netlink

package
v0.7.0-dev.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 18, 2016 License: Apache-2.0, Apache-2.0 Imports: 13 Imported by: 0

README ¶

Build Status GoDoc

The netlink package provides a simple netlink library for go. Netlink is the interface a user-space program in linux uses to communicate with the kernel. It can be used to add and remove interfaces, set ip addresses and routes, and configure ipsec. Netlink communication requires elevated privileges, so in most cases this code needs to be run as root. Since low-level netlink messages are inscrutable at best, the library attempts to provide an api that is loosely modeled on the CLI provied by iproute2. Actions like ip link add will be accomplished via a similarly named function like AddLink(). This library began its life as a fork of the netlink functionality in docker/libcontainer but was heavily rewritten to improve testability, performance, and to add new functionality like ipsec xfrm handling.

Local Build and Test

You can use go get command:

go get github.com/vishvananda/netlink

Testing dependencies:

go get github.com/vishvananda/netns

Testing (requires root):

sudo -E go test github.com/vishvananda/netlink

Examples

Add a new bridge and add eth1 into it:

package main

import (
    "net"
    "github.com/vishvananda/netlink"
)

func main() {
    la := netlink.NewLinkAttrs()
    la.Name = "foo"
    mybridge := &netlink.Bridge{la}}
    _ := netlink.LinkAdd(mybridge)
    eth1, _ := netlink.LinkByName("eth1")
    netlink.LinkSetMaster(eth1, mybridge)
}

Note NewLinkAttrs constructor, it sets default values in structure. For now it sets only TxQLen to -1, so kernel will set default by itself. If you're using simple initialization(LinkAttrs{Name: "foo"}) TxQLen will be set to 0 unless you specify it like LinkAttrs{Name: "foo", TxQLen: 1000}.

Add a new ip address to loopback:

package main

import (
    "net"
    "github.com/vishvananda/netlink"
)

func main() {
    lo, _ := netlink.LinkByName("lo")
    addr, _ := netlink.ParseAddr("169.254.169.254/32")
    netlink.AddrAdd(lo, addr)
}

Future Work

Many pieces of netlink are not yet fully supported in the high-level interface. Aspects of virtually all of the high-level objects don't exist. Many of the underlying primitives are there, so its a matter of putting the right fields into the high-level objects and making sure that they are serialized and deserialized correctly in the Add and List methods.

There are also a few pieces of low level netlink functionality that still need to be implemented. Routing rules are not in place and some of the more advanced link types. Hopefully there is decent structure and testing in place to make these fairly straightforward to add.

Documentation ¶

Overview ¶

Package netlink provides a simple library for netlink. Netlink is the interface a user-space program in linux uses to communicate with the kernel. It can be used to add and remove interfaces, set up ip addresses and routes, and confiugre ipsec. Netlink communication requires elevated privileges, so in most cases this code needs to be run as root. The low level primitives for netlink are contained in the nl subpackage. This package attempts to provide a high-level interface that is loosly modeled on the iproute2 cli.

Index ¶

Constants ¶

View Source
const (
	BOND_MODE_MASK uint64 = 1 << (1 + iota)
	BOND_ACTIVE_SLAVE_MASK
	BOND_MIIMON_MASK
	BOND_UPDELAY_MASK
	BOND_DOWNDELAY_MASK
	BOND_USE_CARRIER_MASK
	BOND_ARP_INTERVAL_MASK
	BOND_ARP_VALIDATE_MASK
	BOND_ARP_ALL_TARGETS_MASK
	BOND_PRIMARY_MASK
	BOND_PRIMARY_RESELECT_MASK
	BOND_FAIL_OVER_MAC_MASK
	BOND_XMIT_HASH_POLICY_MASK
	BOND_RESEND_IGMP_MASK
	BOND_NUM_PEER_NOTIF_MASK
	BOND_ALL_SLAVES_ACTIVE_MASK
	BOND_MIN_LINKS_MASK
	BOND_LP_INTERVAL_MASK
	BOND_PACKETS_PER_SLAVE_MASK
	BOND_LACP_RATE_MASK
	BOND_AD_SELECT_MASK
)

Flag mask for bond options. Bond.Flagmask must be set to on for option to work.

View Source
const (
	SizeOfIfReq = 40
	IFNAMSIZ    = 16
)

ideally golang.org/x/sys/unix would define IfReq but it only has IFNAMSIZ, hence this minimalistic implementation

View Source
const (
	NDA_UNSPEC = iota
	NDA_DST
	NDA_LLADDR
	NDA_CACHEINFO
	NDA_PROBES
	NDA_VLAN
	NDA_PORT
	NDA_VNI
	NDA_IFINDEX
	NDA_MAX = NDA_IFINDEX
)
View Source
const (
	NUD_NONE       = 0x00
	NUD_INCOMPLETE = 0x01
	NUD_REACHABLE  = 0x02
	NUD_STALE      = 0x04
	NUD_DELAY      = 0x08
	NUD_PROBE      = 0x10
	NUD_FAILED     = 0x20
	NUD_NOARP      = 0x40
	NUD_PERMANENT  = 0x80
)

Neighbor Cache Entry States.

View Source
const (
	NTF_USE    = 0x01
	NTF_SELF   = 0x02
	NTF_MASTER = 0x04
	NTF_PROXY  = 0x08
	NTF_ROUTER = 0x80
)

Neighbor Flags

View Source
const (
	// Family type definitions
	FAMILY_ALL = nl.FAMILY_ALL
	FAMILY_V4  = nl.FAMILY_V4
	FAMILY_V6  = nl.FAMILY_V6
)
View Source
const (
	HANDLE_NONE      = 0
	HANDLE_INGRESS   = 0xFFFFFFF1
	HANDLE_ROOT      = 0xFFFFFFFF
	PRIORITY_MAP_LEN = 16
)
View Source
const (
	RT_FILTER_PROTOCOL uint64 = 1 << (1 + iota)
	RT_FILTER_SCOPE
	RT_FILTER_TYPE
	RT_FILTER_TOS
	RT_FILTER_IIF
	RT_FILTER_OIF
	RT_FILTER_DST
	RT_FILTER_SRC
	RT_FILTER_GW
	RT_FILTER_TABLE
)
View Source
const IFA_FLAGS = 0x8

IFA_FLAGS is a u32 attribute.

