GenlMulticastGroup struct{}

type GenlOp 

type GenlOp struct{}

type Gretap 

type Gretap struct {
	LinkAttrs
	IKey       uint32
	OKey       uint32
	EncapSport uint16
	EncapDport uint16
	Local      net.IP
	Remote     net.IP
	IFlags     uint16
	OFlags     uint16
	PMtuDisc   uint8
	Ttl        uint8
	Tos        uint8
	EncapType  uint16
	EncapFlags uint16
	Link       uint32
	FlowBased  bool
}

Gretap devices must specify LocalIP and RemoteIP on create

func (*Gretap) Attrs 

func (gretap *Gretap) Attrs() *LinkAttrs

func (*Gretap) Type 

func (gretap *Gretap) Type() string

type Gretun 

type Gretun struct {
	LinkAttrs
	Link       uint32
	IFlags     uint16
	OFlags     uint16
	IKey       uint32
	OKey       uint32
	Local      net.IP
	Remote     net.IP
	Ttl        uint8
	Tos        uint8
	PMtuDisc   uint8
	EncapType  uint16
	EncapFlags uint16
	EncapSport uint16
	EncapDport uint16
}

func (*Gretun) Attrs 

func (gretun *Gretun) Attrs() *LinkAttrs

func (*Gretun) Type 

func (gretun *Gretun) Type() string

type Handle 

type Handle struct{}

func NewHandle 

func NewHandle(nlFamilies ...int) (*Handle, error)

func NewHandleAt 

func NewHandleAt(ns netns.NsHandle, nlFamilies ...int) (*Handle, error)

func NewHandleAtFrom 

func NewHandleAtFrom(newNs, curNs netns.NsHandle) (*Handle, error)

func (*Handle) AddrAdd 

func (h *Handle) AddrAdd(link Link, addr *Addr) error

func (*Handle) AddrDel 

func (h *Handle) AddrDel(link Link, addr *Addr) error

func (*Handle) AddrList 

func (h *Handle) AddrList(link Link, family int) ([]Addr, error)

func (*Handle) ClassAdd 

func (h *Handle) ClassAdd(class Class) error

func (*Handle) ClassChange 

func (h *Handle) ClassChange(class Class) error

func (*Handle) ClassDel 

func (h *Handle) ClassDel(class Class) error

func (*Handle) ClassList 

func (h *Handle) ClassList(link Link, parent uint32) ([]Class, error)

func (*Handle) ClassReplace 

func (h *Handle) ClassReplace(class Class) error

func (*Handle) ConntrackDeleteFilter 

func (h *Handle) ConntrackDeleteFilter(table ConntrackTableType, family InetFamily, filter *ConntrackFilter) (uint, error)

ConntrackDeleteFilter deletes entries on the specified table on the base of the filter using the netlink handle passed conntrack -D [table] parameters Delete conntrack or expectation

func (*Handle) ConntrackTableFlush 

func (h *Handle) ConntrackTableFlush(table ConntrackTableType) error

ConntrackTableFlush flushes all the flows of a specified table using the netlink handle passed conntrack -F [table] Flush table The flush operation applies to all the family types

func (*Handle) ConntrackTableList 

func (h *Handle) ConntrackTableList(table ConntrackTableType, family InetFamily) ([]*ConntrackFlow, error)

ConntrackTableList returns the flow list of a table of a specific family using the netlink handle passed conntrack -L [table] [options] List conntrack or expectation table

func (*Handle) Delete 

func (h *Handle) Delete()

func (*Handle) FilterAdd 

func (h *Handle) FilterAdd(filter Filter) error

func (*Handle) FilterDel 

func (h *Handle) FilterDel(filter Filter) error

func (*Handle) FilterList 

func (h *Handle) FilterList(link Link, parent uint32) ([]Filter, error)

func (*Handle) GenlFamilyGet 

func (h *Handle) GenlFamilyGet(name string) (*GenlFamily, error)

func (*Handle) GenlFamilyList 

func (h *Handle) GenlFamilyList() ([]*GenlFamily, error)

func (*Handle) LinkAdd 

func (h *Handle) LinkAdd(link Link) error

func (*Handle) LinkByAlias 

func (h *Handle) LinkByAlias(alias string) (Link, error)

func (*Handle) LinkByIndex 

func (h *Handle) LinkByIndex(index int) (Link, error)

func (*Handle) LinkByName 

func (h *Handle) LinkByName(name string) (Link, error)

