/
types.go
141 lines (117 loc) · 4.25 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package rpcwrapper
import (
"time"
"go.aporeto.io/trireme-lib/collector"
"go.aporeto.io/trireme-lib/controller/pkg/fqconfig"
"go.aporeto.io/trireme-lib/controller/pkg/packettracing"
"go.aporeto.io/trireme-lib/controller/pkg/secrets"
"go.aporeto.io/trireme-lib/policy"
)
// CaptureType identifies the type of iptables implementation that should be used
type CaptureType int
const (
// IPTables forces an IPTables implementation
IPTables CaptureType = iota
// IPSets forces an IPSet implementation
IPSets
)
//Request exported
type Request struct {
HashAuth []byte
Payload interface{}
}
//exported consts from the package
const (
SUCCESS = 0
StatsChannel = "/var/run/statschannel.sock"
DebugChannel = "/var/run/debugchannel.sock"
)
//Response is the response for every RPC call. This is used to carry the status of the actual function call
//made on the remote end
type Response struct {
Status string
}
//InitRequestPayload Payload for enforcer init request
type InitRequestPayload struct {
FqConfig *fqconfig.FilterQueue `json:",omitempty"`
MutualAuth bool `json:",omitempty"`
PacketLogs bool `json:",omitempty"`
Validity time.Duration `json:",omitempty"`
ServerID string `json:",omitempty"`
ExternalIPCacheTimeout time.Duration `json:",omitempty"`
Secrets secrets.PublicSecrets `json:",omitempty"`
TargetNetworks []string `json:",omitempty"`
}
// UpdateSecretsPayload payload for the update secrets to remote enforcers
type UpdateSecretsPayload struct {
Secrets secrets.PublicSecrets `json:",omitempty"`
}
//InitSupervisorPayload for supervisor init request
type InitSupervisorPayload struct {
TriremeNetworks []string `json:",omitempty"`
CaptureMethod CaptureType `json:",omitempty"`
}
// EnforcePayload Payload for enforce request
type EnforcePayload struct {
ContextID string `json:",omitempty"`
Policy *policy.PUPolicyPublic `json:",omitempty"`
Secrets secrets.PublicSecrets `json:",omitempty"`
}
//SuperviseRequestPayload for Supervise request
type SuperviseRequestPayload struct {
ContextID string `json:",omitempty"`
Policy *policy.PUPolicyPublic `json:",omitempty"`
}
//UnEnforcePayload payload for unenforce request
type UnEnforcePayload struct {
ContextID string `json:",omitempty"`
}
//UnSupervisePayload payload for unsupervise request
type UnSupervisePayload struct {
ContextID string `json:",omitempty"`
}
//InitResponsePayload Response payload
type InitResponsePayload struct {
Status int `json:",omitempty"`
}
//EnforceResponsePayload exported
type EnforceResponsePayload struct {
Status int `json:",omitempty"`
}
//SuperviseResponsePayload exported
type SuperviseResponsePayload struct {
Status int `json:",omitempty"`
}
//UnEnforceResponsePayload exported
type UnEnforceResponsePayload struct {
Status int `json:",omitempty"`
}
//StatsPayload is the payload carries by the stats reporting form the remote enforcer
type StatsPayload struct {
Flows map[string]*collector.FlowRecord `json:",omitempty"`
Users map[string]*collector.UserRecord `json:",omitempty"`
}
// DebugPacketPayload is the enforcer packet report from remote enforcers
type DebugPacketPayload struct {
PacketRecords []*collector.PacketReport
}
//ExcludeIPRequestPayload carries the list of excluded ips
type ExcludeIPRequestPayload struct {
IPs []string `json:",omitempty"`
}
//SetTargetNetworks carries the payload for target networks
type SetTargetNetworks struct {
TargetNetworks []string `json:",omitempty"`
}
// EnableIPTablesPacketTracingPayLoad is the payload message to enable iptable trace in remote containers
type EnableIPTablesPacketTracingPayLoad struct {
IPTablesPacketTracing bool `json:",omitempty"`
Interval time.Duration `json:",omitempty"`
ContextID string `json:",omitempty"`
}
// EnableDatapathPacketTracingPayLoad is the payload to enable nfq packet tracing in the remote container
type EnableDatapathPacketTracingPayLoad struct {
Direction packettracing.TracingDirection `json:",omitempty"`
Interval time.Duration `json:",omitempty"`
ContextID string `json:",omitempty"`
}