View Source
const (
	TIME_UNITS_PER_SEC = 1000000
)

Variables ¶

View Source
var StringToBondLacpRateMap = map[string]BondLacpRate{
	"slow": BOND_LACP_RATE_SLOW,
	"fast": BOND_LACP_RATE_FAST,
}
View Source
var StringToBondModeMap = map[string]BondMode{
	"802.3ad":       BOND_MODE_802_3AD,
	"balance-rr":    BOND_MODE_BALANCE_RR,
	"active-backup": BOND_MODE_ACTIVE_BACKUP,
	"balance-xor":   BOND_MODE_BALANCE_XOR,
	"broadcast":     BOND_MODE_BROADCAST,
	"balance-tlb":   BOND_MODE_BALANCE_TLB,
	"balance-alb":   BOND_MODE_BALANCE_ALB,
}

Functions ¶

func AddrAdd ¶

func AddrAdd(link Link, addr *Addr) error

AddrAdd will add an IP address to a link device. Equivalent to: `ip addr add $addr dev $link`

func AddrDel ¶

func AddrDel(link Link, addr *Addr) error

AddrDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`

func AdjustSize ¶

func AdjustSize(sz uint, mpu uint, linklayer int) uint

func AlignToAtm ¶

func AlignToAtm(size uint) uint

func CalcRtable ¶

func CalcRtable(rate *nl.TcRateSpec, rtab [256]uint32, cell_log int, mtu uint32, linklayer int) int

func ClassAdd ¶

func ClassAdd(class Class) error

ClassAdd will add a class to the system. Equivalent to: `tc class add $class`

func ClassChange ¶ added in v0.5.2

func ClassChange(class Class) error

func ClassDel ¶

func ClassDel(class Class) error

ClassDel will delete a class from the system. Equivalent to: `tc class del $class`

func ClassReplace ¶ added in v0.5.2

func ClassReplace(class Class) error

ClassReplace will replace a class to the system. quivalent to: `tc class replace $class` The handle MAY be changed. If a class already exist with this parent/handle pair, the class is changed. If a class does not already exist with this parent/handle, a new class is created.

func ClockFactor ¶

func ClockFactor() float64

func DeserializeRtab ¶

func DeserializeRtab(b []byte) [256]uint32

func FilterAdd ¶

func FilterAdd(filter Filter) error

FilterAdd will add a filter to the system. Equivalent to: `tc filter add $filter`

func FilterDel ¶

func FilterDel(filter Filter) error

FilterDel will delete a filter from the system. Equivalent to: `tc filter del $filter`

func HandleStr ¶

func HandleStr(handle uint32) string

func Hz ¶

func Hz() float64

func LinkAdd ¶

func LinkAdd(link Link) error

LinkAdd adds a new link device. The type and features of the device are taken fromt the parameters in the link object. Equivalent to: `ip link add $link`

func LinkDel ¶

func LinkDel(link Link) error

LinkDel deletes link device. Either Index or Name must be set in the link object for it to be deleted. The other values are ignored. Equivalent to: `ip link del $link`

func LinkSetAlias ¶ added in v0.5.2

func LinkSetAlias(link Link, name string) error

LinkSetAlias sets the alias of the link device. Equivalent to: `ip link set dev $link alias $name`

func LinkSetDown ¶

func LinkSetDown(link Link) error

LinkSetDown disables link device. Equivalent to: `ip link set $link down`

func LinkSetFastLeave ¶

func LinkSetFastLeave(link Link, mode bool) error

func LinkSetFlood ¶

func LinkSetFlood(link Link, mode bool) error

func LinkSetGuard ¶

func LinkSetGuard(link Link, mode bool) error

func LinkSetHairpin ¶

func LinkSetHairpin(link Link, mode bool) error

func LinkSetHardwareAddr ¶

func LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error

LinkSetHardwareAddr sets the hardware address of the link device. Equivalent to: `ip link set $link address $hwaddr`

func LinkSetLearning ¶

func LinkSetLearning(link Link, mode bool) error

func LinkSetMTU ¶

func LinkSetMTU(link Link, mtu int) error

LinkSetMTU sets the mtu of the link device. Equivalent to: `ip link set $link mtu $mtu`

func LinkSetMaster ¶

func LinkSetMaster(link Link, master *Bridge) error

LinkSetMaster sets the master of the link device. Equivalent to: `ip link set $link master $master`

func LinkSetMasterByIndex ¶

func LinkSetMasterByIndex(link Link, masterIndex int) error

LinkSetMasterByIndex sets the master of the link device. Equivalent to: `ip link set $link master $master`

func LinkSetName ¶

func LinkSetName(link Link, name string) error

LinkSetName sets the name of the link device. Equivalent to: `ip link set $link name $name`

func LinkSetNoMaster ¶ added in v0.5.2

func LinkSetNoMaster(link Link) error

LinkSetNoMaster removes the master of the link device. Equivalent to: `ip link set $link nomaster`

func LinkSetNsFd ¶

func LinkSetNsFd(link Link, fd int) error

LinkSetNsFd puts the device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `ip link set $link netns $ns`

func LinkSetNsPid ¶

func LinkSetNsPid(link Link, nspid int) error

LinkSetNsPid puts the device into a new network namespace. The pid must be a pid of a running process. Equivalent to: `ip link set $link netns $pid`

func LinkSetRootBlock ¶

func LinkSetRootBlock(link Link, mode bool) error

func LinkSetUp ¶

func LinkSetUp(link Link) error

LinkSetUp enables the link device. Equivalent to: `ip link set $link up`

func LinkSubscribe ¶

func LinkSubscribe(ch chan<- LinkUpdate, done <-chan struct{}) error

LinkSubscribe takes a chan down which notifications will be sent when links change. Close the 'done' chan to stop subscription.