func (*Handle) LinkDel 

func (h *Handle) LinkDel(link Link) error
func (h *Handle) LinkList() ([]Link, error)

func (*Handle) LinkSetAlias 

func (h *Handle) LinkSetAlias(link Link, name string) error

func (*Handle) LinkSetDown 

func (h *Handle) LinkSetDown(link Link) error

func (*Handle) LinkSetFastLeave 

func (h *Handle) LinkSetFastLeave(link Link, mode bool) error

func (*Handle) LinkSetFlood 

func (h *Handle) LinkSetFlood(link Link, mode bool) error

func (*Handle) LinkSetGuard 

func (h *Handle) LinkSetGuard(link Link, mode bool) error

func (*Handle) LinkSetHairpin 

func (h *Handle) LinkSetHairpin(link Link, mode bool) error

func (*Handle) LinkSetHardwareAddr 

func (h *Handle) LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error

func (*Handle) LinkSetLearning 

func (h *Handle) LinkSetLearning(link Link, mode bool) error

func (*Handle) LinkSetMTU 

func (h *Handle) LinkSetMTU(link Link, mtu int) error

func (*Handle) LinkSetMaster 

func (h *Handle) LinkSetMaster(link Link, master *Bridge) error

func (*Handle) LinkSetMasterByIndex 

func (h *Handle) LinkSetMasterByIndex(link Link, masterIndex int) error

func (*Handle) LinkSetName 

func (h *Handle) LinkSetName(link Link, name string) error

func (*Handle) LinkSetNoMaster 

func (h *Handle) LinkSetNoMaster(link Link) error

func (*Handle) LinkSetNsFd 

func (h *Handle) LinkSetNsFd(link Link, fd int) error

func (*Handle) LinkSetNsPid 

func (h *Handle) LinkSetNsPid(link Link, nspid int) error

func (*Handle) LinkSetRootBlock 

func (h *Handle) LinkSetRootBlock(link Link, mode bool) error

func (*Handle) LinkSetTxQLen 

func (h *Handle) LinkSetTxQLen(link Link, qlen int) error

func (*Handle) LinkSetUp 

func (h *Handle) LinkSetUp(link Link) error

func (*Handle) LinkSetVfHardwareAddr 

func (h *Handle) LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAddr) error

func (*Handle) LinkSetVfTxRate 

func (h *Handle) LinkSetVfTxRate(link Link, vf, rate int) error

func (*Handle) LinkSetVfVlan 

func (h *Handle) LinkSetVfVlan(link Link, vf, vlan int) error

func (*Handle) NeighAdd 

func (h *Handle) NeighAdd(neigh *Neigh) error

func (*Handle) NeighAppend 

func (h *Handle) NeighAppend(neigh *Neigh) error

func (*Handle) NeighDel 

func (h *Handle) NeighDel(neigh *Neigh) error

func (*Handle) NeighList 

func (h *Handle) NeighList(linkIndex, family int) ([]Neigh, error)

func (*Handle) NeighProxyList 

func (h *Handle) NeighProxyList(linkIndex, family int) ([]Neigh, error)

func (*Handle) NeighSet 

func (h *Handle) NeighSet(neigh *Neigh) error

func (*Handle) RouteAdd 

func (h *Handle) RouteAdd(route *Route) error

func (*Handle) RouteDel 

func (h *Handle) RouteDel(route *Route) error

func (*Handle) RouteGet 

func (h *Handle) RouteGet(destination net.IP) ([]Route, error)

func (*Handle) RouteList 

func (h *Handle) RouteList(link Link, family int) ([]Route, error)

func (*Handle) RouteListFiltered 

func (h *Handle) RouteListFiltered(family int, filter *Route, filterMask uint64) ([]Route, error)

func (*Handle) RouteReplace 

func (h *Handle) RouteReplace(route *Route) error

func (*Handle) RuleAdd 

func (h *Handle) RuleAdd(rule *Rule) error

func (*Handle) RuleDel 

func (h *Handle) RuleDel(rule *Rule) error

func (*Handle) RuleList 

func (h *Handle) RuleList(family int) ([]Rule, error)

func (*Handle) SetPromiscOff 

func (h *Handle) SetPromiscOff(link Link) error

func (*Handle) SetPromiscOn 

func (h *Handle) SetPromiscOn(link Link) error

func (*Handle) SetSocketTimeout 

func (h *Handle) SetSocketTimeout(to time.Duration) error

func (*Handle) SupportsNetlinkFamily 

func (h *Handle) SupportsNetlinkFamily(nlFamily int) bool

type Htb 

type Htb struct {
	QdiscAttrs
	Version      uint32
	Rate2Quantum uint32
	Defcls       uint32
	Debug        uint32
	DirectPkts   uint32
}

