-
Notifications
You must be signed in to change notification settings - Fork 51
/
interfaces.go
141 lines (124 loc) · 3.84 KB
/
interfaces.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package collector
import (
"fmt"
"github.com/aporeto-inc/trireme-lib/policy"
)
// Flow event description
const (
// FlowReject indicates that a flow was rejected
FlowReject = "reject"
// FlowAccept logs that a flow is accepted
FlowAccept = "accept"
// MissingToken indicates that the token was missing
MissingToken = "missingtoken"
// InvalidToken indicates that the token was invalid
InvalidToken = "token"
// InvalidFormat indicates that the packet metadata were not correct
InvalidFormat = "format"
// InvalidContext indicates that there was no context in the metadata
InvalidContext = "context"
// InvalidConnection indicates that there was no connection found
InvalidConnection = "connection"
// InvalidState indicates that a packet was received without proper state information
InvalidState = "state"
// InvalidNonse indicates that the nonse check failed
InvalidNonse = "nonse"
// PolicyDrop indicates that the flow is rejected because of the policy decision
PolicyDrop = "policy"
)
// Container event description
const (
// ContainerStart indicates a container start event
ContainerStart = "start"
// ContainerStop indicates a container stop event
ContainerStop = "stop"
// ContainerCreate indicates a container create event
ContainerCreate = "create"
// ContainerDelete indicates a container delete event
ContainerDelete = "delete"
// ContainerUpdate indicates a container policy update event
ContainerUpdate = "update"
// ContainerFailed indicates an event that a container was stopped because of policy issues
ContainerFailed = "forcestop"
// ContainerIgnored indicates that the container will be ignored by Trireme
ContainerIgnored = "ignore"
// ContainerDeleteUnknown indicates that policy for an unknown container was deleted
ContainerDeleteUnknown = "unknowncontainer"
)
const (
// PolicyValid Normal flow accept
PolicyValid = "V"
// DefaultEndPoint provides a string for unknown container sources
DefaultEndPoint = "default"
)
// EventCollector is the interface for collecting events.
type EventCollector interface {
// CollectFlowEvent collect a flow event.
CollectFlowEvent(record *FlowRecord)
// CollectContainerEvent collects a container events
CollectContainerEvent(record *ContainerRecord)
// CollectUserEvent collects a user event
CollectUserEvent(record *UserRecord)
}
// EndPointType is the type of an endpoint (PU or an external IP address )
type EndPointType byte
const (
// Address indicates that the endpoint is an external IP address
Address EndPointType = iota
// PU indicates that the endpoint is a PU
PU
)
func (e *EndPointType) String() string {
if *e == Address {
return "ext"
}
return "pu"
}
// EndPoint is a structure that holds all the endpoint information
type EndPoint struct {
ID string
IP string
URI string
UserID string
Type EndPointType
Port uint16
}
// FlowRecord describes a flow record for statistis
type FlowRecord struct {
ContextID string
Count int
Source *EndPoint
Destination *EndPoint
Tags *policy.TagStore
Action policy.ActionType
ObservedAction policy.ActionType
DropReason string
PolicyID string
ObservedPolicyID string
}
func (f *FlowRecord) String() string {
return fmt.Sprintf("<flowrecord contextID:%s count:%d sourceID:%s destinationID:%s sourceIP: %s destinationIP:%s destinationPort:%d action:%s mode:%s>",
f.ContextID,
f.Count,
f.Source.ID,
f.Destination.ID,
f.Source.IP,
f.Destination.IP,
f.Destination.Port,
f.Action.String(),
f.DropReason,
)
}
// ContainerRecord is a statistics record for a container
type ContainerRecord struct {
ContextID string
IPAddress policy.ExtendedMap
Tags *policy.TagStore
Event string
}
// UserRecord reports a new user access. These will be reported
// periodically.
type UserRecord struct {
ID string
Claims []string
}