func MajorMinor ¶

func MajorMinor(handle uint32) (uint16, uint16)

func MakeHandle ¶

func MakeHandle(major, minor uint16) uint32

func NeighAdd ¶

func NeighAdd(neigh *Neigh) error

NeighAdd will add an IP to MAC mapping to the ARP table Equivalent to: `ip neigh add ....`

func NeighAppend ¶

func NeighAppend(neigh *Neigh) error

NeighAppend will append an entry to FDB Equivalent to: `bridge fdb append...`

func NeighDel ¶

func NeighDel(neigh *Neigh) error

NeighDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`

func NeighSet ¶

func NeighSet(neigh *Neigh) error

NeighSet will add or replace an IP to MAC mapping to the ARP table Equivalent to: `ip neigh replace....`

func NewIPNet ¶

func NewIPNet(ip net.IP) *net.IPNet

NewIPNet generates an IPNet from an ip address using a netmask of 32 or 128.

func ParseIPNet ¶

func ParseIPNet(s string) (*net.IPNet, error)

ParseIPNet parses a string in ip/net format and returns a net.IPNet. This is valuable because addresses in netlink are often IPNets and ParseCIDR returns an IPNet with the IP part set to the base IP of the range.

func Percentage2u32 ¶ added in v0.5.2

func Percentage2u32(percentage float32) uint32

func QdiscAdd ¶

func QdiscAdd(qdisc Qdisc) error

QdiscAdd will add a qdisc to the system. Equivalent to: `tc qdisc add $qdisc`

func QdiscChange ¶ added in v0.5.2

func QdiscChange(qdisc Qdisc) error

QdiscChange will change a qdisc in place Equivalent to: `tc qdisc change $qdisc` The parent and handle MUST NOT be changed.

func QdiscDel ¶

func QdiscDel(qdisc Qdisc) error

QdiscDel will delete a qdisc from the system. Equivalent to: `tc qdisc del $qdisc`

func QdiscReplace ¶ added in v0.5.2

func QdiscReplace(qdisc Qdisc) error

QdiscReplace will replace a qdisc to the system. Equivalent to: `tc qdisc replace $qdisc` The handle MUST change.

func RouteAdd ¶

func RouteAdd(route *Route) error

RouteAdd will add a route to the system. Equivalent to: `ip route add $route`

func RouteDel ¶

func RouteDel(route *Route) error

RouteDel will delete a route from the system. Equivalent to: `ip route del $route`

func RouteSubscribe ¶

func RouteSubscribe(ch chan<- RouteUpdate, done <-chan struct{}) error

RouteSubscribe takes a chan down which notifications will be sent when routes are added or deleted. Close the 'done' chan to stop subscription.

func RuleAdd ¶ added in v0.5.2

func RuleAdd(rule *Rule) error

RuleAdd adds a rule to the system. Equivalent to: ip rule add

func RuleDel ¶ added in v0.5.2

func RuleDel(rule *Rule) error

RuleDel deletes a rule from the system. Equivalent to: ip rule del

func SerializeRtab ¶

func SerializeRtab(rtab [256]uint32) []byte

func TickInUsec ¶

func TickInUsec() float64

func XfrmPolicyAdd ¶

func XfrmPolicyAdd(policy *XfrmPolicy) error

XfrmPolicyAdd will add an xfrm policy to the system. Equivalent to: `ip xfrm policy add $policy`

func XfrmPolicyDel ¶

func XfrmPolicyDel(policy *XfrmPolicy) error

XfrmPolicyDel will delete an xfrm policy from the system. Note that the Tmpls are ignored when matching the policy to delete. Equivalent to: `ip xfrm policy del $policy`

func XfrmStateAdd ¶

func XfrmStateAdd(state *XfrmState) error

XfrmStateAdd will add an xfrm state to the system. Equivalent to: `ip xfrm state add $state`

func XfrmStateDel ¶

func XfrmStateDel(state *XfrmState) error

XfrmStateDel will delete an xfrm state from the system. Note that the Algos are ignored when matching the state to delete. Equivalent to: `ip xfrm state del $state`

func Xmittime ¶

func Xmittime(rate uint64, size uint32) float64

Types ¶

type Addr ¶

type Addr struct {
	*net.IPNet
	Label string
	Flags int
	Scope int
}

Addr represents an IP address from netlink. Netlink ip addresses include a mask, so it stores the address as a net.IPNet.

func AddrList ¶

func AddrList(link Link, family int) ([]Addr, error)

AddrList gets a list of IP addresses in the system. Equivalent to: `ip addr show`. The list can be filtered by link and ip family.

func ParseAddr ¶

func ParseAddr(s string) (*Addr, error)

ParseAddr parses the string representation of an address in the form $ip/$netmask $label. The label portion is optional

func (Addr) Equal ¶

func (a Addr) Equal(x Addr) bool

Equal returns true if both Addrs have the same net.IPNet value.

func (Addr) String ¶

func (a Addr) String() string

String returns $ip/$netmask $label

type Bond ¶ added in v0.5.2

type Bond struct {
	LinkAttrs
	Mode            BondMode
	ActiveSlave     int
	Miimon          int
	UpDelay         int
	DownDelay       int
	UseCarrier      int
	ArpInterval     int
	ArpIpTargets    []net.IP
	ArpValidate     BondArpValidate
	ArpAllTargets   BondArpAllTargets
	Primary         int
	PrimaryReselect BondPrimaryReselect
	FailOverMac     BondFailOverMac
	XmitHashPolicy  BondXmitHashPolicy
	ResendIgmp      int
	NumPeerNotif    int
	AllSlavesActive int
	MinLinks        int
	LpInterval      int
	PackersPerSlave int
	LacpRate        BondLacpRate
	AdSelect        BondAdSelect
	// looking at iproute tool AdInfo can only be retrived. It can't be set.
	AdInfo *BondAdInfo
}