Htb is a classful qdisc that rate limits based on tokens

func NewHtb 

func NewHtb(attrs QdiscAttrs) *Htb

func (*Htb) Attrs 

func (qdisc *Htb) Attrs() *QdiscAttrs

func (*Htb) Type 

func (qdisc *Htb) Type() string

type HtbClass 

type HtbClass struct {
	ClassAttrs
	Rate    uint64
	Ceil    uint64
	Buffer  uint32
	Cbuffer uint32
	Quantum uint32
	Level   uint32
	Prio    uint32
}

HtbClass represents an Htb class

func (*HtbClass) Attrs 

func (q *HtbClass) Attrs() *ClassAttrs

func (HtbClass) String 

func (q HtbClass) String() string

func (*HtbClass) Type 

func (q *HtbClass) Type() string

type HtbClassAttrs 

type HtbClassAttrs struct {
	// TODO handle all attributes
	Rate    uint64
	Ceil    uint64
	Buffer  uint32
	Cbuffer uint32
	Quantum uint32
	Level   uint32
	Prio    uint32
}

func (HtbClassAttrs) String 

func (q HtbClassAttrs) String() string

type IPVlan 

type IPVlan struct {
	LinkAttrs
	Mode IPVlanMode
}

func (*IPVlan) Attrs 

func (ipvlan *IPVlan) Attrs() *LinkAttrs

func (*IPVlan) Type 

func (ipvlan *IPVlan) Type() string

type IPVlanMode 

type IPVlanMode uint16
const (
	IPVLAN_MODE_L2 IPVlanMode = iota
	IPVLAN_MODE_L3
	IPVLAN_MODE_L3S
	IPVLAN_MODE_MAX
)

type Ifb 

type Ifb struct {
	LinkAttrs
}

Ifb links are advanced dummy devices for packet filtering

func (*Ifb) Attrs 

func (ifb *Ifb) Attrs() *LinkAttrs

func (*Ifb) Type 

func (ifb *Ifb) Type() string

type InetFamily 

type InetFamily uint8

InetFamily Family type

type Ingress 

type Ingress struct {
	QdiscAttrs
}

Ingress is a qdisc for adding ingress filters

func (*Ingress) Attrs 

func (qdisc *Ingress) Attrs() *QdiscAttrs

func (*Ingress) Type 

func (qdisc *Ingress) Type() string

type Iptun 

type Iptun struct {
	LinkAttrs
	Ttl        uint8
	Tos        uint8
	PMtuDisc   uint8
	Link       uint32
	Local      net.IP
	Remote     net.IP
	EncapSport uint16
	EncapDport uint16
	EncapType  uint16
	EncapFlags uint16
	FlowBased  bool
}

func (*Iptun) Attrs 

func (iptun *Iptun) Attrs() *LinkAttrs

func (*Iptun) Type 

func (iptun *Iptun) Type() string
type Link interface {
	Attrs() *LinkAttrs
	Type() string
}

Link represents a link device from netlink. Shared link attributes like name may be retrieved using the Attrs() method. Unique data can be retrieved by casting the object to the proper type.

func LinkByAlias 

func LinkByAlias(alias string) (Link, error)

func LinkByIndex 

func LinkByIndex(index int) (Link, error)

func LinkByName 

func LinkByName(name string) (Link, error)
func LinkList() ([]Link, error)

type LinkAttrs 

type LinkAttrs struct {
	Index        int
	MTU          int
	TxQLen       int // Transmit Queue Length
	Name         string
	HardwareAddr net.HardwareAddr
	Flags        net.Flags
	RawFlags     uint32
	ParentIndex  int         // index of the parent link device
	MasterIndex  int         // must be the index of a bridge
	Namespace    interface{} // nil | NsPid | NsFd
	Alias        string
	Statistics   *LinkStatistics
	Promisc      int
	Xdp          *LinkXdp
	EncapType    string
	Protinfo     *Protinfo
	OperState    LinkOperState
	NetNsID      int
	NumTxQueues  int
	NumRxQueues  int
}