Bond representation

func NewLinkBond ¶ added in v0.5.2

func NewLinkBond(atr LinkAttrs) *Bond

func (*Bond) Attrs ¶ added in v0.5.2

func (bond *Bond) Attrs() *LinkAttrs

Attrs implementation.

func (*Bond) Type ¶ added in v0.5.2

func (bond *Bond) Type() string

Type implementation fro Vxlan.

type BondAdInfo ¶ added in v0.5.2

type BondAdInfo struct {
	AggregatorId int
	NumPorts     int
	ActorKey     int
	PartnerKey   int
	PartnerMac   net.HardwareAddr
}

BondAdInfo

type BondAdSelect ¶ added in v0.5.2

type BondAdSelect int

BondAdSelect type

const (
	BOND_AD_SELECT_STABLE BondAdSelect = iota
	BOND_AD_SELECT_BANDWIDTH
	BOND_AD_SELECT_COUNT
)

Possible BondAdSelect value

type BondArpAllTargets ¶ added in v0.5.2

type BondArpAllTargets int

BondArpAllTargets type

const (
	BOND_ARP_ALL_TARGETS_ANY BondArpAllTargets = iota
	BOND_ARP_ALL_TARGETS_ALL
)

Possible BondArpAllTargets value

type BondArpValidate ¶ added in v0.5.2

type BondArpValidate int

BondArpValidate type

const (
	BOND_ARP_VALIDATE_NONE BondArpValidate = iota
	BOND_ARP_VALIDATE_ACTIVE
	BOND_ARP_VALIDATE_BACKUP
	BOND_ARP_VALIDATE_ALL
)

Possible BondArpValidate value

type BondFailOverMac ¶ added in v0.5.2

type BondFailOverMac int

BondFailOverMac type

const (
	BOND_FAIL_OVER_MAC_NONE BondFailOverMac = iota
	BOND_FAIL_OVER_MAC_ACTIVE
	BOND_FAIL_OVER_MAC_FOLLOW
)

Possible BondFailOverMac value

type BondLacpRate ¶ added in v0.5.2

type BondLacpRate int

BondLacpRate type

const (
	BOND_LACP_RATE_SLOW BondLacpRate = iota
	BOND_LACP_RATE_FAST
	BOND_LACP_RATE_UNKNOWN
)

Possible BondLacpRate value

func StringToBondLacpRate ¶ added in v0.5.2

func StringToBondLacpRate(s string) BondLacpRate

StringToBondLacpRate returns bond lacp arte, or uknonw is the s is invalid.

func (BondLacpRate) String ¶ added in v0.5.2

func (b BondLacpRate) String() string

type BondMode ¶ added in v0.5.2

type BondMode int

BondMode type

const (
	BOND_MODE_802_3AD BondMode = iota
	BOND_MODE_BALANCE_RR
	BOND_MODE_ACTIVE_BACKUP
	BOND_MODE_BALANCE_XOR
	BOND_MODE_BROADCAST
	BOND_MODE_BALANCE_TLB
	BOND_MODE_BALANCE_ALB
	BOND_MODE_UNKNOWN
)

Possible BondMode

func StringToBondMode ¶ added in v0.5.2

func StringToBondMode(s string) BondMode

StringToBondMode returns bond mode, or uknonw is the s is invalid.

func (BondMode) String ¶ added in v0.5.2

func (b BondMode) String() string

type BondPrimaryReselect ¶ added in v0.5.2

type BondPrimaryReselect int

BondPrimaryReselect type

const (
	BOND_PRIMARY_RESELECT_ALWAYS BondPrimaryReselect = iota
	BOND_PRIMARY_RESELECT_BETTER
	BOND_PRIMARY_RESELECT_FAILURE
)

Possible BondPrimaryReselect value

type BondXmitHashPolicy ¶ added in v0.5.2

type BondXmitHashPolicy int

BondXmitHashPolicy type

const (
	BOND_XMIT_HASH_POLICY_LAYER2 BondXmitHashPolicy = iota
	BOND_XMIT_HASH_POLICY_LAYER3_4
	BOND_XMIT_HASH_POLICY_LAYER2_3
	BOND_XMIT_HASH_POLICY_ENCAP2_3
	BOND_XMIT_HASH_POLICY_ENCAP3_4
	BOND_XMIT_HASH_POLICY_UNKNOWN
)

Possible BondXmitHashPolicy value

func StringToBondXmitHashPolicy ¶ added in v0.5.2

func StringToBondXmitHashPolicy(s string) BondXmitHashPolicy

StringToBondXmitHashPolicy returns bond lacp arte, or uknonw is the s is invalid.

func (BondXmitHashPolicy) String ¶ added in v0.5.2

func (b BondXmitHashPolicy) String() string

type Bridge ¶

type Bridge struct {
	LinkAttrs
}

Bridge links are simple linux bridges

func (*Bridge) Attrs ¶

func (bridge *Bridge) Attrs() *LinkAttrs

func (*Bridge) Type ¶

func (bridge *Bridge) Type() string

type Class ¶

type Class interface {
	Attrs() *ClassAttrs
	Type() string
}

func ClassList ¶

func ClassList(link Link, parent uint32) ([]Class, error)

ClassList gets a list of classes in the system. Equivalent to: `tc class show`. Generally returns nothing if link and parent are not specified.

type ClassAttrs ¶

type ClassAttrs struct {
	LinkIndex int
	Handle    uint32
	Parent    uint32
	Leaf      uint32
}

Class represents a netlink class. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.

func (ClassAttrs) String ¶

func (q ClassAttrs) String() string

type Device ¶

type Device struct {
	LinkAttrs
}

Device links cannot be created via netlink. These links are links created by udev like 'lo' and 'etho0'

func (*Device) Attrs ¶

func (device *Device) Attrs() *LinkAttrs

func (*Device) Type ¶

func (device *Device) Type() string

type Dir ¶

type Dir uint8

Dir is an enum representing an ipsec template direction.

const (
	XFRM_DIR_IN Dir = iota
	XFRM_DIR_OUT
	XFRM_DIR_FWD
	XFRM_SOCKET_IN
	XFRM_SOCKET_OUT
	XFRM_SOCKET_FWD
)

func (Dir) String ¶

func (d Dir) String() string

type Dummy ¶

type Dummy struct {
	LinkAttrs
}

Dummy links are dummy ethernet devices

func (*Dummy) Attrs ¶

func (dummy *Dummy) Attrs() *LinkAttrs

func (*Dummy) Type ¶

func (dummy *Dummy) Type() string

type EncapType ¶

type EncapType uint8

EncapType is an enum representing an ipsec template direction.

const (
	XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1
	XFRM_ENCAP_ESPINUDP
)

func (EncapType) String ¶

func (e EncapType) String() string

type Filter ¶

type Filter interface {
	Attrs() *FilterAttrs
	Type() string
}

func FilterList ¶

func FilterList(link Link, parent uint32) ([]Filter, error)

FilterList gets a list of filters in the system. Equivalent to: `tc filter show`. Generally retunrs nothing if link and parent are not specified.

type FilterAttrs ¶

type FilterAttrs struct {
	LinkIndex int
	Handle    uint32
	Parent    uint32
	Priority  uint16 // lower is higher priority
	Protocol  uint16 // syscall.ETH_P_*
}

Filter represents a netlink filter. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.

func (FilterAttrs) String ¶

func (q FilterAttrs) String() string

type FilterFwAttrs ¶

type FilterFwAttrs struct {
	ClassId   uint32
	InDev     string
	Mask      uint32
	Index     uint32
	Buffer    uint32
	Mtu       uint32
	Mpu       uint16
	Rate      uint32
	AvRate    uint32
	PeakRate  uint32
	Action    int
	Overhead  uint16
	LinkLayer int
}

type Fw ¶

type Fw struct {
	FilterAttrs
	ClassId uint32
	Police  nl.TcPolice
	InDev   string
	// TODO Action
	Mask   uint32
	AvRate uint32
	Rtab   [256]uint32
	Ptab   [256]uint32
}

FwFilter filters on firewall marks

func NewFw ¶

func NewFw(attrs FilterAttrs, fattrs FilterFwAttrs) (*Fw, error)

func (*Fw) Attrs ¶

func (filter *Fw) Attrs() *FilterAttrs

func (*Fw) Type ¶

func (filter *Fw) Type() string

type GenericClass ¶

type GenericClass struct {
	ClassAttrs
	ClassType string
}

GenericClass classes represent types that are not currently understood by this netlink library.

func (*GenericClass) Attrs ¶

func (class *GenericClass) Attrs() *ClassAttrs

func (*GenericClass) Type ¶

func (class *GenericClass) Type() string

type GenericFilter ¶

type GenericFilter struct {
	FilterAttrs
	FilterType string
}

GenericFilter filters represent types that are not currently understood by this netlink library.

func (*GenericFilter) Attrs ¶

func (filter *GenericFilter) Attrs() *FilterAttrs

func (*GenericFilter) Type ¶

func (filter *GenericFilter) Type() string
type GenericLink struct {
	LinkAttrs
	LinkType string
}

GenericLink links represent types that are not currently understood by this netlink library.

func (*GenericLink) Attrs ¶

func (generic *GenericLink) Attrs() *LinkAttrs

func (*GenericLink) Type ¶

func (generic *GenericLink) Type() string

type GenericQdisc ¶

type GenericQdisc struct {
	QdiscAttrs
	QdiscType string
}

GenericQdisc qdiscs represent types that are not currently understood by this netlink library.

func (*GenericQdisc) Attrs ¶

func (qdisc *GenericQdisc) Attrs() *QdiscAttrs

func (*GenericQdisc) Type ¶

func (qdisc *GenericQdisc) Type() string

type Gretap ¶ added in v0.5.2

type Gretap struct {
	LinkAttrs
	IKey       uint32
	OKey       uint32
	EncapSport uint16
	EncapDport uint16
	Local      net.IP
	Remote     net.IP
	IFlags     uint16
	OFlags     uint16
	PMtuDisc   uint8
	Ttl        uint8
	Tos        uint8
	EncapType  uint16
	EncapFlags uint16
	Link       uint32
}

GreTap devices must specify LocalIP and RemoteIP on create

func (*Gretap) Attrs ¶ added in v0.5.2

func (gretap *Gretap) Attrs() *LinkAttrs

func (*Gretap) Type ¶ added in v0.5.2

func (gretap *Gretap) Type() string

type Htb ¶

type Htb struct {
	QdiscAttrs
	Version      uint32
	Rate2Quantum uint32
	Defcls       uint32
	Debug        uint32
	DirectPkts   uint32
}

Htb is a classful qdisc that rate limits based on tokens

func NewHtb ¶

func NewHtb(attrs QdiscAttrs) *Htb

func (*Htb) Attrs ¶

func (qdisc *Htb) Attrs() *QdiscAttrs

func (*Htb) Type ¶

func (qdisc *Htb) Type() string

type HtbClass ¶

type HtbClass struct {
	ClassAttrs
	Rate    uint64
	Ceil    uint64
	Buffer  uint32
	Cbuffer uint32
	Quantum uint32
	Level   uint32
	Prio    uint32
}