LinkAttrs represents data shared by most link types

func NewLinkAttrs 

func NewLinkAttrs() LinkAttrs

NewLinkAttrs returns LinkAttrs structure filled with default values

type LinkNotFoundError 

type LinkNotFoundError struct {
	// contains filtered or unexported fields
}

LinkNotFoundError wraps the various not found errors when getting/reading links. This is intended for better error handling by dependent code so that "not found error" can be distinguished from other errors

type LinkOperState 

type LinkOperState uint8

LinkOperState represents the values of the IFLA_OPERSTATE link attribute, which contains the RFC2863 state of the interface.

func (LinkOperState) String 

func (s LinkOperState) String() string

type LinkStatistics 

type LinkStatistics LinkStatistics64

type LinkStatistics32 

type LinkStatistics32 struct {
	RxPackets         uint32
	TxPackets         uint32
	RxBytes           uint32
	TxBytes           uint32
	RxErrors          uint32
	TxErrors          uint32
	RxDropped         uint32
	TxDropped         uint32
	Multicast         uint32
	Collisions        uint32
	RxLengthErrors    uint32
	RxOverErrors      uint32
	RxCrcErrors       uint32
	RxFrameErrors     uint32
	RxFifoErrors      uint32
	RxMissedErrors    uint32
	TxAbortedErrors   uint32
	TxCarrierErrors   uint32
	TxFifoErrors      uint32
	TxHeartbeatErrors uint32
	TxWindowErrors    uint32
	RxCompressed      uint32
	TxCompressed      uint32
}

Ref: struct rtnl_link_stats {...}

type LinkStatistics64 

type LinkStatistics64 struct {
	RxPackets         uint64
	TxPackets         uint64
	RxBytes           uint64
	TxBytes           uint64
	RxErrors          uint64
	TxErrors          uint64
	RxDropped         uint64
	TxDropped         uint64
	Multicast         uint64
	Collisions        uint64
	RxLengthErrors    uint64
	RxOverErrors      uint64
	RxCrcErrors       uint64
	RxFrameErrors     uint64
	RxFifoErrors      uint64
	RxMissedErrors    uint64
	TxAbortedErrors   uint64
	TxCarrierErrors   uint64
	TxFifoErrors      uint64
	TxHeartbeatErrors uint64
	TxWindowErrors    uint64
	RxCompressed      uint64
	TxCompressed      uint64
}

Ref: struct rtnl_link_stats64 {...}

type LinkXdp 

type LinkXdp struct {
	Fd       int
	Attached bool
	Flags    uint32
	ProgId   uint32
}

type Macvlan 

type Macvlan struct {
	LinkAttrs
	Mode MacvlanMode

	// MACAddrs is only populated for Macvlan SOURCE links
	MACAddrs []net.HardwareAddr
}

Macvlan links have ParentIndex set in their Attrs()

func (*Macvlan) Attrs 

func (macvlan *Macvlan) Attrs() *LinkAttrs

func (*Macvlan) Type 

func (macvlan *Macvlan) Type() string

type MacvlanMode 

type MacvlanMode uint16
const (
	MACVLAN_MODE_DEFAULT MacvlanMode = iota
	MACVLAN_MODE_PRIVATE
	MACVLAN_MODE_VEPA
	MACVLAN_MODE_BRIDGE
	MACVLAN_MODE_PASSTHRU
	MACVLAN_MODE_SOURCE
)

type Macvtap 

type Macvtap struct {
	Macvlan
}

Macvtap - macvtap is a virtual interfaces based on macvlan

func (Macvtap) Type 

func (macvtap Macvtap) Type() string

type MatchAll 

type MatchAll struct {
	FilterAttrs
	ClassId uint32
	Actions []Action
}

MatchAll filters match all packets

func (*MatchAll) Attrs 

func (filter *MatchAll) Attrs() *FilterAttrs

func (*MatchAll) Type 

func (filter *MatchAll) Type() string

type MirredAct 

type MirredAct uint8
const (
	TCA_EGRESS_REDIR   MirredAct = 1 /* packet redirect to EGRESS*/
	TCA_EGRESS_MIRROR  MirredAct = 2 /* mirror packet to EGRESS */
	TCA_INGRESS_REDIR  MirredAct = 3 /* packet redirect to INGRESS*/
	TCA_INGRESS_MIRROR MirredAct = 4 /* mirror packet to INGRESS */
)

func (MirredAct) String 

func (a MirredAct) String() string

type MirredAction 

type MirredAction struct {
	ActionAttrs
	MirredAction MirredAct
	Ifindex      int
}

func NewMirredAction 

func NewMirredAction(redirIndex int) *MirredAction

func (*MirredAction) Attrs 

func (action *MirredAction) Attrs() *ActionAttrs

func (*MirredAction) Type 

func (action *MirredAction) Type() string

type Mode 

type Mode uint8

Mode is an enum representing an ipsec transport. 

const (
	XFRM_MODE_TRANSPORT Mode = iota
	XFRM_MODE_TUNNEL
	XFRM_MODE_ROUTEOPTIMIZATION
	XFRM_MODE_IN_TRIGGER
	XFRM_MODE_BEET
	XFRM_MODE_MAX
)

func (Mode) String 

func (m Mode) String() string

type Neigh 

type Neigh struct {
	LinkIndex    int
	Family       int
	State        int
	Type         int
	Flags        int
	IP           net.IP
	HardwareAddr net.HardwareAddr
	LLIPAddr     net.IP //Used in the case of NHRP
	Vlan         int
	VNI          int
}

Neigh represents a link layer neighbor from netlink.

func NeighDeserialize 

func NeighDeserialize(m []byte) (*Neigh, error)

func NeighList 

func NeighList(linkIndex, family int) ([]Neigh, error)

func (*Neigh) String 

func (neigh *Neigh) String() string

String returns $ip/$hwaddr $label

type Netem 

type Netem struct {
	QdiscAttrs
	Latency       uint32
	DelayCorr     uint32
	Limit         uint32
	Loss          uint32
	LossCorr      uint32
	Gap           uint32
	Duplicate     uint32
	DuplicateCorr uint32
	Jitter        uint32
	ReorderProb   uint32
	ReorderCorr   uint32
	CorruptProb   uint32
	CorruptCorr   uint32
}

func (*Netem) Attrs 

func (qdisc *Netem) Attrs() *QdiscAttrs

func (*Netem) Type 

func (qdisc *Netem) Type() string

type NetemQdiscAttrs 

type NetemQdiscAttrs struct {
	Latency       uint32  // in us
	DelayCorr     float32 // in %
	Limit         uint32
	Loss          float32 // in %
	LossCorr      float32 // in %
	Gap           uint32
	Duplicate     float32 // in %
	DuplicateCorr float32 // in %
	Jitter        uint32  // in us
	ReorderProb   float32 // in %
	ReorderCorr   float32 // in %
	CorruptProb   float32 // in %
	CorruptCorr   float32 // in %
}

func (NetemQdiscAttrs) String 

func (q NetemQdiscAttrs) String() string

type NextHopFlag 

type NextHopFlag int

type NexthopInfo 

type NexthopInfo struct {
	LinkIndex int
	Hops      int
	Gw        net.IP
	Flags     int
	NewDst    Destination
	Encap     Encap
}

func (NexthopInfo) Equal 

func (n NexthopInfo) Equal(x NexthopInfo) bool

func (*NexthopInfo) ListFlags 

func (n *NexthopInfo) ListFlags() []string

func (*NexthopInfo) String 

func (n *NexthopInfo) String() string

type NsFd 

type NsFd int

type NsPid 

type NsPid int

type PfifoFast 

type PfifoFast struct {
	QdiscAttrs
	Bands       uint8
	PriorityMap [PRIORITY_MAP_LEN]uint8
}

PfifoFast is the default qdisc created by the kernel if one has not been defined for the interface

func (*PfifoFast) Attrs 

func (qdisc *PfifoFast) Attrs() *QdiscAttrs

func (*PfifoFast) Type 

func (qdisc *PfifoFast) Type() string

type Prio 

type Prio struct {
	QdiscAttrs
	Bands       uint8
	PriorityMap [PRIORITY_MAP_LEN]uint8
}

Prio is a basic qdisc that works just like PfifoFast

func NewPrio 

func NewPrio(attrs QdiscAttrs) *Prio

func (*Prio) Attrs 

func (qdisc *Prio) Attrs() *QdiscAttrs

func (*Prio) Type 

func (qdisc *Prio) Type() string

type Protinfo 

type Protinfo struct {
	Hairpin      bool
	Guard        bool
	FastLeave    bool
	RootBlock    bool
	Learning     bool
	Flood        bool
	ProxyArp     bool
	ProxyArpWiFi bool
}