Htb class

func NewHtbClass ¶

func NewHtbClass(attrs ClassAttrs, cattrs HtbClassAttrs) *HtbClass

func (*HtbClass) Attrs ¶

func (class *HtbClass) Attrs() *ClassAttrs

func (HtbClass) String ¶

func (q HtbClass) String() string

func (*HtbClass) Type ¶

func (class *HtbClass) Type() string

type HtbClassAttrs ¶

type HtbClassAttrs struct {
	// TODO handle all attributes
	Rate    uint64
	Ceil    uint64
	Buffer  uint32
	Cbuffer uint32
	Quantum uint32
	Level   uint32
	Prio    uint32
}

func (HtbClassAttrs) String ¶

func (q HtbClassAttrs) String() string

type IPVlan ¶

type IPVlan struct {
	LinkAttrs
	Mode IPVlanMode
}

func (*IPVlan) Attrs ¶

func (ipvlan *IPVlan) Attrs() *LinkAttrs

func (*IPVlan) Type ¶

func (ipvlan *IPVlan) Type() string

type IPVlanMode ¶

type IPVlanMode uint16
const (
	IPVLAN_MODE_L2 IPVlanMode = iota
	IPVLAN_MODE_L3
	IPVLAN_MODE_MAX
)

type Ifb ¶

type Ifb struct {
	LinkAttrs
}

Ifb links are advanced dummy devices for packet filtering

func (*Ifb) Attrs ¶

func (ifb *Ifb) Attrs() *LinkAttrs

func (*Ifb) Type ¶

func (ifb *Ifb) Type() string

type Ingress ¶

type Ingress struct {
	QdiscAttrs
}

Ingress is a qdisc for adding ingress filters

func (*Ingress) Attrs ¶

func (qdisc *Ingress) Attrs() *QdiscAttrs

func (*Ingress) Type ¶

func (qdisc *Ingress) Type() string
type Link interface {
	Attrs() *LinkAttrs
	Type() string
}

Link represents a link device from netlink. Shared link attributes like name may be retrieved using the Attrs() method. Unique data can be retrieved by casting the object to the proper type.

func LinkByAlias ¶ added in v0.5.2

func LinkByAlias(alias string) (Link, error)

LinkByAlias finds a link by its alias and returns a pointer to the object. If there are multiple links with the alias it returns the first one

func LinkByIndex ¶

func LinkByIndex(index int) (Link, error)

LinkByIndex finds a link by index and returns a pointer to the object.

func LinkByName ¶

func LinkByName(name string) (Link, error)

LinkByName finds a link by name and returns a pointer to the object.

func LinkList() ([]Link, error)

LinkList gets a list of link devices. Equivalent to: `ip link show`

type LinkAttrs ¶

type LinkAttrs struct {
	Index        int
	MTU          int
	TxQLen       int // Transmit Queue Length
	Name         string
	HardwareAddr net.HardwareAddr
	Flags        net.Flags
	ParentIndex  int         // index of the parent link device
	MasterIndex  int         // must be the index of a bridge
	Namespace    interface{} // nil | NsPid | NsFd
	Alias        string
}

LinkAttrs represents data shared by most link types

func NewLinkAttrs ¶

func NewLinkAttrs() LinkAttrs

NewLinkAttrs returns LinkAttrs structure filled with default values

type LinkUpdate ¶

type LinkUpdate struct {
	nl.IfInfomsg
	Link
}

LinkUpdate is used to pass information back from LinkSubscribe()

type Macvlan ¶

type Macvlan struct {
	LinkAttrs
	Mode MacvlanMode
}

Macvlan links have ParentIndex set in their Attrs()

func (*Macvlan) Attrs ¶

func (macvlan *Macvlan) Attrs() *LinkAttrs

func (*Macvlan) Type ¶

func (macvlan *Macvlan) Type() string

type MacvlanMode ¶

type MacvlanMode uint16
const (
	MACVLAN_MODE_DEFAULT MacvlanMode = iota
	MACVLAN_MODE_PRIVATE
	MACVLAN_MODE_VEPA
	MACVLAN_MODE_BRIDGE
	MACVLAN_MODE_PASSTHRU
	MACVLAN_MODE_SOURCE
)

type Macvtap ¶

type Macvtap struct {
	Macvlan
}

Macvtap - macvtap is a virtual interfaces based on macvlan

func (Macvtap) Type ¶

func (macvtap Macvtap) Type() string

type Mode ¶

type Mode uint8

Mode is an enum representing an ipsec transport.

const (
	XFRM_MODE_TRANSPORT Mode = iota
	XFRM_MODE_TUNNEL
	XFRM_MODE_ROUTEOPTIMIZATION
	XFRM_MODE_IN_TRIGGER
	XFRM_MODE_BEET
	XFRM_MODE_MAX
)

func (Mode) String ¶

func (m Mode) String() string

type Ndmsg ¶

type Ndmsg struct {
	Family uint8
	Index  uint32
	State  uint16
	Flags  uint8
	Type   uint8
}

func (*Ndmsg) Len ¶

func (msg *Ndmsg) Len() int

func (*Ndmsg) Serialize ¶

func (msg *Ndmsg) Serialize() []byte

type Neigh ¶

type Neigh struct {
	LinkIndex    int
	Family       int
	State        int
	Type         int
	Flags        int
	IP           net.IP
	HardwareAddr net.HardwareAddr
}

Neigh represents a link layer neighbor from netlink.

func NeighDeserialize ¶

func NeighDeserialize(m []byte) (*Neigh, error)

func NeighList ¶

func NeighList(linkIndex, family int) ([]Neigh, error)

NeighList gets a list of IP-MAC mappings in the system (ARP table). Equivalent to: `ip neighbor show`. The list can be filtered by link and ip family.