Protinfo represents bridge flags from netlink.

func (*Protinfo) String 

func (prot *Protinfo) String() string

String returns a list of enabled flags

type Proto 

type Proto uint8

Proto is an enum representing an ipsec protocol. 

const (
	XFRM_PROTO_ROUTE2    Proto = unix.IPPROTO_ROUTING
	XFRM_PROTO_ESP       Proto = unix.IPPROTO_ESP
	XFRM_PROTO_AH        Proto = unix.IPPROTO_AH
	XFRM_PROTO_HAO       Proto = unix.IPPROTO_DSTOPTS
	XFRM_PROTO_COMP      Proto = 0x6c // NOTE not defined on darwin
	XFRM_PROTO_IPSEC_ANY Proto = unix.IPPROTO_RAW
)

func (Proto) String 

func (p Proto) String() string

type Qdisc 

type Qdisc interface {
	Attrs() *QdiscAttrs
	Type() string
}

type QdiscAttrs 

type QdiscAttrs struct {
	LinkIndex int
	Handle    uint32
	Parent    uint32
	Refcnt    uint32 // read only
}

QdiscAttrs represents a netlink qdisc. A qdisc is associated with a link, has a handle, a parent and a refcnt. The root qdisc of a device should have parent == HANDLE_ROOT.

func (QdiscAttrs) String 

func (q QdiscAttrs) String() string

type Route 

type Route struct {
	LinkIndex  int
	ILinkIndex int
	Scope      Scope
	Dst        *net.IPNet
	Src        net.IP
	Gw         net.IP
	MultiPath  []*NexthopInfo
	Protocol   int
	Priority   int
	Table      int
	Type       int
	Tos        int
	Flags      int
	MPLSDst    *int
	NewDst     Destination
	Encap      Encap
	MTU        int
	AdvMSS     int
}

Route represents a netlink route.

func RouteList 

func RouteList(link Link, family int) ([]Route, error)

func (*Route) ClearFlag 

func (r *Route) ClearFlag(flag NextHopFlag)

func (Route) Equal 

func (r Route) Equal(x Route) bool

func (*Route) ListFlags 

func (r *Route) ListFlags() []string

func (*Route) SetFlag 

func (r *Route) SetFlag(flag NextHopFlag)

func (Route) String 

func (r Route) String() string

type RouteUpdate 

type RouteUpdate struct {
	Type uint16
	Route
}

RouteUpdate is sent when a route changes - type is RTM_NEWROUTE or RTM_DELROUTE

type Rule 

type Rule struct {
	Priority          int
	Family            int
	Table             int
	Mark              int
	Mask              int
	TunID             uint
	Goto              int
	Src               *net.IPNet
	Dst               *net.IPNet
	Flow              int
	IifName           string
	OifName           string
	SuppressIfgroup   int
	SuppressPrefixlen int
	Invert            bool
}

Rule represents a netlink rule.

func NewRule 

func NewRule() *Rule

NewRule return empty rules.

func (Rule) String 

func (r Rule) String() string

type Scope 

type Scope uint8

Scope is an enum representing a route scope.

type Sittun 

type Sittun struct {
	LinkAttrs
	Link       uint32
	Local      net.IP
	Remote     net.IP
	Ttl        uint8
	Tos        uint8
	PMtuDisc   uint8
	EncapType  uint16
	EncapFlags uint16
	EncapSport uint16
	EncapDport uint16
}

func (*Sittun) Attrs 

func (sittun *Sittun) Attrs() *LinkAttrs

func (*Sittun) Type 

func (sittun *Sittun) Type() string

type Socket 

type Socket struct {
	Family  uint8
	State   uint8
	Timer   uint8
	Retrans uint8
	ID      SocketID
	Expires uint32
	RQueue  uint32
	WQueue  uint32
	UID     uint32
	INode   uint32
}

Socket represents a netlink socket.

func SocketGet 

func SocketGet(local, remote net.Addr) (*Socket, error)

type SocketID 

type SocketID struct {
	SourcePort      uint16
	DestinationPort uint16
	Source          net.IP
	Destination     net.IP
	Interface       uint32
	Cookie          [2]uint32
}

SocketID identifies a single socket.

type Tbf 

type Tbf struct {
	QdiscAttrs
	Rate     uint64
	Limit    uint32
	Buffer   uint32
	Peakrate uint64
	Minburst uint32
}

Tbf is a classless qdisc that rate limits based on tokens

func (*Tbf) Attrs 

func (qdisc *Tbf) Attrs() *QdiscAttrs

func (*Tbf) Type 

func (qdisc *Tbf) Type() string

type TcAct 

type TcAct int32
const (
	TC_ACT_UNSPEC     TcAct = -1
	TC_ACT_OK         TcAct = 0
	TC_ACT_RECLASSIFY TcAct = 1
	TC_ACT_SHOT       TcAct = 2
	TC_ACT_PIPE       TcAct = 3
	TC_ACT_STOLEN     TcAct = 4
	TC_ACT_QUEUED     TcAct = 5
	TC_ACT_REPEAT     TcAct = 6
	TC_ACT_REDIRECT   TcAct = 7
	TC_ACT_JUMP       TcAct = 0x10000000
)

func (TcAct) String 

func (a TcAct) String() string

type TcPolAct 

type TcPolAct int32
const (
	TC_POLICE_UNSPEC     TcPolAct = TcPolAct(TC_ACT_UNSPEC)
	TC_POLICE_OK         TcPolAct = TcPolAct(TC_ACT_OK)
	TC_POLICE_RECLASSIFY TcPolAct = TcPolAct(TC_ACT_RECLASSIFY)
	TC_POLICE_SHOT       TcPolAct = TcPolAct(TC_ACT_SHOT)
	TC_POLICE_PIPE       TcPolAct = TcPolAct(TC_ACT_PIPE)
)

func (TcPolAct) String 

func (a TcPolAct) String() string

type TcU32Key 

type TcU32Key struct {
	Mask    uint32
	Val     uint32
	Off     int32
	OffMask int32
}

TcU32Key contained of Sel in the U32 filters. This is the copy and the frontend representation of nl.TcU32Key. It is serialized into chanonical nl.TcU32Sel with the appropriate endianness.

type TcU32Sel 

type TcU32Sel struct {
	Flags    uint8
	Offshift uint8
	Nkeys    uint8
	Pad      uint8
	Offmask  uint16
	Off      uint16
	Offoff   int16
	Hoff     int16
	Hmask    uint32
	Keys     []TcU32Key
}

Sel of the U32 filters that contains multiple TcU32Key. This is the copy and the frontend representation of nl.TcU32Sel. It is serialized into canonical nl.TcU32Sel with the appropriate endianness.

type Tuntap 

type Tuntap struct {
	LinkAttrs
	Mode   TuntapMode
	Flags  TuntapFlag
	Queues int
	Fds    []*os.File
}

Tuntap links created via /dev/tun/tap, but can be destroyed via netlink

func (*Tuntap) Attrs 

func (tuntap *Tuntap) Attrs() *LinkAttrs

func (*Tuntap) Type 

func (tuntap *Tuntap) Type() string

type TuntapFlag 

type TuntapFlag uint16

type TuntapMode 

type TuntapMode uint16

type U32 

type U32 struct {
	FilterAttrs
	ClassId    uint32
	RedirIndex int
	Sel        *TcU32Sel
	Actions    []Action
}

U32 filters on many packet related properties

func (*U32) Attrs 

func (filter *U32) Attrs() *FilterAttrs

func (*U32) Type 

func (filter *U32) Type() string

type Veth 

type Veth struct {
	LinkAttrs
	PeerName string // veth on create only
}

Veth devices must specify PeerName on create

func (*Veth) Attrs 

func (veth *Veth) Attrs() *LinkAttrs

func (*Veth) Type 

func (veth *Veth) Type() string

type Vlan 

type Vlan struct {
	LinkAttrs
	VlanId int
}

Vlan links have ParentIndex set in their Attrs()

func (*Vlan) Attrs 

func (vlan *Vlan) Attrs() *LinkAttrs

func (*Vlan) Type 

func (vlan *Vlan) Type() string

type Vrf 

type Vrf struct {
	LinkAttrs
	Table uint32
}

func (*Vrf) Attrs 

func (vrf *Vrf) Attrs() *LinkAttrs

func (*Vrf) Type 

func (vrf *Vrf) Type() string

type Vti 

type Vti struct {
	LinkAttrs
	IKey   uint32
	OKey   uint32
	Link   uint32
	Local  net.IP
	Remote net.IP
}