func (*Neigh) String ¶

func (neigh *Neigh) String() string

String returns $ip/$hwaddr $label

type Netem ¶ added in v0.5.2

type Netem struct {
	QdiscAttrs
	Latency       uint32
	DelayCorr     uint32
	Limit         uint32
	Loss          uint32
	LossCorr      uint32
	Gap           uint32
	Duplicate     uint32
	DuplicateCorr uint32
	Jitter        uint32
	ReorderProb   uint32
	ReorderCorr   uint32
	CorruptProb   uint32
	CorruptCorr   uint32
}

func NewNetem ¶ added in v0.5.2

func NewNetem(attrs QdiscAttrs, nattrs NetemQdiscAttrs) *Netem

func (*Netem) Attrs ¶ added in v0.5.2

func (qdisc *Netem) Attrs() *QdiscAttrs

func (*Netem) Type ¶ added in v0.5.2

func (qdisc *Netem) Type() string

type NetemQdiscAttrs ¶ added in v0.5.2

type NetemQdiscAttrs struct {
	Latency       uint32  // in us
	DelayCorr     float32 // in %
	Limit         uint32
	Loss          float32 // in %
	LossCorr      float32 // in %
	Gap           uint32
	Duplicate     float32 // in %
	DuplicateCorr float32 // in %
	Jitter        uint32  // in us
	ReorderProb   float32 // in %
	ReorderCorr   float32 // in %
	CorruptProb   float32 // in %
	CorruptCorr   float32 // in %
}

func (NetemQdiscAttrs) String ¶ added in v0.5.2

func (q NetemQdiscAttrs) String() string

type NextHopFlag ¶

type NextHopFlag int
const (
	FLAG_ONLINK    NextHopFlag = syscall.RTNH_F_ONLINK
	FLAG_PERVASIVE NextHopFlag = syscall.RTNH_F_PERVASIVE
)

type NsFd ¶

type NsFd int

type NsPid ¶

type NsPid int

type PfifoFast ¶

type PfifoFast struct {
	QdiscAttrs
	Bands       uint8
	PriorityMap [PRIORITY_MAP_LEN]uint8
}

PfifoFast is the default qdisc created by the kernel if one has not been defined for the interface

func (*PfifoFast) Attrs ¶

func (qdisc *PfifoFast) Attrs() *QdiscAttrs

func (*PfifoFast) Type ¶

func (qdisc *PfifoFast) Type() string

type Prio ¶

type Prio struct {
	QdiscAttrs
	Bands       uint8
	PriorityMap [PRIORITY_MAP_LEN]uint8
}

Prio is a basic qdisc that works just like PfifoFast

func NewPrio ¶

func NewPrio(attrs QdiscAttrs) *Prio

func (*Prio) Attrs ¶

func (qdisc *Prio) Attrs() *QdiscAttrs

func (*Prio) Type ¶

func (qdisc *Prio) Type() string

type Protinfo ¶

type Protinfo struct {
	Hairpin   bool
	Guard     bool
	FastLeave bool
	RootBlock bool
	Learning  bool
	Flood     bool
}

Protinfo represents bridge flags from netlink.

func LinkGetProtinfo ¶

func LinkGetProtinfo(link Link) (Protinfo, error)

func (*Protinfo) String ¶

func (prot *Protinfo) String() string

String returns a list of enabled flags

type Proto ¶

type Proto uint8

Proto is an enum representing an ipsec protocol.

const (
	XFRM_PROTO_ROUTE2    Proto = syscall.IPPROTO_ROUTING
	XFRM_PROTO_ESP       Proto = syscall.IPPROTO_ESP
	XFRM_PROTO_AH        Proto = syscall.IPPROTO_AH
	XFRM_PROTO_HAO       Proto = syscall.IPPROTO_DSTOPTS
	XFRM_PROTO_COMP      Proto = syscall.IPPROTO_COMP
	XFRM_PROTO_IPSEC_ANY Proto = syscall.IPPROTO_RAW
)

func (Proto) String ¶

func (p Proto) String() string

type Qdisc ¶

type Qdisc interface {
	Attrs() *QdiscAttrs
	Type() string
}

func QdiscList ¶

func QdiscList(link Link) ([]Qdisc, error)

QdiscList gets a list of qdiscs in the system. Equivalent to: `tc qdisc show`. The list can be filtered by link.

type QdiscAttrs ¶

type QdiscAttrs struct {
	LinkIndex int
	Handle    uint32
	Parent    uint32
	Refcnt    uint32 // read only
}

Qdisc represents a netlink qdisc. A qdisc is associated with a link, has a handle, a parent and a refcnt. The root qdisc of a device should have parent == HANDLE_ROOT.

func (QdiscAttrs) String ¶

func (q QdiscAttrs) String() string

type Route ¶

type Route struct {
	LinkIndex  int
	ILinkIndex int
	Scope      Scope
	Dst        *net.IPNet
	Src        net.IP
	Gw         net.IP
	Protocol   int
	Priority   int
	Table      int
	Type       int
	Tos        int
	Flags      int
}

Route represents a netlink route.

func RouteGet ¶

func RouteGet(destination net.IP) ([]Route, error)

RouteGet gets a route to a specific destination from the host system. Equivalent to: 'ip route get'.

func RouteList ¶

func RouteList(link Link, family int) ([]Route, error)

RouteList gets a list of routes in the system. Equivalent to: `ip route show`. The list can be filtered by link and ip family.

func RouteListFiltered ¶ added in v0.5.2

func RouteListFiltered(family int, filter *Route, filterMask uint64) ([]Route, error)

RouteListFiltered gets a list of routes in the system filtered with specified rules. All rules must be defined in RouteFilter struct

func (*Route) ClearFlag ¶

func (r *Route) ClearFlag(flag NextHopFlag)

func (*Route) ListFlags ¶

func (r *Route) ListFlags() []string

func (*Route) SetFlag ¶

func (r *Route) SetFlag(flag NextHopFlag)

func (Route) String ¶

func (r Route) String() string

type RouteUpdate ¶

type RouteUpdate struct {
	Type uint16
	Route
}

RouteUpdate is sent when a route changes - type is RTM_NEWROUTE or RTM_DELROUTE

type Rule ¶ added in v0.5.2

type Rule struct {
	*nl.RtMsg
	Priority          int
	Table             int
	Mark              int
	Mask              int
	TunID             uint
	Goto              int
	Src               *net.IPNet
	Dst               *net.IPNet
	Flow              int
	IifName           string
	OifName           string
	SuppressIfgroup   int
	SuppressPrefixlen int
}