func (*Vti) Attrs 

func (vti *Vti) Attrs() *LinkAttrs

func (*Vti) Type 

func (iptun *Vti) Type() string

type Vxlan 

type Vxlan struct {
	LinkAttrs
	VxlanId        int
	VtepDevIndex   int
	SrcAddr        net.IP
	Group          net.IP
	TTL            int
	TOS            int
	Learning       bool
	Proxy          bool
	RSC            bool
	L2miss         bool
	L3miss         bool
	UDPCSum        bool
	UDP6ZeroCSumTx bool
	UDP6ZeroCSumRx bool
	NoAge          bool
	GBP            bool
	FlowBased      bool
	Age            int
	Limit          int
	Port           int
	PortLow        int
	PortHigh       int
}

func (*Vxlan) Attrs 

func (vxlan *Vxlan) Attrs() *LinkAttrs

func (*Vxlan) Type 

func (vxlan *Vxlan) Type() string

type XfrmMark 

type XfrmMark struct {
	Value uint32
	Mask  uint32
}

XfrmMark represents the mark associated to the state or policy

func (*XfrmMark) String 

func (m *XfrmMark) String() string

type XfrmPolicy 

type XfrmPolicy struct {
	Dst      *net.IPNet
	Src      *net.IPNet
	Proto    Proto
	DstPort  int
	SrcPort  int
	Dir      Dir
	Priority int
	Index    int
	Mark     *XfrmMark
	Tmpls    []XfrmPolicyTmpl
}

XfrmPolicy represents an ipsec policy. It represents the overlay network and has a list of XfrmPolicyTmpls representing the base addresses of the policy.

func XfrmPolicyList 

func XfrmPolicyList(family int) ([]XfrmPolicy, error)

func (XfrmPolicy) String 

func (p XfrmPolicy) String() string

type XfrmPolicyTmpl 

type XfrmPolicyTmpl struct {
	Dst   net.IP
	Src   net.IP
	Proto Proto
	Mode  Mode
	Spi   int
	Reqid int
}

XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec policy. These rules are matched with XfrmState to determine encryption and authentication algorithms.

func (XfrmPolicyTmpl) String 

func (t XfrmPolicyTmpl) String() string

type XfrmState 

type XfrmState struct {
	Dst          net.IP
	Src          net.IP
	Proto        Proto
	Mode         Mode
	Spi          int
	Reqid        int
	ReplayWindow int
	Limits       XfrmStateLimits
	Statistics   XfrmStateStats
	Mark         *XfrmMark
	Auth         *XfrmStateAlgo
	Crypt        *XfrmStateAlgo
	Aead         *XfrmStateAlgo
	Encap        *XfrmStateEncap
	ESN          bool
}

XfrmState represents the state of an ipsec policy. It optionally contains an XfrmStateAlgo for encryption and one for authentication.

func XfrmStateList 

func XfrmStateList(family int) ([]XfrmState, error)

func (XfrmState) Print 

func (sa XfrmState) Print(stats bool) string

func (XfrmState) String 

func (sa XfrmState) String() string

type XfrmStateAlgo 

type XfrmStateAlgo struct {
	Name        string
	Key         []byte
	TruncateLen int // Auth only
	ICVLen      int // AEAD only
}

XfrmStateAlgo represents the algorithm to use for the ipsec encryption.

func (XfrmStateAlgo) String 

func (a XfrmStateAlgo) String() string

type XfrmStateEncap 

type XfrmStateEncap struct {
	Type            EncapType
	SrcPort         int
	DstPort         int
	OriginalAddress net.IP
}

XfrmStateEncap represents the encapsulation to use for the ipsec encryption.

func (XfrmStateEncap) String 

func (e XfrmStateEncap) String() string

type XfrmStateLimits 

type XfrmStateLimits struct {
	ByteSoft    uint64
	ByteHard    uint64
	PacketSoft  uint64
	PacketHard  uint64
	TimeSoft    uint64
	TimeHard    uint64
	TimeUseSoft uint64
	TimeUseHard uint64
}

XfrmStateLimits represents the configured limits for the state.

type XfrmStateStats 

type XfrmStateStats struct {
	ReplayWindow uint32
	Replay       uint32
	Failed       uint32
	Bytes        uint64
	Packets      uint64
	AddTime      uint64
	UseTime      uint64
}

XfrmStateStats represents the current number of bytes/packets processed by this State, the State's installation and first use time and the replay window counters.

Source Files

View all Source files

Directories

Path Synopsis
Package nl has low level primitives for making Netlink calls.
 Package nl has low level primitives for making Netlink calls.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.