Rule represents a netlink rule.

func NewRule ¶ added in v0.5.2

func NewRule() *Rule

NewRule return empty rules.

func RuleList ¶ added in v0.5.2

func RuleList(family int) ([]Rule, error)

RuleList lists rules in the system. Equivalent to: ip rule list

func (Rule) String ¶ added in v0.5.2

func (r Rule) String() string

type Scope ¶

type Scope uint8

Scope is an enum representing a route scope.

const (
	SCOPE_UNIVERSE Scope = syscall.RT_SCOPE_UNIVERSE
	SCOPE_SITE     Scope = syscall.RT_SCOPE_SITE
	SCOPE_LINK     Scope = syscall.RT_SCOPE_LINK
	SCOPE_HOST     Scope = syscall.RT_SCOPE_HOST
	SCOPE_NOWHERE  Scope = syscall.RT_SCOPE_NOWHERE
)

type Tbf ¶

type Tbf struct {
	QdiscAttrs
	// TODO: handle 64bit rate properly
	Rate   uint64
	Limit  uint32
	Buffer uint32
}

Tbf is a classless qdisc that rate limits based on tokens

func (*Tbf) Attrs ¶

func (qdisc *Tbf) Attrs() *QdiscAttrs

func (*Tbf) Type ¶

func (qdisc *Tbf) Type() string

type Tuntap ¶

type Tuntap struct {
	LinkAttrs
	Mode TuntapMode
}

Tuntap links created via /dev/tun/tap, but can be destroyed via netlink

func (*Tuntap) Attrs ¶

func (tuntap *Tuntap) Attrs() *LinkAttrs

func (*Tuntap) Type ¶

func (tuntap *Tuntap) Type() string

type TuntapMode ¶

type TuntapMode uint16
const (
	TUNTAP_MODE_TUN TuntapMode = syscall.IFF_TUN
	TUNTAP_MODE_TAP TuntapMode = syscall.IFF_TAP
)

type U32 ¶

type U32 struct {
	FilterAttrs
	// Currently only supports redirecting to another interface
	RedirIndex int
}

U32 filters on many packet related properties

func (*U32) Attrs ¶

func (filter *U32) Attrs() *FilterAttrs

func (*U32) Type ¶

func (filter *U32) Type() string

type Veth ¶

type Veth struct {
	LinkAttrs
	PeerName string // veth on create only
}

Veth devices must specify PeerName on create

func (*Veth) Attrs ¶

func (veth *Veth) Attrs() *LinkAttrs

func (*Veth) Type ¶

func (veth *Veth) Type() string

type Vlan ¶

type Vlan struct {
	LinkAttrs
	VlanId int
}

Vlan links have ParentIndex set in their Attrs()

func (*Vlan) Attrs ¶

func (vlan *Vlan) Attrs() *LinkAttrs

func (*Vlan) Type ¶

func (vlan *Vlan) Type() string

type Vxlan ¶

type Vxlan struct {
	LinkAttrs
	VxlanId      int
	VtepDevIndex int
	SrcAddr      net.IP
	Group        net.IP
	TTL          int
	TOS          int
	Learning     bool
	Proxy        bool
	RSC          bool
	L2miss       bool
	L3miss       bool
	NoAge        bool
	GBP          bool
	Age          int
	Limit        int
	Port         int
	PortLow      int
	PortHigh     int
}

func (*Vxlan) Attrs ¶

func (vxlan *Vxlan) Attrs() *LinkAttrs

func (*Vxlan) Type ¶

func (vxlan *Vxlan) Type() string

type XfrmPolicy ¶

type XfrmPolicy struct {
	Dst      *net.IPNet
	Src      *net.IPNet
	Dir      Dir
	Priority int
	Index    int
	Tmpls    []XfrmPolicyTmpl
}

XfrmPolicy represents an ipsec policy. It represents the overlay network and has a list of XfrmPolicyTmpls representing the base addresses of the policy.

func XfrmPolicyList ¶

func XfrmPolicyList(family int) ([]XfrmPolicy, error)

XfrmPolicyList gets a list of xfrm policies in the system. Equivalent to: `ip xfrm policy show`. The list can be filtered by ip family.

type XfrmPolicyTmpl ¶

type XfrmPolicyTmpl struct {
	Dst   net.IP
	Src   net.IP
	Proto Proto
	Mode  Mode
	Reqid int
}

XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec policy. These rules are matched with XfrmState to determine encryption and authentication algorithms.

type XfrmState ¶

type XfrmState struct {
	Dst          net.IP
	Src          net.IP
	Proto        Proto
	Mode         Mode
	Spi          int
	Reqid        int
	ReplayWindow int
	Auth         *XfrmStateAlgo
	Crypt        *XfrmStateAlgo
	Encap        *XfrmStateEncap
}

XfrmState represents the state of an ipsec policy. It optionally contains an XfrmStateAlgo for encryption and one for authentication.

func XfrmStateList ¶

func XfrmStateList(family int) ([]XfrmState, error)

XfrmStateList gets a list of xfrm states in the system. Equivalent to: `ip xfrm state show`. The list can be filtered by ip family.

type XfrmStateAlgo ¶

type XfrmStateAlgo struct {
	Name        string
	Key         []byte
	TruncateLen int // Auth only
}

XfrmStateAlgo represents the algorithm to use for the ipsec encryption.

type XfrmStateEncap ¶

type XfrmStateEncap struct {
	Type            EncapType
	SrcPort         int
	DstPort         int
	OriginalAddress net.IP
}

XfrmEncap represents the encapsulation to use for the ipsec encryption.

Directories ¶

Path Synopsis
Package nl has low level primitives for making Netlink calls.
Package nl has low level primitives for making Netlink calls.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL