const (
// ConntrackTable Conntrack table
// https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK 1
ConntrackTable = 1
// ConntrackExpectTable Conntrack expect table
// https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK_EXP 2
ConntrackExpectTable = 2
)
const (
ConntrackOrigSrcIP = iota // -orig-src ip Source address from original direction
ConntrackOrigDstIP // -orig-dst ip Destination address from original direction
ConntrackReplySrcIP // --reply-src ip Reply Source IP
ConntrackReplyDstIP // --reply-dst ip Reply Destination IP
ConntrackReplyAnyIP // Match source or destination reply IP
ConntrackOrigSrcPort // --orig-port-src port Source port in original direction
ConntrackOrigDstPort // --orig-port-dst port Destination port in original direction
ConntrackMatchLabels // --label label1,label2 Labels used in entry
ConntrackUnmatchLabels // --label label1,label2 Labels not used in entry
ConntrackNatSrcIP = ConntrackReplySrcIP // deprecated use instead ConntrackReplySrcIP
ConntrackNatDstIP = ConntrackReplyDstIP // deprecated use instead ConntrackReplyDstIP
ConntrackNatAnyIP = ConntrackReplyAnyIP // deprecated use instead ConntrackReplyAnyIP
)
const (
TC_ACT_EXT_SHIFT = 28
TC_ACT_EXT_VAL_MASK = (1 << TC_ACT_EXT_SHIFT) - 1
)
Constants used in TcU32Sel.Flags.
const (
TC_U32_TERMINAL = nl.TC_U32_TERMINAL
TC_U32_OFFSET = nl.TC_U32_OFFSET
TC_U32_VAROFFSET = nl.TC_U32_VAROFFSET
TC_U32_EAT = nl.TC_U32_EAT
)
const (
FOU_CMD_UNSPEC uint8 = iota
FOU_CMD_ADD
FOU_CMD_DEL
FOU_CMD_GET
FOU_CMD_MAX = FOU_CMD_GET
)
const (
FOU_ATTR_UNSPEC = iota
FOU_ATTR_PORT
FOU_ATTR_AF
FOU_ATTR_IPPROTO
FOU_ATTR_TYPE
FOU_ATTR_REMCSUM_NOPARTIAL
FOU_ATTR_MAX = FOU_ATTR_REMCSUM_NOPARTIAL
)
const (
FOU_ENCAP_UNSPEC = iota
FOU_ENCAP_DIRECT
FOU_ENCAP_GUE
FOU_ENCAP_MAX = FOU_ENCAP_GUE
)
INET_DIAG constatns
const (
INET_DIAG_NONE = iota
INET_DIAG_MEMINFO
INET_DIAG_INFO
INET_DIAG_VEGASINFO
INET_DIAG_CONG
INET_DIAG_TOS
INET_DIAG_TCLASS
INET_DIAG_SKMEMINFO
INET_DIAG_SHUTDOWN
INET_DIAG_DCTCPINFO
INET_DIAG_PROTOCOL
INET_DIAG_SKV6ONLY
INET_DIAG_LOCALS
INET_DIAG_PEERS
INET_DIAG_PAD
INET_DIAG_MARK
INET_DIAG_BBRINFO
INET_DIAG_CLASS_ID
INET_DIAG_MD5SIG
INET_DIAG_ULP_INFO
INET_DIAG_SK_BPF_STORAGES
INET_DIAG_CGROUP_ID
INET_DIAG_SOCKOPT
INET_DIAG_MAX
)
ioctl for statistics.
const (
// ETHTOOL_GSSET_INFO gets string set info
ETHTOOL_GSSET_INFO = 0x00000037
// SIOCETHTOOL is Ethtool interface
SIOCETHTOOL = 0x8946
// ETHTOOL_GSTRINGS gets specified string set
ETHTOOL_GSTRINGS = 0x0000001b
// ETHTOOL_GSTATS gets NIC-specific statistics
ETHTOOL_GSTATS = 0x0000001d
)
string set id.
const (
// ETH_SS_TEST is self-test result names, for use with %ETHTOOL_TEST
ETH_SS_TEST = iota
// ETH_SS_STATS statistic names, for use with %ETHTOOL_GSTATS
ETH_SS_STATS
// ETH_SS_PRIV_FLAGS are driver private flag names
ETH_SS_PRIV_FLAGS
// ETH_SS_FEATURES are device feature names
ETH_SS_FEATURES
// ETH_SS_RSS_HASH_FUNCS is RSS hush function names
ETH_SS_RSS_HASH_FUNCS
)
const (
OperUnknown = iota // Status can't be determined.
OperNotPresent // Some component is missing.
OperDown // Down.
OperLowerLayerDown // Down due to state of lower layer.
OperTesting // In some test mode.
OperDormant // Not up but pending an external event.
OperUp // Up, ready to send packets.
)
Flag mask for bond options. Bond.Flagmask must be set to on for option to work.
const (
BOND_MODE_MASK uint64 = 1 << (1 + iota)
BOND_ACTIVE_SLAVE_MASK
BOND_MIIMON_MASK
BOND_UPDELAY_MASK
BOND_DOWNDELAY_MASK
BOND_USE_CARRIER_MASK
BOND_ARP_INTERVAL_MASK
BOND_ARP_VALIDATE_MASK
BOND_ARP_ALL_TARGETS_MASK
BOND_PRIMARY_MASK
BOND_PRIMARY_RESELECT_MASK
BOND_FAIL_OVER_MAC_MASK
BOND_XMIT_HASH_POLICY_MASK
BOND_RESEND_IGMP_MASK
BOND_NUM_PEER_NOTIF_MASK
BOND_ALL_SLAVES_ACTIVE_MASK
BOND_MIN_LINKS_MASK
BOND_LP_INTERVAL_MASK
BOND_PACKETS_PER_SLAVE_MASK
BOND_LACP_RATE_MASK
BOND_AD_SELECT_MASK
)
const (
CSum TunnelEncapFlag = 1 << 0
CSum6 = 1 << 1
RemCSum = 1 << 2
)
const (
IP6_TNL_F_IGN_ENCAP_LIMIT IP6TunnelFlag = 1 // don't add encapsulation limit if one isn't present in inner packet
IP6_TNL_F_USE_ORIG_TCLASS = 2 // copy the traffic class field from the inner packet
IP6_TNL_F_USE_ORIG_FLOWLABEL = 4 // copy the flowlabel from the inner packet
IP6_TNL_F_MIP6_DEV = 8 // being used for Mobile IPv6
IP6_TNL_F_RCV_DSCP_COPY = 10 // copy DSCP from the outer packet
IP6_TNL_F_USE_ORIG_FWMARK = 20 // copy fwmark from inner packet
IP6_TNL_F_ALLOW_LOCAL_REMOTE = 40 // allow remote endpoint on the local node
)
const (
IPOIB_MODE_DATAGRAM = iota
IPOIB_MODE_CONNECTED
)
const (
CAN_STATE_ERROR_ACTIVE = iota
CAN_STATE_ERROR_WARNING
CAN_STATE_ERROR_PASSIVE
CAN_STATE_BUS_OFF
CAN_STATE_STOPPED
CAN_STATE_SLEEPING
)
const (
SizeofLinkStats32 = 0x5c
SizeofLinkStats64 = 0xb8
)
const (
TUNTAP_MODE_TUN TuntapMode = unix.IFF_TUN
TUNTAP_MODE_TAP TuntapMode = unix.IFF_TAP
TUNTAP_DEFAULTS TuntapFlag = unix.IFF_TUN_EXCL | unix.IFF_ONE_QUEUE
TUNTAP_VNET_HDR TuntapFlag = unix.IFF_VNET_HDR
TUNTAP_TUN_EXCL TuntapFlag = unix.IFF_TUN_EXCL
TUNTAP_NO_PI TuntapFlag = unix.IFF_NO_PI
TUNTAP_ONE_QUEUE TuntapFlag = unix.IFF_ONE_QUEUE
TUNTAP_MULTI_QUEUE TuntapFlag = unix.IFF_MULTI_QUEUE
TUNTAP_MULTI_QUEUE_DEFAULTS TuntapFlag = TUNTAP_MULTI_QUEUE | TUNTAP_NO_PI
)
const (
VF_LINK_STATE_AUTO uint32 = 0
VF_LINK_STATE_ENABLE uint32 = 1
VF_LINK_STATE_DISABLE uint32 = 2
)
ideally golang.org/x/sys/unix would define IfReq but it only has IFNAMSIZ, hence this minimalistic implementation
const (
SizeOfIfReq = 40
IFNAMSIZ = 16
)
const (
NDA_UNSPEC = iota
NDA_DST
NDA_LLADDR
NDA_CACHEINFO
NDA_PROBES
NDA_VLAN
NDA_PORT
NDA_VNI
NDA_IFINDEX
NDA_MASTER
NDA_LINK_NETNSID
NDA_SRC_VNI
NDA_PROTOCOL
NDA_NH_ID
NDA_FDB_EXT_ATTRS
NDA_FLAGS_EXT
NDA_MAX = NDA_FLAGS_EXT
)
Neighbor Cache Entry States.
const (
NUD_NONE = 0x00
NUD_INCOMPLETE = 0x01
NUD_REACHABLE = 0x02
NUD_STALE = 0x04
NUD_DELAY = 0x08
NUD_PROBE = 0x10
NUD_FAILED = 0x20
NUD_NOARP = 0x40
NUD_PERMANENT = 0x80
)
Neighbor Flags
const (
NTF_USE = 0x01
NTF_SELF = 0x02
NTF_MASTER = 0x04
NTF_PROXY = 0x08
NTF_EXT_LEARNED = 0x10
NTF_OFFLOADED = 0x20
NTF_STICKY = 0x40
NTF_ROUTER = 0x80
)
Family type definitions
const (
FAMILY_ALL = nl.FAMILY_ALL
FAMILY_V4 = nl.FAMILY_V4
FAMILY_V6 = nl.FAMILY_V6
FAMILY_MPLS = nl.FAMILY_MPLS
)
These can be replaced by the values from sys/unix when it is next released.
const (
NETNSA_NSID
NETNSA_PID
NETNSA_FD
)
const (
PROC_EVENT_NONE = 0x00000000
PROC_EVENT_FORK = 0x00000001
PROC_EVENT_EXEC = 0x00000002
PROC_EVENT_UID = 0x00000004
PROC_EVENT_GID = 0x00000040
PROC_EVENT_SID = 0x00000080
PROC_EVENT_PTRACE = 0x00000100
PROC_EVENT_COMM = 0x00000200
PROC_EVENT_COREDUMP = 0x40000000
PROC_EVENT_EXIT = 0x80000000
)
const (
CN_VAL_PROC = 0x1
PROC_CN_MCAST_LISTEN = 0x1
)
const (
HANDLE_NONE = 0
HANDLE_INGRESS = 0xFFFFFFF1
HANDLE_CLSACT = HANDLE_INGRESS
HANDLE_ROOT = 0xFFFFFFFF
PRIORITY_MAP_LEN = 16
)
const (
HANDLE_MIN_INGRESS = 0xFFFFFFF2
HANDLE_MIN_EGRESS = 0xFFFFFFF3
)
const (
HORIZON_DROP_POLICY_CAP = 0
HORIZON_DROP_POLICY_DROP = 1
HORIZON_DROP_POLICY_DEFAULT = 255
)
const (
RT_FILTER_PROTOCOL uint64 = 1 << (1 + iota)
RT_FILTER_SCOPE
RT_FILTER_TYPE
RT_FILTER_TOS
RT_FILTER_IIF
RT_FILTER_OIF
RT_FILTER_DST
RT_FILTER_SRC
RT_FILTER_GW
RT_FILTER_TABLE
RT_FILTER_HOPLIMIT
RT_FILTER_PRIORITY
RT_FILTER_MARK
RT_FILTER_MASK
RT_FILTER_REALM
)
TCP States
const (
TCP_ESTABLISHED = iota + 0x01
TCP_SYN_SENT
TCP_SYN_RECV
TCP_FIN_WAIT1
TCP_FIN_WAIT2
TCP_TIME_WAIT
TCP_CLOSE
TCP_CLOSE_WAIT
TCP_LAST_ACK
TCP_LISTEN
TCP_CLOSING
TCP_NEW_SYN_REC
TCP_MAX_STATES
)
According to linux/include/uapi/linux/unix_diag.h
const (
UNIX_DIAG_NAME = iota
UNIX_DIAG_VFS
UNIX_DIAG_PEER
UNIX_DIAG_ICONS
UNIX_DIAG_RQLEN
UNIX_DIAG_MEMINFO
UNIX_DIAG_SHUTDOWN
UNIX_DIAG_UID
UNIX_DIAG_MAX
)
features for virtio net
const (
VIRTIO_NET_F_CSUM = 0 // Host handles pkts w/ partial csum
VIRTIO_NET_F_GUEST_CSUM = 1 // Guest handles pkts w/ partial csum
VIRTIO_NET_F_CTRL_GUEST_OFFLOADS = 2 // Dynamic offload configuration.
VIRTIO_NET_F_MTU = 3 // Initial MTU advice
VIRTIO_NET_F_MAC = 5 // Host has given MAC address.
VIRTIO_NET_F_GUEST_TSO4 = 7 // Guest can handle TSOv4 in.
VIRTIO_NET_F_GUEST_TSO6 = 8 // Guest can handle TSOv6 in.
VIRTIO_NET_F_GUEST_ECN = 9 // Guest can handle TSO[6] w/ ECN in.
VIRTIO_NET_F_GUEST_UFO = 10 // Guest can handle UFO in.
VIRTIO_NET_F_HOST_TSO4 = 11 // Host can handle TSOv4 in.
VIRTIO_NET_F_HOST_TSO6 = 12 // Host can handle TSOv6 in.
VIRTIO_NET_F_HOST_ECN = 13 // Host can handle TSO[6] w/ ECN in.
VIRTIO_NET_F_HOST_UFO = 14 // Host can handle UFO in.
VIRTIO_NET_F_MRG_RXBUF = 15 // Host can merge receive buffers.
VIRTIO_NET_F_STATUS = 16 // virtio_net_config.status available
VIRTIO_NET_F_CTRL_VQ = 17 // Control channel available
VIRTIO_NET_F_CTRL_RX = 18 // Control channel RX mode support
VIRTIO_NET_F_CTRL_VLAN = 19 // Control channel VLAN filtering
VIRTIO_NET_F_CTRL_RX_EXTRA = 20 // Extra RX mode control support
VIRTIO_NET_F_GUEST_ANNOUNCE = 21 // Guest can announce device on the* network
VIRTIO_NET_F_MQ = 22 // Device supports Receive Flow Steering
VIRTIO_NET_F_CTRL_MAC_ADDR = 23 // Set MAC address
VIRTIO_NET_F_VQ_NOTF_COAL = 52 // Device supports virtqueue notification coalescing
VIRTIO_NET_F_NOTF_COAL = 53 // Device supports notifications coalescing
VIRTIO_NET_F_GUEST_USO4 = 54 // Guest can handle USOv4 in.
VIRTIO_NET_F_GUEST_USO6 = 55 // Guest can handle USOv6 in.
VIRTIO_NET_F_HOST_USO = 56 // Host can handle USO in.
VIRTIO_NET_F_HASH_REPORT = 57 // Supports hash report
VIRTIO_NET_F_GUEST_HDRLEN = 59 // Guest provides the exact hdr_len value.
VIRTIO_NET_F_RSS = 60 // Supports RSS RX steering
VIRTIO_NET_F_RSC_EXT = 61 // extended coalescing info
VIRTIO_NET_F_STANDBY = 62 // Act as standby for another device with the same MAC.
VIRTIO_NET_F_SPEED_DUPLEX = 63 // Device set linkspeed and duplex
VIRTIO_NET_F_GSO = 6 // Host handles pkts any GSO type
)
virtio net status
const (
VIRTIO_NET_S_LINK_UP = 1 // Link is up
VIRTIO_NET_S_ANNOUNCE = 2 // Announcement is needed
)
virtio config
const (
// Do we get callbacks when the ring is completely used, even if we've
// suppressed them?
VIRTIO_F_NOTIFY_ON_EMPTY = 24
// Can the device handle any descriptor layout?
VIRTIO_F_ANY_LAYOUT = 27
// v1.0 compliant
VIRTIO_F_VERSION_1 = 32
// If clear - device has the platform DMA (e.g. IOMMU) bypass quirk feature.
// If set - use platform DMA tools to access the memory.
// Note the reverse polarity (compared to most other features),
// this is for compatibility with legacy systems.
VIRTIO_F_ACCESS_PLATFORM = 33
// Legacy name for VIRTIO_F_ACCESS_PLATFORM (for compatibility with old userspace)
VIRTIO_F_IOMMU_PLATFORM = VIRTIO_F_ACCESS_PLATFORM
// This feature indicates support for the packed virtqueue layout.
VIRTIO_F_RING_PACKED = 34
// Inorder feature indicates that all buffers are used by the device
// in the same order in which they have been made available.
VIRTIO_F_IN_ORDER = 35
// This feature indicates that memory accesses by the driver and the
// device are ordered in a way described by the platform.
VIRTIO_F_ORDER_PLATFORM = 36
// Does the device support Single Root I/O Virtualization?
VIRTIO_F_SR_IOV = 37
// This feature indicates that the driver passes extra data (besides
// identifying the virtqueue) in its device notifications.
VIRTIO_F_NOTIFICATION_DATA = 38
// This feature indicates that the driver uses the data provided by the device
// as a virtqueue identifier in available buffer notifications.
VIRTIO_F_NOTIF_CONFIG_DATA = 39
// This feature indicates that the driver can reset a queue individually.
VIRTIO_F_RING_RESET = 40
)
virtio device ids
const (
VIRTIO_ID_NET = 1 // virtio net
VIRTIO_ID_BLOCK = 2 // virtio block
VIRTIO_ID_CONSOLE = 3 // virtio console
VIRTIO_ID_RNG = 4 // virtio rng
VIRTIO_ID_BALLOON = 5 // virtio balloon
VIRTIO_ID_IOMEM = 6 // virtio ioMemory
VIRTIO_ID_RPMSG = 7 // virtio remote processor messaging
VIRTIO_ID_SCSI = 8 // virtio scsi
VIRTIO_ID_9P = 9 // 9p virtio console
VIRTIO_ID_MAC80211_WLAN = 10 // virtio WLAN MAC
VIRTIO_ID_RPROC_SERIAL = 11 // virtio remoteproc serial link
VIRTIO_ID_CAIF = 12 // Virtio caif
VIRTIO_ID_MEMORY_BALLOON = 13 // virtio memory balloon
VIRTIO_ID_GPU = 16 // virtio GPU
VIRTIO_ID_CLOCK = 17 // virtio clock/timer
VIRTIO_ID_INPUT = 18 // virtio input
VIRTIO_ID_VSOCK = 19 // virtio vsock transport
VIRTIO_ID_CRYPTO = 20 // virtio crypto
VIRTIO_ID_SIGNAL_DIST = 21 // virtio signal distribution device
VIRTIO_ID_PSTORE = 22 // virtio pstore device
VIRTIO_ID_IOMMU = 23 // virtio IOMMU
VIRTIO_ID_MEM = 24 // virtio mem
VIRTIO_ID_SOUND = 25 // virtio sound
VIRTIO_ID_FS = 26 // virtio filesystem
VIRTIO_ID_PMEM = 27 // virtio pmem
VIRTIO_ID_RPMB = 28 // virtio rpmb
VIRTIO_ID_MAC80211_HWSIM = 29 // virtio mac80211-hwsim
VIRTIO_ID_VIDEO_ENCODER = 30 // virtio video encoder
VIRTIO_ID_VIDEO_DECODER = 31 // virtio video decoder
VIRTIO_ID_SCMI = 32 // virtio SCMI
VIRTIO_ID_NITRO_SEC_MOD = 33 // virtio nitro secure module
VIRTIO_ID_I2C_ADAPTER = 34 // virtio i2c adapter
VIRTIO_ID_WATCHDOG = 35 // virtio watchdog
VIRTIO_ID_CAN = 36 // virtio can
VIRTIO_ID_DMABUF = 37 // virtio dmabuf
VIRTIO_ID_PARAM_SERV = 38 // virtio parameter server
VIRTIO_ID_AUDIO_POLICY = 39 // virtio audio policy
VIRTIO_ID_BT = 40 // virtio bluetooth
VIRTIO_ID_GPIO = 41 // virtio gpio
// Virtio Transitional IDs
VIRTIO_TRANS_ID_NET = 0x1000 // transitional virtio net
VIRTIO_TRANS_ID_BLOCK = 0x1001 // transitional virtio block
VIRTIO_TRANS_ID_BALLOON = 0x1002 // transitional virtio balloon
VIRTIO_TRANS_ID_CONSOLE = 0x1003 // transitional virtio console
VIRTIO_TRANS_ID_SCSI = 0x1004 // transitional virtio SCSI
VIRTIO_TRANS_ID_RNG = 0x1005 // transitional virtio rng
VIRTIO_TRANS_ID_9P = 0x1009 // transitional virtio 9p console
)
XDP diagnosis show flag constants to request particular information elements.
const (
XDP_SHOW_INFO = 1 << iota
XDP_SHOW_RING_CFG
XDP_SHOW_UMEM
XDP_SHOW_MEMINFO
XDP_SHOW_STATS
)
XDP diag element constants
const (
XDP_DIAG_NONE = iota
XDP_DIAG_INFO // when using XDP_SHOW_INFO
XDP_DIAG_UID // when using XDP_SHOW_INFO
XDP_DIAG_RX_RING // when using XDP_SHOW_RING_CFG
XDP_DIAG_TX_RING // when using XDP_SHOW_RING_CFG
XDP_DIAG_UMEM // when using XDP_SHOW_UMEM
XDP_DIAG_UMEM_FILL_RING // when using XDP_SHOW_UMEM
XDP_DIAG_UMEM_COMPLETION_RING // when using XDP_SHOW_UMEM
XDP_DIAG_MEMINFO // when using XDP_SHOW_MEMINFO
XDP_DIAG_STATS // when using XDP_SHOW_STATS
)
const CN_IDX_PROC = 0x1
const (
FOU_GENL_NAME = "fou"
)
const FibRuleInvert = 0x2
Extended Neighbor Flags
const (
NTF_EXT_MANAGED = 0x00000001
)
const SOCK_ANY_COOKIE = uint64(nl.TCPDIAG_NOCOOKIE)<<32 + uint64(nl.TCPDIAG_NOCOOKIE)
const (
TIME_UNITS_PER_SEC = 1000000
)
const (
XDP_DU_F_ZEROCOPY = 1 << iota
)
var (
// ErrAttrHeaderTruncated is returned when a netlink attribute's header is
// truncated.
ErrAttrHeaderTruncated = errors.New("attribute header truncated")
// ErrAttrBodyTruncated is returned when a netlink attribute's body is
// truncated.
ErrAttrBodyTruncated = errors.New("attribute body truncated")
)
var (
// ErrNotImplemented is returned when a requested feature is not implemented.
ErrNotImplemented = errors.New("not implemented")
)
var StringToBondAdSelectMap = map[string]BondAdSelect{ "stable": BOND_AD_SELECT_STABLE, "bandwidth": BOND_AD_SELECT_BANDWIDTH, "count": BOND_AD_SELECT_COUNT, }
var StringToBondArpAllTargetsMap = map[string]BondArpAllTargets{ "any": BOND_ARP_ALL_TARGETS_ANY, "all": BOND_ARP_ALL_TARGETS_ALL, }
var StringToBondArpValidateMap = map[string]BondArpValidate{ "none": BOND_ARP_VALIDATE_NONE, "active": BOND_ARP_VALIDATE_ACTIVE, "backup": BOND_ARP_VALIDATE_BACKUP, "all": BOND_ARP_VALIDATE_ALL, }
var StringToBondFailOverMacMap = map[string]BondFailOverMac{ "none": BOND_FAIL_OVER_MAC_NONE, "active": BOND_FAIL_OVER_MAC_ACTIVE, "follow": BOND_FAIL_OVER_MAC_FOLLOW, }
var StringToBondLacpRateMap = map[string]BondLacpRate{ "slow": BOND_LACP_RATE_SLOW, "fast": BOND_LACP_RATE_FAST, }
var StringToBondModeMap = map[string]BondMode{ "balance-rr": BOND_MODE_BALANCE_RR, "active-backup": BOND_MODE_ACTIVE_BACKUP, "balance-xor": BOND_MODE_BALANCE_XOR, "broadcast": BOND_MODE_BROADCAST, "802.3ad": BOND_MODE_802_3AD, "balance-tlb": BOND_MODE_BALANCE_TLB, "balance-alb": BOND_MODE_BALANCE_ALB, }
var StringToBondPrimaryReselectMap = map[string]BondPrimaryReselect{ "always": BOND_PRIMARY_RESELECT_ALWAYS, "better": BOND_PRIMARY_RESELECT_BETTER, "failure": BOND_PRIMARY_RESELECT_FAILURE, }
var StringToBondXmitHashPolicyMap = map[string]BondXmitHashPolicy{ "layer2": BOND_XMIT_HASH_POLICY_LAYER2, "layer3+4": BOND_XMIT_HASH_POLICY_LAYER3_4, "layer2+3": BOND_XMIT_HASH_POLICY_LAYER2_3, "encap2+3": BOND_XMIT_HASH_POLICY_ENCAP2_3, "encap3+4": BOND_XMIT_HASH_POLICY_ENCAP3_4, "vlan+srcmac": BOND_XMIT_HASH_POLICY_VLAN_SRCMAC, }
var StringToIPoIBMode = map[string]IPoIBMode{ "datagram": IPOIB_MODE_DATAGRAM, "connected": IPOIB_MODE_CONNECTED, }
var StringToTuntapModeMap = map[string]TuntapMode{ "tun": TUNTAP_MODE_TUN, "tap": TUNTAP_MODE_TAP, }
var StringToVlanProtocolMap = map[string]VlanProtocol{ "802.1q": VLAN_PROTOCOL_8021Q, "802.1ad": VLAN_PROTOCOL_8021AD, }
var VlanProtocolToString = map[VlanProtocol]string{ VLAN_PROTOCOL_8021Q: "802.1q", VLAN_PROTOCOL_8021AD: "802.1ad", }
func AddrAdd(link Link, addr *Addr) error
AddrAdd will add an IP address to a link device.
Equivalent to: `ip addr add $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger.
func AddrDel(link Link, addr *Addr) error
AddrDel will delete an IP address from a link device.
Equivalent to: `ip addr del $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger.
func AddrReplace(link Link, addr *Addr) error
AddrReplace will replace (or, if not present, add) an IP address on a link device.
Equivalent to: `ip addr replace $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger.
func AddrSubscribe(ch chan<- AddrUpdate, done <-chan struct{}) error
AddrSubscribe takes a chan down which notifications will be sent when addresses change. Close the 'done' chan to stop subscription.
func AddrSubscribeAt(ns netns.NsHandle, ch chan<- AddrUpdate, done <-chan struct{}) error
AddrSubscribeAt works like AddrSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
func AddrSubscribeWithOptions(ch chan<- AddrUpdate, done <-chan struct{}, options AddrSubscribeOptions) error
AddrSubscribeWithOptions work like AddrSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
func AdjustSize(sz uint, mpu uint, linklayer int) uint
func AlignToAtm(size uint) uint
func BridgeSetMcastSnoop(link Link, on bool) error
func BridgeSetVlanDefaultPVID(link Link, pvid uint16) error
func BridgeSetVlanFiltering(link Link, on bool) error
func BridgeVlanAdd(link Link, vid uint16, pvid, untagged, self, master bool) error
BridgeVlanAdd adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanAddRange(link Link, vid, vidEnd uint16, pvid, untagged, self, master bool) error
BridgeVlanAddRange adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanDel(link Link, vid uint16, pvid, untagged, self, master bool) error
BridgeVlanDel adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanDelRange(link Link, vid, vidEnd uint16, pvid, untagged, self, master bool) error
BridgeVlanDelRange adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanList() (map[int32][]*nl.BridgeVlanInfo, error)
BridgeVlanList gets a map of device id to bridge vlan infos. Equivalent to: `bridge vlan show`
func CalcRtable(rate *nl.TcRateSpec, rtab []uint32, cellLog int, mtu uint32, linklayer int) int
func ChainAdd(link Link, chain Chain) error
ChainAdd will add a chain to the system. Equivalent to: `tc chain add`
func ChainDel(link Link, chain Chain) error
ChainDel will delete a chain from the system.
func ClassAdd(class Class) error
ClassAdd will add a class to the system. Equivalent to: `tc class add $class`
func ClassChange(class Class) error
ClassChange will change a class in place Equivalent to: `tc class change $class` The parent and handle MUST NOT be changed.
func ClassDel(class Class) error
ClassDel will delete a class from the system. Equivalent to: `tc class del $class`
func ClassReplace(class Class) error
ClassReplace will replace a class to the system. quivalent to: `tc class replace $class` The handle MAY be changed. If a class already exist with this parent/handle pair, the class is changed. If a class does not already exist with this parent/handle, a new class is created.
func ClockFactor() float64
func ConntrackCreate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error
ConntrackCreate creates a new conntrack flow in the desired table conntrack -I [table] Create a conntrack or expectation
func ConntrackDeleteFilter(table ConntrackTableType, family InetFamily, filter CustomConntrackFilter) (uint, error)
ConntrackDeleteFilter deletes entries on the specified table on the base of the filter conntrack -D [table] parameters Delete conntrack or expectation
Deprecated: use ConntrackDeleteFilter instead.
func ConntrackDeleteFilters(table ConntrackTableType, family InetFamily, filters ...CustomConntrackFilter) (uint, error)
ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters conntrack -D [table] parameters Delete conntrack or expectation
func ConntrackTableFlush(table ConntrackTableType) error
ConntrackTableFlush flushes all the flows of a specified table conntrack -F [table] Flush table The flush operation applies to all the family types
func ConntrackUpdate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error
ConntrackUpdate updates an existing conntrack flow in the desired table using the handle conntrack -U [table] Update a conntrack
func DeserializeRtab(b []byte) [256]uint32
func DevLinkPortDel(Bus string, Device string, PortIndex uint32) error
DevLinkPortDel deletes a devlink port and returns success or error code.
func DevLinkSetEswitchMode(Dev *DevlinkDevice, NewMode string) error
DevLinkSetEswitchMode sets eswitch mode if able to set successfully or returns an error code. Equivalent to: `devlink dev eswitch set $dev mode switchdev` Equivalent to: `devlink dev eswitch set $dev mode legacy`
func DevlinkGetDeviceInfoByNameAsMap(Bus string, Device string) (map[string]string, error)
DevlinkGetDeviceInfoByNameAsMap returns devlink info for selected device as a map, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
func DevlinkPortFnSet(Bus string, Device string, PortIndex uint32, FnAttrs DevlinkPortFnSetAttrs) error
DevlinkPortFnSet sets one or more port function attributes specified by the attribute mask. It returns 0 on success or error code.
func DevlinkSetDeviceParam(bus string, device string, param string, cmode uint8, value interface{}) error
DevlinkSetDeviceParam set specific parameter for devlink device Equivalent to: `devlink dev param set <bus>/<device> name <param> cmode <cmode> value <value>` cmode argument should contain valid cmode value as uint8, modes are define in nl.DEVLINK_PARAM_CMODE_* constants value argument should have one of the following types: uint8, uint16, uint32, string, bool
func EncodeActions(attr *nl.RtAttr, actions []Action) error
func FilterAdd(filter Filter) error
FilterAdd will add a filter to the system. Equivalent to: `tc filter add $filter`
func FilterDel(filter Filter) error
FilterDel will delete a filter from the system. Equivalent to: `tc filter del $filter`
func FilterReplace(filter Filter) error
FilterReplace will replace a filter. Equivalent to: `tc filter replace $filter`
func FouAdd(f Fou) error
func FouDel(f Fou) error
func FouFamilyId() (int, error)
func GTPPDPAdd(link Link, pdp *PDP) error
func GTPPDPDel(link Link, pdp *PDP) error
func GetNetNsIdByFd(fd int) (int, error)
GetNetNsIdByFd looks up the network namespace ID for a given fd. fd must be an open file descriptor to a namespace file. Returns -1 if the namespace does not have an ID set.
func GetNetNsIdByPid(pid int) (int, error)
GetNetNsIdByPid looks up the network namespace ID for a given pid (really thread id). Returns -1 if the namespace does not have an ID set.
func GetSocketTimeout() time.Duration
GetSocketTimeout returns the timeout value used by default netlink sockets
func HandleStr(handle uint32) string
func Hz() float64
func IpsetAdd(setname string, entry *IPSetEntry) error
IpsetAdd adds an entry to an existing ipset.
func IpsetCreate(setname, typename string, options IpsetCreateOptions) error
IpsetCreate creates a new ipset
func IpsetDel(setname string, entry *IPSetEntry) error
IpsetDel deletes an entry from an existing ipset.
func IpsetDestroy(setname string) error
IpsetDestroy destroys an existing ipset
func IpsetFlush(setname string) error
IpsetFlush flushes an existing ipset
func IpsetProtocol() (uint8, uint8, error)
IpsetProtocol returns the ipset protocol version from the kernel
func IpsetSwap(setname, othersetname string) error
IpsetSwap swaps two ipsets.
func IpsetTest(setname string, entry *IPSetEntry) (bool, error)
IpsetTest tests whether an entry is in a set or not.
func IsBitSet(input uint64, pos int) bool
IsBitSet check if specific bit is set in the uint64 input value usage example: hasNetClass := IsBitSet(mgmtDev, VIRTIO_ID_NET)
func LinkAdd(link Link) error
LinkAdd adds a new link device. The type and features of the device are taken from the parameters in the link object. Equivalent to: `ip link add $link`
func LinkAddAltName(link Link, name string) error
LinkAddAltName adds a new alternative name for the link device. Equivalent to: `ip link property add $link altname $name`
func LinkDel(link Link) error
LinkDel deletes link device. Either Index or Name must be set in the link object for it to be deleted. The other values are ignored. Equivalent to: `ip link del $link`
func LinkDelAltName(link Link, name string) error
LinkDelAltName delete an alternative name for the link device. Equivalent to: `ip link property del $link altname $name`
func LinkDelBondSlave(link Link, master *Bond) error
LinkSetBondSlave removes specified slave from bond link via ioctl interface.
func LinkModify(link Link) error
func LinkSetARPOff(link Link) error
func LinkSetARPOn(link Link) error
func LinkSetAlias(link Link, name string) error
LinkSetAlias sets the alias of the link device. Equivalent to: `ip link set dev $link alias $name`
func LinkSetAllmulticastOff(link Link) error
LinkSetAllmulticastOff disables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast off`
func LinkSetAllmulticastOn(link Link) error
LinkSetAllmulticastOn enables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast on`
func LinkSetBRSlaveGroupFwdMask(link Link, mask uint16) error
LinkSetBRSlaveGroupFwdMask set the group_fwd_mask of a bridge slave interface
func LinkSetBondSlave(link Link, master *Bond) error
LinkSetBondSlave add slave to bond link via ioctl interface.
func LinkSetBondSlaveActive(link Link, master *Bond) error
LinkSetBondSlaveActive sets specified slave to ACTIVE in an `active-backup` bond link via ioctl interface.
Multiple calls keeps the status unchanged(shown in the unit test).
func LinkSetBondSlaveQueueId(link Link, queueId uint16) error
LinkSetBondSlaveQueueId modify bond slave queue-id.
func LinkSetBrNeighSuppress(link Link, mode bool) error
func LinkSetBrProxyArp(link Link, mode bool) error
func LinkSetBrProxyArpWiFi(link Link, mode bool) error
func LinkSetDown(link Link) error
LinkSetDown disables link device. Equivalent to: `ip link set $link down`
func LinkSetFastLeave(link Link, mode bool) error
func LinkSetFlood(link Link, mode bool) error
func LinkSetGROIPv4MaxSize(link Link, maxSize int) error
LinkSetGROIPv4MaxSize sets the IPv4 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_ipv4_max_size $maxSize`
func LinkSetGROMaxSize(link Link, maxSize int) error
LinkSetGROMaxSize sets the IPv6 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_max_size $maxSize`
func LinkSetGSOIPv4MaxSize(link Link, maxSize int) error
LinkSetGSOIPv4MaxSize sets the IPv4 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_ipv4_max_size $maxSize`
func LinkSetGSOMaxSegs(link Link, maxSegs int) error
LinkSetGSOMaxSegs sets the GSO maximum segment count of the link device. Equivalent to: `ip link set $link gso_max_segs $maxSegs`
func LinkSetGSOMaxSize(link Link, maxSize int) error
LinkSetGSOMaxSize sets the IPv6 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_max_size $maxSize`
func LinkSetGroup(link Link, group int) error
LinkSetGroup sets the link group id which can be used to perform mass actions with iproute2 as well use it as a reference in nft filters. Equivalent to: `ip link set $link group $id`
func LinkSetGuard(link Link, mode bool) error
func LinkSetHairpin(link Link, mode bool) error
func LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error
LinkSetHardwareAddr sets the hardware address of the link device. Equivalent to: `ip link set $link address $hwaddr`
func LinkSetIsolated(link Link, mode bool) error
func LinkSetLearning(link Link, mode bool) error
func LinkSetMTU(link Link, mtu int) error
LinkSetMTU sets the mtu of the link device. Equivalent to: `ip link set $link mtu $mtu`
func LinkSetMacvlanMode(link Link, mode MacvlanMode) error
LinkSetMacvlanMode sets the mode of a macvlan or macvtap link device. Note that passthrough mode cannot be set to and from and will fail. Equivalent to: `ip link set $link type (macvlan|macvtap) mode $mode
func LinkSetMaster(link Link, master Link) error
LinkSetMaster sets the master of the link device. Equivalent to: `ip link set $link master $master`
func LinkSetMasterByIndex(link Link, masterIndex int) error
LinkSetMasterByIndex sets the master of the link device. Equivalent to: `ip link set $link master $master`
func LinkSetMulticastOff(link Link) error
LinkSetAllmulticastOff disables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast off`
func LinkSetMulticastOn(link Link) error
LinkSetMulticastOn enables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast on`
func LinkSetName(link Link, name string) error
LinkSetName sets the name of the link device. Equivalent to: `ip link set $link name $name`
func LinkSetNoMaster(link Link) error
LinkSetNoMaster removes the master of the link device. Equivalent to: `ip link set $link nomaster`
func LinkSetNsFd(link Link, fd int) error
LinkSetNsFd puts the device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `ip link set $link netns $ns`
func LinkSetNsPid(link Link, nspid int) error
LinkSetNsPid puts the device into a new network namespace. The pid must be a pid of a running process. Equivalent to: `ip link set $link netns $pid`
func LinkSetRootBlock(link Link, mode bool) error
func LinkSetTxQLen(link Link, qlen int) error
LinkSetTxQLen sets the transaction queue length for the link. Equivalent to: `ip link set $link txqlen $qlen`
func LinkSetUp(link Link) error
LinkSetUp enables the link device. Equivalent to: `ip link set $link up`
func LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAddr) error
LinkSetVfHardwareAddr sets the hardware address of a vf for the link. Equivalent to: `ip link set $link vf $vf mac $hwaddr`
func LinkSetVfNodeGUID(link Link, vf int, nodeguid net.HardwareAddr) error
LinkSetVfNodeGUID sets the node GUID of a vf for the link. Equivalent to: `ip link set dev $link vf $vf node_guid $nodeguid`
func LinkSetVfPortGUID(link Link, vf int, portguid net.HardwareAddr) error
LinkSetVfPortGUID sets the port GUID of a vf for the link. Equivalent to: `ip link set dev $link vf $vf port_guid $portguid`
func LinkSetVfRate(link Link, vf, minRate, maxRate int) error
LinkSetVfRate sets the min and max tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf min_tx_rate $min_rate max_tx_rate $max_rate`
func LinkSetVfSpoofchk(link Link, vf int, check bool) error
LinkSetVfSpoofchk enables/disables spoof check on a vf for the link. Equivalent to: `ip link set $link vf $vf spoofchk $check`
func LinkSetVfState(link Link, vf int, state uint32) error
LinkSetVfState enables/disables virtual link state on a vf. Equivalent to: `ip link set $link vf $vf state $state`
func LinkSetVfTrust(link Link, vf int, state bool) error
LinkSetVfTrust enables/disables trust state on a vf for the link. Equivalent to: `ip link set $link vf $vf trust $state`
func LinkSetVfTxRate(link Link, vf, rate int) error
LinkSetVfTxRate sets the tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf rate $rate`
func LinkSetVfVlan(link Link, vf, vlan int) error
LinkSetVfVlan sets the vlan of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan`
func LinkSetVfVlanQos(link Link, vf, vlan, qos int) error
LinkSetVfVlanQos sets the vlan and qos priority of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos`
func LinkSetVfVlanQosProto(link Link, vf, vlan, qos, proto int) error
LinkSetVfVlanQosProto sets the vlan, qos and protocol of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos proto $proto`
func LinkSetXdpFd(link Link, fd int) error
LinkSetXdpFd adds a bpf function to the driver. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_XDP)
func LinkSetXdpFdWithFlags(link Link, fd, flags int) error
LinkSetXdpFdWithFlags adds a bpf function to the driver with the given options. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_XDP)
func LinkSubscribe(ch chan<- LinkUpdate, done <-chan struct{}) error
LinkSubscribe takes a chan down which notifications will be sent when links change. Close the 'done' chan to stop subscription.
func LinkSubscribeAt(ns netns.NsHandle, ch chan<- LinkUpdate, done <-chan struct{}) error
LinkSubscribeAt works like LinkSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
func LinkSubscribeWithOptions(ch chan<- LinkUpdate, done <-chan struct{}, options LinkSubscribeOptions) error
LinkSubscribeWithOptions work like LinkSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
func MacvlanMACAddrAdd(link Link, addr net.HardwareAddr) error
func MacvlanMACAddrDel(link Link, addr net.HardwareAddr) error
func MacvlanMACAddrFlush(link Link) error
func MacvlanMACAddrSet(link Link, addrs []net.HardwareAddr) error
func MajorMinor(handle uint32) (uint16, uint16)
func MakeHandle(major, minor uint16) uint32
func NeighAdd(neigh *Neigh) error
NeighAdd will add an IP to MAC mapping to the ARP table Equivalent to: `ip neigh add ....`
func NeighAppend(neigh *Neigh) error
NeighAppend will append an entry to FDB Equivalent to: `bridge fdb append...`
func NeighDel(neigh *Neigh) error
NeighDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`
func NeighSet(neigh *Neigh) error
NeighSet will add or replace an IP to MAC mapping to the ARP table Equivalent to: `ip neigh replace....`
func NeighSubscribe(ch chan<- NeighUpdate, done <-chan struct{}) error
NeighSubscribe takes a chan down which notifications will be sent when neighbors are added or deleted. Close the 'done' chan to stop subscription.
func NeighSubscribeAt(ns netns.NsHandle, ch chan<- NeighUpdate, done <-chan struct{}) error
NeighSubscribeAt works like NeighSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
func NeighSubscribeWithOptions(ch chan<- NeighUpdate, done <-chan struct{}, options NeighSubscribeOptions) error
NeighSubscribeWithOptions work like NeighSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
func NewIPNet(ip net.IP) *net.IPNet
NewIPNet generates an IPNet from an ip address using a netmask of 32 or 128.
func ParseIPNet(s string) (*net.IPNet, error)
ParseIPNet parses a string in ip/net format and returns a net.IPNet. This is valuable because addresses in netlink are often IPNets and ParseCIDR returns an IPNet with the IP part set to the base IP of the range.
func Percentage2u32(percentage float32) uint32
func ProcEventMonitor(ch chan<- ProcEvent, done <-chan struct{}, errorChan chan<- error) error
func QdiscAdd(qdisc Qdisc) error
QdiscAdd will add a qdisc to the system. Equivalent to: `tc qdisc add $qdisc`
func QdiscChange(qdisc Qdisc) error
QdiscChange will change a qdisc in place Equivalent to: `tc qdisc change $qdisc` The parent and handle MUST NOT be changed.
func QdiscDel(qdisc Qdisc) error
QdiscDel will delete a qdisc from the system. Equivalent to: `tc qdisc del $qdisc`
func QdiscReplace(qdisc Qdisc) error
QdiscReplace will replace a qdisc to the system. Equivalent to: `tc qdisc replace $qdisc` The handle MUST change.
func RdmaLinkAdd(linkName, linkType, netdev string) error
RdmaLinkAdd adds an rdma link for the specified type to the network device. Similar to: rdma link add NAME type TYPE netdev NETDEV
NAME - specifies the new name of the rdma link to add TYPE - specifies which rdma type to use. Link types: rxe - Soft RoCE driver siw - Soft iWARP driver NETDEV - specifies the network device to which the link is bound
REF: https://man7.org/linux/man-pages/man8/rdma-link.8.html
func RdmaLinkDel(name string) error
RdmaLinkDel deletes an rdma link
Similar to: rdma link delete NAME REF: https://man7.org/linux/man-pages/man8/rdma-link.8.html
func RdmaLinkSetName(link *RdmaLink, name string) error
RdmaLinkSetName sets the name of the rdma link device. Return nil on success or error otherwise. Equivalent to: `rdma dev set $old_devname name $name`
func RdmaLinkSetNsFd(link *RdmaLink, fd uint32) error
RdmaLinkSetNsFd puts the RDMA device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `rdma dev set $dev netns $ns`
func RdmaSystemGetNetnsMode() (string, error)
RdmaSystemGetNetnsMode gets the net namespace mode for RDMA subsystem Returns mode string and error status as nil on success or returns error otherwise. Equivalent to: `rdma system show netns'
func RdmaSystemSetNetnsMode(NewMode string) error
RdmaSystemSetNetnsMode sets the net namespace mode for RDMA subsystem Returns nil on success or appropriate error code. Equivalent to: `rdma system set netns { shared | exclusive }'
func RouteAdd(route *Route) error
RouteAdd will add a route to the system. Equivalent to: `ip route add $route`
func RouteAddEcmp(route *Route) error
RouteAddEcmp will add a route to the system.
func RouteAppend(route *Route) error
RouteAppend will append a route to the system. Equivalent to: `ip route append $route`
func RouteChange(route *Route) error
RouteChange will change an existing route in the system. Equivalent to: `ip route change $route`
func RouteDel(route *Route) error
RouteDel will delete a route from the system. Equivalent to: `ip route del $route`
func RouteListFilteredIter(family int, filter *Route, filterMask uint64, f func(Route) (cont bool)) error
RouteListFilteredIter passes each route that matches the filter to the given iterator func. Iteration continues until all routes are loaded or the func returns false.
func RouteReplace(route *Route) error
RouteReplace will add a route to the system. Equivalent to: `ip route replace $route`
func RouteSubscribe(ch chan<- RouteUpdate, done <-chan struct{}) error
RouteSubscribe takes a chan down which notifications will be sent when routes are added or deleted. Close the 'done' chan to stop subscription.
func RouteSubscribeAt(ns netns.NsHandle, ch chan<- RouteUpdate, done <-chan struct{}) error
RouteSubscribeAt works like RouteSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
func RouteSubscribeWithOptions(ch chan<- RouteUpdate, done <-chan struct{}, options RouteSubscribeOptions) error
RouteSubscribeWithOptions work like RouteSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
func RuleAdd(rule *Rule) error
RuleAdd adds a rule to the system. Equivalent to: ip rule add
func RuleDel(rule *Rule) error
RuleDel deletes a rule from the system. Equivalent to: ip rule del
func SerializeRtab(rtab [256]uint32) []byte
func SetBits(input uint64, pos ...int) uint64
SetBits set provided bits in the uint64 input value usage example: features := SetBits(0, VIRTIO_NET_F_MTU, VIRTIO_NET_F_CTRL_MAC_ADDR)
func SetNetNsIdByFd(fd, nsid int) error
SetNetNSIdByFd sets the ID of the network namespace for a given fd. fd must be an open file descriptor to a namespace file. The ID can only be set for namespaces without an ID already set.
func SetNetNsIdByPid(pid, nsid int) error
SetNetNSIdByPid sets the ID of the network namespace for a given pid (really thread id). The ID can only be set for namespaces without an ID already set.
func SetPromiscOff(link Link) error
func SetPromiscOn(link Link) error
func SetSocketTimeout(to time.Duration) error
SetSocketTimeout configures timeout for default netlink sockets
func SocketDestroy(local, remote net.Addr) error
SocketDestroy kills the Socket identified by its local and remote addresses.
func TcActExtCmp(combined int32, opcode int32) bool
func TickInUsec() float64
func VDPADelDev(name string) error
VDPADelDev removes VDPA device Equivalent to: `vdpa dev del <name>`
func VDPANewDev(name, mgmtBus, mgmtName string, params VDPANewDevParams) error
VDPANewDev adds new VDPA device Equivalent to: `vdpa dev add name <name> mgmtdev <mgmtBus>/mgmtName [params]`
func VethPeerIndex(link *Veth) (int, error)
VethPeerIndex get veth peer index.
func XfrmMonitor(ch chan<- XfrmMsg, done <-chan struct{}, errorChan chan<- error, types ...nl.XfrmMsgType) error
func XfrmPolicyAdd(policy *XfrmPolicy) error
XfrmPolicyAdd will add an xfrm policy to the system. Equivalent to: `ip xfrm policy add $policy`
func XfrmPolicyDel(policy *XfrmPolicy) error
XfrmPolicyDel will delete an xfrm policy from the system. Note that the Tmpls are ignored when matching the policy to delete. Equivalent to: `ip xfrm policy del $policy`
func XfrmPolicyFlush() error
XfrmPolicyFlush will flush the policies on the system. Equivalent to: `ip xfrm policy flush`
func XfrmPolicyUpdate(policy *XfrmPolicy) error
XfrmPolicyUpdate will update an xfrm policy to the system. Equivalent to: `ip xfrm policy update $policy`
func XfrmStateAdd(state *XfrmState) error
XfrmStateAdd will add an xfrm state to the system. Equivalent to: `ip xfrm state add $state`
func XfrmStateDel(state *XfrmState) error
XfrmStateDel will delete an xfrm state from the system. Note that the Algos are ignored when matching the state to delete. Equivalent to: `ip xfrm state del $state`
func XfrmStateFlush(proto Proto) error
XfrmStateFlush will flush the xfrm state on the system. proto = 0 means any transformation protocols Equivalent to: `ip xfrm state flush [ proto XFRM-PROTO ]`
func XfrmStateUpdate(state *XfrmState) error
XfrmStateUpdate will update an xfrm state to the system. Equivalent to: `ip xfrm state update $state`
func Xmitsize(rate uint64, ticks uint32) uint32
func Xmittime(rate uint64, size uint32) uint32
Action represents an action in any supported filter.
type Action interface {
Attrs() *ActionAttrs
Type() string
}
type ActionAttrs struct {
Index int
Capab int
Action TcAct
Refcnt int
Bindcnt int
Statistics *ActionStatistic
Timestamp *ActionTimestamp
}
func (q ActionAttrs) String() string
type ActionStatistic ClassStatistics
type ActionTimestamp struct {
Installed uint64
LastUsed uint64
Expires uint64
FirstUsed uint64
}
func (t ActionTimestamp) String() string
Addr represents an IP address from netlink. Netlink ip addresses include a mask, so it stores the address as a net.IPNet.
type Addr struct {
*net.IPNet
Label string
Flags int
Scope int
Peer *net.IPNet
Broadcast net.IP
PreferedLft int
ValidLft int
LinkIndex int
}
func AddrList(link Link, family int) ([]Addr, error)
AddrList gets a list of IP addresses in the system. Equivalent to: `ip addr show`. The list can be filtered by link and ip family.
func ParseAddr(s string) (*Addr, error)
ParseAddr parses the string representation of an address in the form $ip/$netmask $label. The label portion is optional
func (a Addr) Equal(x Addr) bool
Equal returns true if both Addrs have the same net.IPNet value.
func (a Addr) PeerEqual(x Addr) bool
func (a Addr) String() string
String returns $ip/$netmask $label
AddrSubscribeOptions contains a set of options to use with AddrSubscribeWithOptions.
type AddrSubscribeOptions struct {
Namespace *netns.NsHandle
ErrorCallback func(error)
ListExisting bool
ReceiveBufferSize int
ReceiveBufferForceSize bool
ReceiveTimeout *unix.Timeval
}
type AddrUpdate struct {
LinkAddress net.IPNet
LinkIndex int
Flags int
Scope int
PreferedLft int
ValidLft int
NewAddr bool // true=added false=deleted
}
type BPFAttr struct {
ProgType uint32
InsnCnt uint32
Insns uintptr
License uintptr
LogLevel uint32
LogSize uint32
LogBuf uintptr
KernVersion uint32
}
type BareUDP struct {
LinkAttrs
Port uint16
EtherType uint16
SrcPortMin uint16
MultiProto bool
}
func (bareudp *BareUDP) Attrs() *LinkAttrs
func (bareudp *BareUDP) Type() string
Bond representation
type Bond struct {
LinkAttrs
Mode BondMode
ActiveSlave int
Miimon int
UpDelay int
DownDelay int
UseCarrier int
ArpInterval int
ArpIpTargets []net.IP
ArpValidate BondArpValidate
ArpAllTargets BondArpAllTargets
Primary int
PrimaryReselect BondPrimaryReselect
FailOverMac BondFailOverMac
XmitHashPolicy BondXmitHashPolicy
ResendIgmp int
NumPeerNotif int
AllSlavesActive int
MinLinks int
LpInterval int
PacketsPerSlave int
LacpRate BondLacpRate
AdSelect BondAdSelect
// looking at iproute tool AdInfo can only be retrived. It can't be set.
AdInfo *BondAdInfo
AdActorSysPrio int
AdUserPortKey int
AdActorSystem net.HardwareAddr
TlbDynamicLb int
}
func NewLinkBond(atr LinkAttrs) *Bond
func (bond *Bond) Attrs() *LinkAttrs
Attrs implementation.
func (bond *Bond) Type() string
Type implementation fro Vxlan.
BondAdInfo represents ad info for bond
type BondAdInfo struct {
AggregatorId int
NumPorts int
ActorKey int
PartnerKey int
PartnerMac net.HardwareAddr
}
BondAdSelect type
type BondAdSelect int
Possible BondAdSelect value
const (
BOND_AD_SELECT_STABLE BondAdSelect = iota
BOND_AD_SELECT_BANDWIDTH
BOND_AD_SELECT_COUNT
)
func (b BondAdSelect) String() string
BondArpAllTargets type
type BondArpAllTargets int
Possible BondArpAllTargets value
const (
BOND_ARP_ALL_TARGETS_ANY BondArpAllTargets = iota
BOND_ARP_ALL_TARGETS_ALL
)
func (b BondArpAllTargets) String() string
BondArpValidate type
type BondArpValidate int
Possible BondArpValidate value
const (
BOND_ARP_VALIDATE_NONE BondArpValidate = iota
BOND_ARP_VALIDATE_ACTIVE
BOND_ARP_VALIDATE_BACKUP
BOND_ARP_VALIDATE_ALL
)
func (b BondArpValidate) String() string
BondFailOverMac type
type BondFailOverMac int
Possible BondFailOverMac value
const (
BOND_FAIL_OVER_MAC_NONE BondFailOverMac = iota
BOND_FAIL_OVER_MAC_ACTIVE
BOND_FAIL_OVER_MAC_FOLLOW
)
func (b BondFailOverMac) String() string
BondLacpRate type
type BondLacpRate int
Possible BondLacpRate value
const (
BOND_LACP_RATE_SLOW BondLacpRate = iota
BOND_LACP_RATE_FAST
BOND_LACP_RATE_UNKNOWN
)
func StringToBondLacpRate(s string) BondLacpRate
StringToBondLacpRate returns bond lacp arte, or unknown is the s is invalid.
func (b BondLacpRate) String() string
BondMode type
type BondMode int
Possible BondMode
const (
BOND_MODE_BALANCE_RR BondMode = iota
BOND_MODE_ACTIVE_BACKUP
BOND_MODE_BALANCE_XOR
BOND_MODE_BROADCAST
BOND_MODE_802_3AD
BOND_MODE_BALANCE_TLB
BOND_MODE_BALANCE_ALB
BOND_MODE_UNKNOWN
)
func StringToBondMode(s string) BondMode
StringToBondMode returns bond mode, or unknown is the s is invalid.
func (b BondMode) String() string
BondPrimaryReselect type
type BondPrimaryReselect int
Possible BondPrimaryReselect value
const (
BOND_PRIMARY_RESELECT_ALWAYS BondPrimaryReselect = iota
BOND_PRIMARY_RESELECT_BETTER
BOND_PRIMARY_RESELECT_FAILURE
)
func (b BondPrimaryReselect) String() string
type BondSlave struct {
State BondSlaveState
MiiStatus BondSlaveMiiStatus
LinkFailureCount uint32
PermHardwareAddr net.HardwareAddr
QueueId uint16
AggregatorId uint16
AdActorOperPortState uint8
AdPartnerOperPortState uint16
}
func (b *BondSlave) SlaveType() string
BondSlaveMiiStatus represents the values of the IFLA_BOND_SLAVE_MII_STATUS bond slave attribute, which contains the status of MII link monitoring
type BondSlaveMiiStatus uint8
const (
//BondLinkUp link is up and running.
BondLinkUp BondSlaveMiiStatus = iota
//BondLinkFail link has just gone down.
BondLinkFail
//BondLinkDown link has been down for too long time.
BondLinkDown
//BondLinkBack link is going back.
BondLinkBack
)
func (s BondSlaveMiiStatus) String() string
BondSlaveState represents the values of the IFLA_BOND_SLAVE_STATE bond slave attribute, which contains the state of the bond slave.
type BondSlaveState uint8
const (
//BondStateActive Link is active.
BondStateActive BondSlaveState = iota
//BondStateBackup Link is backup.
BondStateBackup
)
func (s BondSlaveState) String() string
BondXmitHashPolicy type
type BondXmitHashPolicy int
Possible BondXmitHashPolicy value
const (
BOND_XMIT_HASH_POLICY_LAYER2 BondXmitHashPolicy = iota
BOND_XMIT_HASH_POLICY_LAYER3_4
BOND_XMIT_HASH_POLICY_LAYER2_3
BOND_XMIT_HASH_POLICY_ENCAP2_3
BOND_XMIT_HASH_POLICY_ENCAP3_4
BOND_XMIT_HASH_POLICY_VLAN_SRCMAC
BOND_XMIT_HASH_POLICY_UNKNOWN
)
func StringToBondXmitHashPolicy(s string) BondXmitHashPolicy
StringToBondXmitHashPolicy returns bond lacp arte, or unknown is the s is invalid.
func (b BondXmitHashPolicy) String() string
type BpfAction struct {
ActionAttrs
Fd int
Name string
}
func (action *BpfAction) Attrs() *ActionAttrs
func (action *BpfAction) Type() string
type BpfEncap struct {
// contains filtered or unexported fields
}
func (e *BpfEncap) Decode(buf []byte) error
func (e *BpfEncap) Encode() ([]byte, error)
func (e *BpfEncap) Equal(x Encap) bool
func (e *BpfEncap) SetProg(mode, progFd int, progName string) error
SetProg adds a bpf function to the route via netlink RTA_ENCAP. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_LWT_*) matching the direction the program should be applied to (LWT_BPF_IN, LWT_BPF_OUT, LWT_BPF_XMIT).
func (e *BpfEncap) SetXmitHeadroom(headroom int) error
SetXmitHeadroom sets the xmit headroom (LWT_BPF_MAX_HEADROOM) via netlink RTA_ENCAP. maximum headroom is LWT_BPF_MAX_HEADROOM
func (e *BpfEncap) String() string
func (e *BpfEncap) Type() int
type BpfFilter struct {
FilterAttrs
ClassId uint32
Fd int
Name string
DirectAction bool
Id int
Tag string
}
func (filter *BpfFilter) Attrs() *FilterAttrs
func (filter *BpfFilter) Type() string
type BpfProgType uint32
const (
BPF_PROG_TYPE_UNSPEC BpfProgType = iota
BPF_PROG_TYPE_SOCKET_FILTER
BPF_PROG_TYPE_KPROBE
BPF_PROG_TYPE_SCHED_CLS
BPF_PROG_TYPE_SCHED_ACT
BPF_PROG_TYPE_TRACEPOINT
BPF_PROG_TYPE_XDP
BPF_PROG_TYPE_PERF_EVENT
BPF_PROG_TYPE_CGROUP_SKB
BPF_PROG_TYPE_CGROUP_SOCK
BPF_PROG_TYPE_LWT_IN
BPF_PROG_TYPE_LWT_OUT
BPF_PROG_TYPE_LWT_XMIT
BPF_PROG_TYPE_SOCK_OPS
BPF_PROG_TYPE_SK_SKB
BPF_PROG_TYPE_CGROUP_DEVICE
BPF_PROG_TYPE_SK_MSG
BPF_PROG_TYPE_RAW_TRACEPOINT
BPF_PROG_TYPE_CGROUP_SOCK_ADDR
BPF_PROG_TYPE_LWT_SEG6LOCAL
BPF_PROG_TYPE_LIRC_MODE2
BPF_PROG_TYPE_SK_REUSEPORT
BPF_PROG_TYPE_FLOW_DISSECTOR
BPF_PROG_TYPE_CGROUP_SYSCTL
BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE
BPF_PROG_TYPE_CGROUP_SOCKOPT
BPF_PROG_TYPE_TRACING
BPF_PROG_TYPE_STRUCT_OPS
BPF_PROG_TYPE_EXT
BPF_PROG_TYPE_LSM
BPF_PROG_TYPE_SK_LOOKUP
)
Bridge links are simple linux bridges
type Bridge struct {
LinkAttrs
MulticastSnooping *bool
AgeingTime *uint32
HelloTime *uint32
VlanFiltering *bool
VlanDefaultPVID *uint16
GroupFwdMask *uint16
}
func (bridge *Bridge) Attrs() *LinkAttrs
func (bridge *Bridge) Type() string
type Can struct {
LinkAttrs
BitRate uint32
SamplePoint uint32
TimeQuanta uint32
PropagationSegment uint32
PhaseSegment1 uint32
PhaseSegment2 uint32
SyncJumpWidth uint32
BitRatePreScaler uint32
Name string
TimeSegment1Min uint32
TimeSegment1Max uint32
TimeSegment2Min uint32
TimeSegment2Max uint32
SyncJumpWidthMax uint32
BitRatePreScalerMin uint32
BitRatePreScalerMax uint32
BitRatePreScalerInc uint32
ClockFrequency uint32
State uint32
Mask uint32
Flags uint32
TxError uint16
RxError uint16
RestartMs uint32
}
func (can *Can) Attrs() *LinkAttrs
func (can *Can) Type() string
Chain contains the attributes of a Chain
type Chain struct {
Parent uint32
Chain uint32
}
func ChainList(link Link, parent uint32) ([]Chain, error)
ChainList gets a list of chains in the system. Equivalent to: `tc chain list`. The list can be filtered by link.
func NewChain(parent uint32, chain uint32) Chain
func (c Chain) String() string
Class interfaces for all classes
type Class interface {
Attrs() *ClassAttrs
Type() string
}
func ClassList(link Link, parent uint32) ([]Class, error)
ClassList gets a list of classes in the system. Equivalent to: `tc class show`. Generally returns nothing if link and parent are not specified.
ClassAttrs represents a netlink class. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.
type ClassAttrs struct {
LinkIndex int
Handle uint32
Parent uint32
Leaf uint32
Statistics *ClassStatistics
}
func (q ClassAttrs) String() string
ClassStatistics representation based on generic networking statistics for netlink. See Documentation/networking/gen_stats.txt in Linux source code for more details.
type ClassStatistics struct {
Basic *GnetStatsBasic
Queue *GnetStatsQueue
RateEst *GnetStatsRateEst
BasicHw *GnetStatsBasic // Hardward statistics added in kernel 4.20
}
func NewClassStatistics() *ClassStatistics
NewClassStatistics Construct a ClassStatistics struct which fields are all initialized by 0.
Clsact is a qdisc for adding filters
type Clsact struct {
QdiscAttrs
}
func (qdisc *Clsact) Attrs() *QdiscAttrs
func (qdisc *Clsact) Type() string
type CommProcEvent struct {
ProcessPid uint32
ProcessTgid uint32
Comm [16]byte
}
func (e *CommProcEvent) Pid() uint32
func (e *CommProcEvent) Tgid() uint32
type ConnmarkAction struct {
ActionAttrs
Zone uint16
}
func NewConnmarkAction() *ConnmarkAction
func (action *ConnmarkAction) Attrs() *ActionAttrs
func (action *ConnmarkAction) Type() string
type ConntrackFilter struct {
// contains filtered or unexported fields
}
func (f *ConntrackFilter) AddIP(tp ConntrackFilterType, ip net.IP) error
AddIP adds an IP to the conntrack filter
func (f *ConntrackFilter) AddIPNet(tp ConntrackFilterType, ipNet *net.IPNet) error
AddIPNet adds a IP subnet to the conntrack filter
func (f *ConntrackFilter) AddLabels(tp ConntrackFilterType, labels [][]byte) error
AddLabels adds the provided list (zero or more) of labels to the conntrack filter ConntrackFilterType here can be either:
func (f *ConntrackFilter) AddPort(tp ConntrackFilterType, port uint16) error
AddPort adds a Port to the conntrack filter if the Layer 4 protocol allows it
func (f *ConntrackFilter) AddProtocol(proto uint8) error
AddProtocol adds the Layer 4 protocol to the conntrack filter
func (f *ConntrackFilter) AddZone(zone uint16) error
AddZone adds a zone to the conntrack filter
func (f *ConntrackFilter) MatchConntrackFlow(flow *ConntrackFlow) bool
MatchConntrackFlow applies the filter to the flow and returns true if the flow matches the filter false otherwise
Filter types
type ConntrackFilterType uint8
type ConntrackFlow struct {
FamilyType uint8
Forward IPTuple
Reverse IPTuple
Mark uint32
Zone uint16
TimeStart uint64
TimeStop uint64
TimeOut uint32
Labels []byte
ProtoInfo ProtoInfo
}
func ConntrackTableList(table ConntrackTableType, family InetFamily) ([]*ConntrackFlow, error)
ConntrackTableList returns the flow list of a table of a specific family conntrack -L [table] [options] List conntrack or expectation table
func (s *ConntrackFlow) String() string
ConntrackTableType Conntrack table for the netlink operation
type ConntrackTableType uint8
type CsumAction struct {
ActionAttrs
UpdateFlags CsumUpdateFlags
}
func NewCsumAction() *CsumAction
func (action *CsumAction) Attrs() *ActionAttrs
func (action *CsumAction) Type() string
type CsumUpdateFlags uint32
const (
TCA_CSUM_UPDATE_FLAG_IPV4HDR CsumUpdateFlags = 1
TCA_CSUM_UPDATE_FLAG_ICMP CsumUpdateFlags = 2
TCA_CSUM_UPDATE_FLAG_IGMP CsumUpdateFlags = 4
TCA_CSUM_UPDATE_FLAG_TCP CsumUpdateFlags = 8
TCA_CSUM_UPDATE_FLAG_UDP CsumUpdateFlags = 16
TCA_CSUM_UPDATE_FLAG_UDPLITE CsumUpdateFlags = 32
TCA_CSUM_UPDATE_FLAG_SCTP CsumUpdateFlags = 64
)
type CustomConntrackFilter interface {
// MatchConntrackFlow applies the filter to the flow and returns true if the flow matches
// the filter or false otherwise
MatchConntrackFlow(flow *ConntrackFlow) bool
}
type Destination interface {
Family() int
Decode([]byte) error
Encode() ([]byte, error)
String() string
Equal(Destination) bool
}
type DevLinkPortAddAttrs struct {
Controller uint32
SfNumber uint32
PortIndex uint32
PfNumber uint16
SfNumberValid bool
PortIndexValid bool
ControllerValid bool
}
Device links cannot be created via netlink. These links are links created by udev like 'lo' and 'etho0'
type Device struct {
LinkAttrs
}
func (device *Device) Attrs() *LinkAttrs
func (device *Device) Type() string
DevlinkDevAttrs represents device attributes
type DevlinkDevAttrs struct {
Eswitch DevlinkDevEswitchAttr
}
DevlinkDevEswitchAttr represents device's eswitch attributes
type DevlinkDevEswitchAttr struct {
Mode string
InlineMode string
EncapMode string
}
DevlinkDevice represents device and its attributes
type DevlinkDevice struct {
BusName string
DeviceName string
Attrs DevlinkDevAttrs
}
func DevLinkGetDeviceByName(Bus string, Device string) (*DevlinkDevice, error)
DevlinkGetDeviceByName provides a pointer to devlink device and nil error, otherwise returns an error code.
func DevLinkGetDeviceList() ([]*DevlinkDevice, error)
DevLinkGetDeviceList provides a pointer to devlink devices and nil error, otherwise returns an error code.
func (d *DevlinkDevice) GetDevlinkInfo() (*DevlinkDeviceInfo, error)
GetDevlinkInfo returns devlink info for target device, otherwise returns an error code.
func (d *DevlinkDevice) GetDevlinkInfoAsMap() (map[string]string, error)
GetDevlinkInfoAsMap returns devlink info for target device as a map, otherwise returns an error code.
DevlinkDeviceInfo represents devlink info
type DevlinkDeviceInfo struct {
Driver string
SerialNumber string
BoardID string
FwApp string
FwAppBoundleID string
FwAppName string
FwBoundleID string
FwMgmt string
FwMgmtAPI string
FwMgmtBuild string
FwNetlist string
FwNetlistBuild string
FwPsidAPI string
FwUndi string
}
func DevlinkGetDeviceInfoByName(Bus string, Device string) (*DevlinkDeviceInfo, error)
DevlinkGetDeviceInfoByName returns devlink info for selected device, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
DevlinkParam represents parameter of the device
type DevlinkParam struct {
Name string
IsGeneric bool
Type uint8 // possible values are in nl.DEVLINK_PARAM_TYPE_* constants
Values []DevlinkParamValue
}
func DevlinkGetDeviceParamByName(bus string, device string, param string) (*DevlinkParam, error)
DevlinkGetDeviceParamByName returns specific parameter for devlink device Equivalent to: `devlink dev param show <bus>/<device> name <param>`
func DevlinkGetDeviceParams(bus string, device string) ([]*DevlinkParam, error)
DevlinkGetDeviceParams returns parameters for devlink device Equivalent to: `devlink dev param show <bus>/<device>`
DevlinkParamValue contains values of the parameter Data field contains specific type which can be casted by unsing info from the DevlinkParam.Type field
type DevlinkParamValue struct {
Data interface{}
CMODE uint8 // possible values are in nl.DEVLINK_PARAM_CMODE_* constants
// contains filtered or unexported fields
}
DevlinkPort represents port and its attributes
type DevlinkPort struct {
BusName string
DeviceName string
PortIndex uint32
PortType uint16
NetdeviceName string
NetdevIfIndex uint32
RdmaDeviceName string
PortFlavour uint16
Fn *DevlinkPortFn
}
func DevLinkGetAllPortList() ([]*DevlinkPort, error)
DevLinkGetPortList provides a pointer to devlink ports and nil error, otherwise returns an error code.
func DevLinkGetPortByIndex(Bus string, Device string, PortIndex uint32) (*DevlinkPort, error)
DevLinkGetPortByIndex provides a pointer to devlink portand nil error, otherwise returns an error code.
func DevLinkPortAdd(Bus string, Device string, Flavour uint16, Attrs DevLinkPortAddAttrs) (*DevlinkPort, error)
DevLinkPortAdd adds a devlink port and returns a port on success otherwise returns nil port and an error code.
DevlinkPortFn represents port function and its attributes
type DevlinkPortFn struct {
HwAddr net.HardwareAddr
State uint8
OpState uint8
}
DevlinkPortFnSetAttrs represents attributes to set
type DevlinkPortFnSetAttrs struct {
FnAttrs DevlinkPortFn
HwAddrValid bool
StateValid bool
}
DevlinkResource represents a device resource
type DevlinkResource struct {
Name string
ID uint64
Size uint64
SizeNew uint64
SizeMin uint64
SizeMax uint64
SizeGranularity uint64
PendingChange bool
Unit uint8
SizeValid bool
OCCValid bool
OCCSize uint64
Parent *DevlinkResource
Children []DevlinkResource
}
DevlinkResources represents all devlink resources of a devlink device
type DevlinkResources struct {
Bus string
Device string
Resources []DevlinkResource
}
func DevlinkGetDeviceResources(bus string, device string) (*DevlinkResources, error)
DevlinkGetDeviceResources returns devlink device resources
Dir is an enum representing an ipsec template direction.
type Dir uint8
const (
XFRM_DIR_IN Dir = iota
XFRM_DIR_OUT
XFRM_DIR_FWD
XFRM_SOCKET_IN
XFRM_SOCKET_OUT
XFRM_SOCKET_FWD
)
func (d Dir) String() string
Dummy links are dummy ethernet devices
type Dummy struct {
LinkAttrs
}
func (dummy *Dummy) Attrs() *LinkAttrs
func (dummy *Dummy) Type() string
type Encap interface {
Type() int
Decode([]byte) error
Encode() ([]byte, error)
String() string
Equal(Encap) bool
}
EncapType is an enum representing the optional packet encapsulation.
type EncapType uint8
const (
XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1
XFRM_ENCAP_ESPINUDP
)
func (e EncapType) String() string
type ExecProcEvent struct {
ProcessPid uint32
ProcessTgid uint32
}
func (e *ExecProcEvent) Pid() uint32
func (e *ExecProcEvent) Tgid() uint32
type ExitProcEvent struct {
ProcessPid uint32
ProcessTgid uint32
ExitCode uint32
ExitSignal uint32
ParentPid uint32
ParentTgid uint32
}
func (e *ExitProcEvent) Pid() uint32
func (e *ExitProcEvent) Tgid() uint32
type Filter interface {
Attrs() *FilterAttrs
Type() string
}
func FilterList(link Link, parent uint32) ([]Filter, error)
FilterList gets a list of filters in the system. Equivalent to: `tc filter show`. Generally returns nothing if link and parent are not specified.
FilterAttrs represents a netlink filter. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.
type FilterAttrs struct {
LinkIndex int
Handle uint32
Parent uint32
Priority uint16 // lower is higher priority
Protocol uint16 // unix.ETH_P_*
Chain *uint32
}
func (q FilterAttrs) String() string
type Flower struct {
FilterAttrs
DestIP net.IP
DestIPMask net.IPMask
SrcIP net.IP
SrcIPMask net.IPMask
EthType uint16
EncDestIP net.IP
EncDestIPMask net.IPMask
EncSrcIP net.IP
EncSrcIPMask net.IPMask
EncDestPort uint16
EncKeyId uint32
SkipHw bool
SkipSw bool
IPProto *nl.IPProto
DestPort uint16
SrcPort uint16
Actions []Action
}
func (filter *Flower) Attrs() *FilterAttrs
func (filter *Flower) Type() string
type ForkProcEvent struct {
ParentPid uint32
ParentTgid uint32
ChildPid uint32
ChildTgid uint32
}
func (e *ForkProcEvent) Pid() uint32
func (e *ForkProcEvent) Tgid() uint32
type Fou struct {
Family int
Port int
Protocol int
EncapType int
}
func FouList(fam int) ([]Fou, error)
Fq is a classless packet scheduler meant to be mostly used for locally generated traffic.
type Fq struct {
QdiscAttrs
PacketLimit uint32
FlowPacketLimit uint32
// In bytes
Quantum uint32
InitialQuantum uint32
// called RateEnable under the hood
Pacing uint32
FlowDefaultRate uint32
FlowMaxRate uint32
// called BucketsLog under the hood
Buckets uint32
FlowRefillDelay uint32
LowRateThreshold uint32
Horizon uint32
HorizonDropPolicy uint8
}
func NewFq(attrs QdiscAttrs) *Fq
func (qdisc *Fq) Attrs() *QdiscAttrs
func (fq *Fq) String() string
func (qdisc *Fq) Type() string
FQ_Codel (Fair Queuing Controlled Delay) is queuing discipline that combines Fair Queuing with the CoDel AQM scheme.
type FqCodel struct {
QdiscAttrs
Target uint32
Limit uint32
Interval uint32
ECN uint32
Flows uint32
Quantum uint32
CEThreshold uint32
DropBatchSize uint32
MemoryLimit uint32
}
func NewFqCodel(attrs QdiscAttrs) *FqCodel
func (qdisc *FqCodel) Attrs() *QdiscAttrs
func (fqcodel *FqCodel) String() string
func (qdisc *FqCodel) Type() string
type FwFilter struct {
FilterAttrs
ClassId uint32
InDev string
Mask uint32
Police *PoliceAction
Actions []Action
}
func (filter *FwFilter) Attrs() *FilterAttrs
func (filter *FwFilter) Type() string
type GTP struct {
LinkAttrs
FD0 int
FD1 int
Role int
PDPHashsize int
}
func (gtp *GTP) Attrs() *LinkAttrs
func (gtp *GTP) Type() string
type GenericAction struct {
ActionAttrs
Chain int32
}
func (action *GenericAction) Attrs() *ActionAttrs
func (action *GenericAction) Type() string
GenericClass classes represent types that are not currently understood by this netlink library.
type GenericClass struct {
ClassAttrs
ClassType string
}
func (class *GenericClass) Attrs() *ClassAttrs
Attrs return the class attributes
func (class *GenericClass) Type() string
Type return the class type
GenericFilter filters represent types that are not currently understood by this netlink library.
type GenericFilter struct {
FilterAttrs
FilterType string
}
func (filter *GenericFilter) Attrs() *FilterAttrs
func (filter *GenericFilter) Type() string
GenericLink links represent types that are not currently understood by this netlink library.
type GenericLink struct {
LinkAttrs
LinkType string
}
func (generic *GenericLink) Attrs() *LinkAttrs
func (generic *GenericLink) Type() string
GenericQdisc qdiscs represent types that are not currently understood by this netlink library.
type GenericQdisc struct {
QdiscAttrs
QdiscType string
}
func (qdisc *GenericQdisc) Attrs() *QdiscAttrs
func (qdisc *GenericQdisc) Type() string
Geneve devices must specify RemoteIP and ID (VNI) on create https://github.com/torvalds/linux/blob/47ec5303d73ea344e84f46660fff693c57641386/drivers/net/geneve.c#L1209-L1223
type Geneve struct {
LinkAttrs
ID uint32 // vni
Remote net.IP
Ttl uint8
Tos uint8
Dport uint16
UdpCsum uint8
UdpZeroCsum6Tx uint8
UdpZeroCsum6Rx uint8
Link uint32
FlowBased bool
InnerProtoInherit bool
Df GeneveDf
}
func (geneve *Geneve) Attrs() *LinkAttrs
func (geneve *Geneve) Type() string
type GeneveDf uint8
const (
GENEVE_DF_UNSET GeneveDf = iota
GENEVE_DF_SET
GENEVE_DF_INHERIT
GENEVE_DF_MAX
)
type GenlFamily struct {
ID uint16
HdrSize uint32
Name string
Version uint32
MaxAttr uint32
Ops []GenlOp
Groups []GenlMulticastGroup
}
func GenlFamilyGet(name string) (*GenlFamily, error)
func GenlFamilyList() ([]*GenlFamily, error)
type GenlMulticastGroup struct {
ID uint32
Name string
}
type GenlOp struct {
ID uint32
Flags uint32
}
GnetStatsBasic Ref: struct gnet_stats_basic { ... }
type GnetStatsBasic struct {
Bytes uint64 // number of seen bytes
Packets uint32 // number of seen packets
}
GnetStatsQueue Ref: struct gnet_stats_queue { ... }
type GnetStatsQueue struct {
Qlen uint32 // queue length
Backlog uint32 // backlog size of queue
Drops uint32 // number of dropped packets
Requeues uint32 // number of requues
Overlimits uint32 // number of enqueues over the limit
}
GnetStatsRateEst Ref: struct gnet_stats_rate_est { ... }
type GnetStatsRateEst struct {
Bps uint32 // current byte rate
Pps uint32 // current packet rate
}
GnetStatsRateEst64 Ref: struct gnet_stats_rate_est64 { ... }
type GnetStatsRateEst64 struct {
Bps uint64 // current byte rate
Pps uint64 // current packet rate
}
Gretap devices must specify LocalIP and RemoteIP on create
type Gretap struct {
LinkAttrs
IKey uint32
OKey uint32
EncapSport uint16
EncapDport uint16
Local net.IP
Remote net.IP
IFlags uint16
OFlags uint16
PMtuDisc uint8
Ttl uint8
Tos uint8
EncapType uint16
EncapFlags uint16
Link uint32
FlowBased bool
}
func (gretap *Gretap) Attrs() *LinkAttrs
func (gretap *Gretap) Type() string
type Gretun struct {
LinkAttrs
Link uint32
IFlags uint16
OFlags uint16
IKey uint32
OKey uint32
Local net.IP
Remote net.IP
Ttl uint8
Tos uint8
PMtuDisc uint8
EncapType uint16
EncapFlags uint16
EncapSport uint16
EncapDport uint16
FlowBased bool
}
func (gretun *Gretun) Attrs() *LinkAttrs
func (gretun *Gretun) Type() string
Handle is an handle for the netlink requests on a specific network namespace. All the requests on the same netlink family share the same netlink socket, which gets released when the handle is Close'd.
type Handle struct {
// contains filtered or unexported fields
}
func NewHandle(nlFamilies ...int) (*Handle, error)
NewHandle returns a netlink handle on the current network namespace. Caller may specify the netlink families the handle should support. If no families are specified, all the families the netlink package supports will be automatically added.
func NewHandleAt(ns netns.NsHandle, nlFamilies ...int) (*Handle, error)
NewHandleAt returns a netlink handle on the network namespace specified by ns. If ns=netns.None(), current network namespace will be assumed
func NewHandleAtFrom(newNs, curNs netns.NsHandle) (*Handle, error)
NewHandleAtFrom works as NewHandle but allows client to specify the new and the origin netns Handle.
func (h *Handle) AddrAdd(link Link, addr *Addr) error
AddrAdd will add an IP address to a link device.
Equivalent to: `ip addr add $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger.
func (h *Handle) AddrDel(link Link, addr *Addr) error
AddrDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger.
func (h *Handle) AddrList(link Link, family int) ([]Addr, error)
AddrList gets a list of IP addresses in the system. Equivalent to: `ip addr show`. The list can be filtered by link and ip family.
func (h *Handle) AddrReplace(link Link, addr *Addr) error
AddrReplace will replace (or, if not present, add) an IP address on a link device.
Equivalent to: `ip addr replace $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger.
func (h *Handle) BridgeSetMcastSnoop(link Link, on bool) error
func (h *Handle) BridgeSetVlanDefaultPVID(link Link, pvid uint16) error
func (h *Handle) BridgeSetVlanFiltering(link Link, on bool) error
func (h *Handle) BridgeVlanAdd(link Link, vid uint16, pvid, untagged, self, master bool) error
BridgeVlanAdd adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func (h *Handle) BridgeVlanAddRange(link Link, vid, vidEnd uint16, pvid, untagged, self, master bool) error
BridgeVlanAddRange adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func (h *Handle) BridgeVlanDel(link Link, vid uint16, pvid, untagged, self, master bool) error
BridgeVlanDel adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func (h *Handle) BridgeVlanDelRange(link Link, vid, vidEnd uint16, pvid, untagged, self, master bool) error
BridgeVlanDelRange adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func (h *Handle) BridgeVlanList() (map[int32][]*nl.BridgeVlanInfo, error)
BridgeVlanList gets a map of device id to bridge vlan infos. Equivalent to: `bridge vlan show`
func (h *Handle) ChainAdd(link Link, chain Chain) error
ChainAdd will add a chain to the system. Equivalent to: `tc chain add`
func (h *Handle) ChainDel(link Link, chain Chain) error
ChainDel will delete a chain from the system. Equivalent to: `tc chain del $chain`
func (h *Handle) ChainList(link Link, parent uint32) ([]Chain, error)
ChainList gets a list of chains in the system. Equivalent to: `tc chain list`. The list can be filtered by link.
func (h *Handle) ClassAdd(class Class) error
ClassAdd will add a class to the system. Equivalent to: `tc class add $class`
func (h *Handle) ClassChange(class Class) error
ClassChange will change a class in place Equivalent to: `tc class change $class` The parent and handle MUST NOT be changed.
func (h *Handle) ClassDel(class Class) error
ClassDel will delete a class from the system. Equivalent to: `tc class del $class`
func (h *Handle) ClassList(link Link, parent uint32) ([]Class, error)
ClassList gets a list of classes in the system. Equivalent to: `tc class show`. Generally returns nothing if link and parent are not specified.
func (h *Handle) ClassReplace(class Class) error
ClassReplace will replace a class to the system. quivalent to: `tc class replace $class` The handle MAY be changed. If a class already exist with this parent/handle pair, the class is changed. If a class does not already exist with this parent/handle, a new class is created.
func (h *Handle) Close()
Close releases the resources allocated to this handle
func (h *Handle) ConntrackCreate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error
ConntrackCreate creates a new conntrack flow in the desired table using the handle conntrack -I [table] Create a conntrack or expectation
func (h *Handle) ConntrackDeleteFilter(table ConntrackTableType, family InetFamily, filter CustomConntrackFilter) (uint, error)
ConntrackDeleteFilter deletes entries on the specified table on the base of the filter using the netlink handle passed conntrack -D [table] parameters Delete conntrack or expectation
Deprecated: use Handle.ConntrackDeleteFilters instead.
func (h *Handle) ConntrackDeleteFilters(table ConntrackTableType, family InetFamily, filters ...CustomConntrackFilter) (uint, error)
ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters using the netlink handle passed conntrack -D [table] parameters Delete conntrack or expectation
func (h *Handle) ConntrackTableFlush(table ConntrackTableType) error
ConntrackTableFlush flushes all the flows of a specified table using the netlink handle passed conntrack -F [table] Flush table The flush operation applies to all the family types
func (h *Handle) ConntrackTableList(table ConntrackTableType, family InetFamily) ([]*ConntrackFlow, error)
ConntrackTableList returns the flow list of a table of a specific family using the netlink handle passed conntrack -L [table] [options] List conntrack or expectation table
func (h *Handle) ConntrackUpdate(table ConntrackTableType, family InetFamily, flow *ConntrackFlow) error
ConntrackUpdate updates an existing conntrack flow in the desired table using the handle conntrack -U [table] Update a conntrack
func (h *Handle) Delete()
Delete releases the resources allocated to this handle
Deprecated: use Close instead which is in line with typical resource release patterns for files and other resources.
func (h *Handle) DevLinkGetAllPortList() ([]*DevlinkPort, error)
DevLinkGetPortList provides a pointer to devlink ports and nil error, otherwise returns an error code.
func (h *Handle) DevLinkGetDeviceByName(Bus string, Device string) (*DevlinkDevice, error)
DevlinkGetDeviceByName provides a pointer to devlink device and nil error, otherwise returns an error code.
func (h *Handle) DevLinkGetDeviceList() ([]*DevlinkDevice, error)
DevLinkGetDeviceList provides a pointer to devlink devices and nil error, otherwise returns an error code.
func (h *Handle) DevLinkGetPortByIndex(Bus string, Device string, PortIndex uint32) (*DevlinkPort, error)
DevLinkGetPortByIndexprovides a pointer to devlink device and nil error, otherwise returns an error code.
func (h *Handle) DevLinkPortAdd(Bus string, Device string, Flavour uint16, Attrs DevLinkPortAddAttrs) (*DevlinkPort, error)
DevLinkPortAdd adds a devlink port and returns a port on success otherwise returns nil port and an error code.
func (h *Handle) DevLinkPortDel(Bus string, Device string, PortIndex uint32) error
DevLinkPortDel deletes a devlink port and returns success or error code.
func (h *Handle) DevLinkSetEswitchMode(Dev *DevlinkDevice, NewMode string) error
DevLinkSetEswitchMode sets eswitch mode if able to set successfully or returns an error code. Equivalent to: `devlink dev eswitch set $dev mode switchdev` Equivalent to: `devlink dev eswitch set $dev mode legacy`
func (h *Handle) DevlinkGetDeviceInfoByName(Bus string, Device string, getInfoMsg devlinkInfoGetter) (*DevlinkDeviceInfo, error)
DevlinkGetDeviceInfoByName returns devlink info for selected device, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
func (h *Handle) DevlinkGetDeviceInfoByNameAsMap(Bus string, Device string, getInfoMsg devlinkInfoGetter) (map[string]string, error)
DevlinkGetDeviceInfoByNameAsMap returns devlink info for selected device as a map, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
func (h *Handle) DevlinkGetDeviceParamByName(bus string, device string, param string) (*DevlinkParam, error)
DevlinkGetDeviceParamByName returns specific parameter for devlink device Equivalent to: `devlink dev param show <bus>/<device> name <param>`
func (h *Handle) DevlinkGetDeviceParams(bus string, device string) ([]*DevlinkParam, error)
DevlinkGetDeviceParams returns parameters for devlink device Equivalent to: `devlink dev param show <bus>/<device>`
func (h *Handle) DevlinkGetDeviceResources(bus string, device string) (*DevlinkResources, error)
DevlinkGetDeviceResources returns devlink device resources
func (h *Handle) DevlinkPortFnSet(Bus string, Device string, PortIndex uint32, FnAttrs DevlinkPortFnSetAttrs) error
DevlinkPortFnSet sets one or more port function attributes specified by the attribute mask. It returns 0 on success or error code.
func (h *Handle) DevlinkSetDeviceParam(bus string, device string, param string, cmode uint8, value interface{}) error
DevlinkSetDeviceParam set specific parameter for devlink device Equivalent to: `devlink dev param set <bus>/<device> name <param> cmode <cmode> value <value>` cmode argument should contain valid cmode value as uint8, modes are define in nl.DEVLINK_PARAM_CMODE_* constants value argument should have one of the following types: uint8, uint16, uint32, string, bool
func (h *Handle) FilterAdd(filter Filter) error
FilterAdd will add a filter to the system. Equivalent to: `tc filter add $filter`
func (h *Handle) FilterDel(filter Filter) error
FilterDel will delete a filter from the system. Equivalent to: `tc filter del $filter`
func (h *Handle) FilterList(link Link, parent uint32) ([]Filter, error)
FilterList gets a list of filters in the system. Equivalent to: `tc filter show`. Generally returns nothing if link and parent are not specified.
func (h *Handle) FilterReplace(filter Filter) error
FilterReplace will replace a filter. Equivalent to: `tc filter replace $filter`
func (h *Handle) FouAdd(f Fou) error
func (h *Handle) FouDel(f Fou) error
func (h *Handle) FouList(fam int) ([]Fou, error)
func (h *Handle) GTPPDPAdd(link Link, pdp *PDP) error
func (h *Handle) GTPPDPByITEI(link Link, itei int) (*PDP, error)
func (h *Handle) GTPPDPByMSAddress(link Link, addr net.IP) (*PDP, error)
func (h *Handle) GTPPDPByTID(link Link, tid int) (*PDP, error)
func (h *Handle) GTPPDPDel(link Link, pdp *PDP) error
func (h *Handle) GTPPDPList() ([]*PDP, error)
func (h *Handle) GenlFamilyGet(name string) (*GenlFamily, error)
func (h *Handle) GenlFamilyList() ([]*GenlFamily, error)
func (h *Handle) GetNetNsIdByFd(fd int) (int, error)
GetNetNsIdByFd looks up the network namespace ID for a given fd. fd must be an open file descriptor to a namespace file. Returns -1 if the namespace does not have an ID set.
func (h *Handle) GetNetNsIdByPid(pid int) (int, error)
GetNetNsIdByPid looks up the network namespace ID for a given pid (really thread id). Returns -1 if the namespace does not have an ID set.
func (h *Handle) GetSocketReceiveBufferSize() ([]int, error)
GetSocketReceiveBufferSize gets the receiver buffer size for each socket in the netlink handle. The retrieved value should be the double to the one set for SetSocketReceiveBufferSize.
func (h *Handle) IpsetAdd(setname string, entry *IPSetEntry) error
IpsetAdd adds an entry to an existing ipset.
func (h *Handle) IpsetCreate(setname, typename string, options IpsetCreateOptions) error
func (h *Handle) IpsetDel(setname string, entry *IPSetEntry) error
IpsetDel deletes an entry from an existing ipset.
func (h *Handle) IpsetDestroy(setname string) error
func (h *Handle) IpsetFlush(setname string) error
func (h *Handle) IpsetList(name string) (*IPSetResult, error)
func (h *Handle) IpsetListAll() ([]IPSetResult, error)
func (h *Handle) IpsetProtocol() (protocol uint8, minVersion uint8, err error)
func (h *Handle) IpsetSwap(setname, othersetname string) error
func (h *Handle) IpsetTest(setname string, entry *IPSetEntry) (bool, error)
func (h *Handle) LinkAdd(link Link) error
LinkAdd adds a new link device. The type and features of the device are taken from the parameters in the link object. Equivalent to: `ip link add $link`
func (h *Handle) LinkAddAltName(link Link, name string) error
LinkAddAltName adds a new alternative name for the link device. Equivalent to: `ip link property add $link altname $name`
func (h *Handle) LinkByAlias(alias string) (Link, error)
LinkByAlias finds a link by its alias and returns a pointer to the object. If there are multiple links with the alias it returns the first one
func (h *Handle) LinkByIndex(index int) (Link, error)
LinkByIndex finds a link by index and returns a pointer to the object.
func (h *Handle) LinkByName(name string) (Link, error)
LinkByName finds a link by name and returns a pointer to the object.
func (h *Handle) LinkDel(link Link) error
LinkDel deletes link device. Either Index or Name must be set in the link object for it to be deleted. The other values are ignored. Equivalent to: `ip link del $link`
func (h *Handle) LinkDelAltName(link Link, name string) error
LinkDelAltName delete an alternative name for the link device. Equivalent to: `ip link property del $link altname $name`
func (h *Handle) LinkGetProtinfo(link Link) (Protinfo, error)
func (h *Handle) LinkList() ([]Link, error)
LinkList gets a list of link devices. Equivalent to: `ip link show`
func (h *Handle) LinkModify(link Link) error
func (h *Handle) LinkSetARPOff(link Link) error
func (h *Handle) LinkSetARPOn(link Link) error
func (h *Handle) LinkSetAlias(link Link, name string) error
LinkSetAlias sets the alias of the link device. Equivalent to: `ip link set dev $link alias $name`
func (h *Handle) LinkSetAllmulticastOff(link Link) error
LinkSetAllmulticastOff disables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast off`
func (h *Handle) LinkSetAllmulticastOn(link Link) error
LinkSetAllmulticastOn enables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast on`
func (h *Handle) LinkSetBRSlaveGroupFwdMask(link Link, mask uint16) error
LinkSetBRSlaveGroupFwdMask set the group_fwd_mask of a bridge slave interface
func (h *Handle) LinkSetBondSlaveQueueId(link Link, queueId uint16) error
LinkSetBondSlaveQueueId modify bond slave queue-id.
func (h *Handle) LinkSetBrNeighSuppress(link Link, mode bool) error
func (h *Handle) LinkSetBrProxyArp(link Link, mode bool) error
func (h *Handle) LinkSetBrProxyArpWiFi(link Link, mode bool) error
func (h *Handle) LinkSetDown(link Link) error
LinkSetDown disables link device. Equivalent to: `ip link set $link down`
func (h *Handle) LinkSetFastLeave(link Link, mode bool) error
func (h *Handle) LinkSetFlood(link Link, mode bool) error
func (h *Handle) LinkSetGROIPv4MaxSize(link Link, maxSize int) error
LinkSetGROIPv4MaxSize sets the IPv4 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_ipv4_max_size $maxSize`
func (h *Handle) LinkSetGROMaxSize(link Link, maxSize int) error
LinkSetGROMaxSize sets the IPv6 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_max_size $maxSize`
func (h *Handle) LinkSetGSOIPv4MaxSize(link Link, maxSize int) error
LinkSetGSOIPv4MaxSize sets the IPv4 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_ipv4_max_size $maxSize`
func (h *Handle) LinkSetGSOMaxSegs(link Link, maxSize int) error
LinkSetGSOMaxSegs sets the GSO maximum segment count of the link device. Equivalent to: `ip link set $link gso_max_segs $maxSegs`
func (h *Handle) LinkSetGSOMaxSize(link Link, maxSize int) error
LinkSetGSOMaxSize sets the IPv6 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_max_size $maxSize`
func (h *Handle) LinkSetGroup(link Link, group int) error
LinkSetGroup sets the link group id which can be used to perform mass actions with iproute2 as well use it as a reference in nft filters. Equivalent to: `ip link set $link group $id`
func (h *Handle) LinkSetGuard(link Link, mode bool) error
func (h *Handle) LinkSetHairpin(link Link, mode bool) error
func (h *Handle) LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error
LinkSetHardwareAddr sets the hardware address of the link device. Equivalent to: `ip link set $link address $hwaddr`
func (h *Handle) LinkSetIsolated(link Link, mode bool) error
func (h *Handle) LinkSetLearning(link Link, mode bool) error
func (h *Handle) LinkSetMTU(link Link, mtu int) error
LinkSetMTU sets the mtu of the link device. Equivalent to: `ip link set $link mtu $mtu`
func (h *Handle) LinkSetMacvlanMode(link Link, mode MacvlanMode) error
LinkSetMacvlanMode sets the mode of the macvlan or macvtap link device. Note that passthrough mode cannot be set to and from and will fail. Equivalent to: `ip link set $link type (macvlan|macvtap) mode $mode
func (h *Handle) LinkSetMaster(link Link, master Link) error
LinkSetMaster sets the master of the link device. Equivalent to: `ip link set $link master $master`
func (h *Handle) LinkSetMasterByIndex(link Link, masterIndex int) error
LinkSetMasterByIndex sets the master of the link device. Equivalent to: `ip link set $link master $master`
func (h *Handle) LinkSetMulticastOff(link Link) error
LinkSetAllmulticastOff disables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast off`
func (h *Handle) LinkSetMulticastOn(link Link) error
LinkSetMulticastOn enables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast on`
func (h *Handle) LinkSetName(link Link, name string) error
LinkSetName sets the name of the link device. Equivalent to: `ip link set $link name $name`
func (h *Handle) LinkSetNoMaster(link Link) error
LinkSetNoMaster removes the master of the link device. Equivalent to: `ip link set $link nomaster`
func (h *Handle) LinkSetNsFd(link Link, fd int) error
LinkSetNsFd puts the device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `ip link set $link netns $ns`
func (h *Handle) LinkSetNsPid(link Link, nspid int) error
LinkSetNsPid puts the device into a new network namespace. The pid must be a pid of a running process. Equivalent to: `ip link set $link netns $pid`
func (h *Handle) LinkSetRootBlock(link Link, mode bool) error
func (h *Handle) LinkSetTxQLen(link Link, qlen int) error
LinkSetTxQLen sets the transaction queue length for the link. Equivalent to: `ip link set $link txqlen $qlen`
func (h *Handle) LinkSetUp(link Link) error
LinkSetUp enables the link device. Equivalent to: `ip link set $link up`
func (h *Handle) LinkSetVfGUID(link Link, vf int, vfGuid net.HardwareAddr, guidType int) error
LinkSetVfGUID sets the node or port GUID of a vf for the link.
func (h *Handle) LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAddr) error
LinkSetVfHardwareAddr sets the hardware address of a vf for the link. Equivalent to: `ip link set $link vf $vf mac $hwaddr`
func (h *Handle) LinkSetVfRate(link Link, vf, minRate, maxRate int) error
LinkSetVfRate sets the min and max tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf min_tx_rate $min_rate max_tx_rate $max_rate`
func (h *Handle) LinkSetVfSpoofchk(link Link, vf int, check bool) error
LinkSetVfSpoofchk enables/disables spoof check on a vf for the link. Equivalent to: `ip link set $link vf $vf spoofchk $check`
func (h *Handle) LinkSetVfState(link Link, vf int, state uint32) error
LinkSetVfState enables/disables virtual link state on a vf. Equivalent to: `ip link set $link vf $vf state $state`
func (h *Handle) LinkSetVfTrust(link Link, vf int, state bool) error
LinkSetVfTrust enables/disables trust state on a vf for the link. Equivalent to: `ip link set $link vf $vf trust $state`
func (h *Handle) LinkSetVfTxRate(link Link, vf, rate int) error
LinkSetVfTxRate sets the tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf rate $rate`
func (h *Handle) LinkSetVfVlan(link Link, vf, vlan int) error
LinkSetVfVlan sets the vlan of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan`
func (h *Handle) LinkSetVfVlanQos(link Link, vf, vlan, qos int) error
LinkSetVfVlanQos sets the vlan and qos priority of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos`
func (h *Handle) LinkSetVfVlanQosProto(link Link, vf, vlan, qos, proto int) error
LinkSetVfVlanQosProto sets the vlan, qos and protocol of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos proto $proto`
func (h *Handle) MacvlanMACAddrAdd(link Link, addr net.HardwareAddr) error
func (h *Handle) MacvlanMACAddrDel(link Link, addr net.HardwareAddr) error
func (h *Handle) MacvlanMACAddrFlush(link Link) error
func (h *Handle) MacvlanMACAddrSet(link Link, addrs []net.HardwareAddr) error
func (h *Handle) NeighAdd(neigh *Neigh) error
NeighAdd will add an IP to MAC mapping to the ARP table Equivalent to: `ip neigh add ....`
func (h *Handle) NeighAppend(neigh *Neigh) error
NeighAppend will append an entry to FDB Equivalent to: `bridge fdb append...`
func (h *Handle) NeighDel(neigh *Neigh) error
NeighDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`
func (h *Handle) NeighList(linkIndex, family int) ([]Neigh, error)
NeighList returns a list of IP-MAC mappings in the system (ARP table). Equivalent to: `ip neighbor show`. The list can be filtered by link and ip family.
func (h *Handle) NeighListExecute(msg Ndmsg) ([]Neigh, error)
NeighListExecute returns a list of neighbour entries filtered by link, ip family, flag and state.
func (h *Handle) NeighProxyList(linkIndex, family int) ([]Neigh, error)
NeighProxyList returns a list of neighbor proxies in the system. Equivalent to: `ip neighbor show proxy`. The list can be filtered by link, ip family.
func (h *Handle) NeighSet(neigh *Neigh) error
NeighSet will add or replace an IP to MAC mapping to the ARP table Equivalent to: `ip neigh replace....`
func (h *Handle) QdiscAdd(qdisc Qdisc) error
QdiscAdd will add a qdisc to the system. Equivalent to: `tc qdisc add $qdisc`
func (h *Handle) QdiscChange(qdisc Qdisc) error
QdiscChange will change a qdisc in place Equivalent to: `tc qdisc change $qdisc` The parent and handle MUST NOT be changed.
func (h *Handle) QdiscDel(qdisc Qdisc) error
QdiscDel will delete a qdisc from the system. Equivalent to: `tc qdisc del $qdisc`
func (h *Handle) QdiscList(link Link) ([]Qdisc, error)
QdiscList gets a list of qdiscs in the system. Equivalent to: `tc qdisc show`. The list can be filtered by link.
func (h *Handle) QdiscReplace(qdisc Qdisc) error
QdiscReplace will replace a qdisc to the system. Equivalent to: `tc qdisc replace $qdisc` The handle MUST change.
func (h *Handle) RdmaLinkAdd(linkName string, linkType string, netdev string) error
RdmaLinkAdd adds an rdma link for the specified type to the network device.
func (h *Handle) RdmaLinkByName(name string) (*RdmaLink, error)
RdmaLinkByName finds a link by name and returns a pointer to the object if found and nil error, otherwise returns error code.
func (h *Handle) RdmaLinkDel(name string) error
RdmaLinkDel deletes an rdma link.
func (h *Handle) RdmaLinkList() ([]*RdmaLink, error)
RdmaLinkList gets a list of RDMA link devices. Equivalent to: `rdma dev show`
func (h *Handle) RdmaLinkSetName(link *RdmaLink, name string) error
RdmaLinkSetName sets the name of the rdma link device. Return nil on success or error otherwise. Equivalent to: `rdma dev set $old_devname name $name`
func (h *Handle) RdmaLinkSetNsFd(link *RdmaLink, fd uint32) error
RdmaLinkSetNsFd puts the RDMA device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `rdma dev set $dev netns $ns`
func (h *Handle) RdmaSystemGetNetnsMode() (string, error)
RdmaSystemGetNetnsMode gets the net namespace mode for RDMA subsystem Returns mode string and error status as nil on success or returns error otherwise. Equivalent to: `rdma system show netns'
func (h *Handle) RdmaSystemSetNetnsMode(NewMode string) error
RdmaSystemSetNetnsMode sets the net namespace mode for RDMA subsystem Returns nil on success or appropriate error code. Equivalent to: `rdma system set netns { shared | exclusive }'
func (h *Handle) RouteAdd(route *Route) error
RouteAdd will add a route to the system. Equivalent to: `ip route add $route`
func (h *Handle) RouteAddEcmp(route *Route) error
RouteAddEcmp will add a route to the system.
func (h *Handle) RouteAppend(route *Route) error
RouteAppend will append a route to the system. Equivalent to: `ip route append $route`
func (h *Handle) RouteChange(route *Route) error
RouteChange will change an existing route in the system. Equivalent to: `ip route change $route`
func (h *Handle) RouteDel(route *Route) error
RouteDel will delete a route from the system. Equivalent to: `ip route del $route`
func (h *Handle) RouteGet(destination net.IP) ([]Route, error)
RouteGet gets a route to a specific destination from the host system. Equivalent to: 'ip route get'.
func (h *Handle) RouteGetWithOptions(destination net.IP, options *RouteGetOptions) ([]Route, error)
RouteGetWithOptions gets a route to a specific destination from the host system. Equivalent to: 'ip route get <> vrf <VrfName>'.
func (h *Handle) RouteList(link Link, family int) ([]Route, error)
RouteList gets a list of routes in the system. Equivalent to: `ip route show`. The list can be filtered by link and ip family.
func (h *Handle) RouteListFiltered(family int, filter *Route, filterMask uint64) ([]Route, error)
RouteListFiltered gets a list of routes in the system filtered with specified rules. All rules must be defined in RouteFilter struct
func (h *Handle) RouteListFilteredIter(family int, filter *Route, filterMask uint64, f func(Route) (cont bool)) error
func (h *Handle) RouteReplace(route *Route) error
RouteReplace will add a route to the system. Equivalent to: `ip route replace $route`
func (h *Handle) RuleAdd(rule *Rule) error
RuleAdd adds a rule to the system. Equivalent to: ip rule add
func (h *Handle) RuleDel(rule *Rule) error
RuleDel deletes a rule from the system. Equivalent to: ip rule del
func (h *Handle) RuleList(family int) ([]Rule, error)
RuleList lists rules in the system. Equivalent to: ip rule list
func (h *Handle) RuleListFiltered(family int, filter *Rule, filterMask uint64) ([]Rule, error)
RuleListFiltered lists rules in the system. Equivalent to: ip rule list
func (h *Handle) SetNetNsIdByFd(fd, nsid int) error
SetNetNSIdByFd sets the ID of the network namespace for a given fd. fd must be an open file descriptor to a namespace file. The ID can only be set for namespaces without an ID already set.
func (h *Handle) SetNetNsIdByPid(pid, nsid int) error
SetNetNSIdByPid sets the ID of the network namespace for a given pid (really thread id). The ID can only be set for namespaces without an ID already set.
func (h *Handle) SetPromiscOff(link Link) error
func (h *Handle) SetPromiscOn(link Link) error
func (h *Handle) SetSocketReceiveBufferSize(size int, force bool) error
SetSocketReceiveBufferSize sets the receive buffer size for each socket in the netlink handle. The maximum value is capped by /proc/sys/net/core/rmem_max.
func (h *Handle) SetSocketTimeout(to time.Duration) error
SetSocketTimeout sets the send and receive timeout for each socket in the netlink handle. Although the socket timeout has granularity of one microsecond, the effective granularity is floored by the kernel timer tick, which default value is four milliseconds.
func (h *Handle) SetStrictCheck(state bool) error
SetStrictCheck sets the strict check socket option for each socket in the netlink handle. Returns early if any set operation fails
func (h *Handle) SocketDestroy(local, remote net.Addr) error
SocketDestroy kills the Socket identified by its local and remote addresses.
func (h *Handle) SocketDiagTCP(family uint8) ([]*Socket, error)
SocketDiagTCP requests INET_DIAG_INFO for TCP protocol for specified family type and return related socket.
func (h *Handle) SocketDiagTCPInfo(family uint8) ([]*InetDiagTCPInfoResp, error)
SocketDiagTCPInfo requests INET_DIAG_INFO for TCP protocol for specified family type and return with extension TCP info.
func (h *Handle) SocketDiagUDP(family uint8) ([]*Socket, error)
SocketDiagUDP requests INET_DIAG_INFO for UDP protocol for specified family type and return related socket.
func (h *Handle) SocketDiagUDPInfo(family uint8) ([]*InetDiagUDPInfoResp, error)
SocketDiagUDPInfo requests INET_DIAG_INFO for UDP protocol for specified family type and return with extension info.
func (h *Handle) SocketGet(local, remote net.Addr) (*Socket, error)
SocketGet returns the Socket identified by its local and remote addresses.
func (h *Handle) SupportsNetlinkFamily(nlFamily int) bool
SupportsNetlinkFamily reports whether the passed netlink family is supported by this Handle
func (h *Handle) UnixSocketDiag() ([]*UnixSocket, error)
UnixSocketDiag requests UNIX_DIAG_INFO for unix sockets.
func (h *Handle) UnixSocketDiagInfo() ([]*UnixDiagInfoResp, error)
UnixSocketDiagInfo requests UNIX_DIAG_INFO for unix sockets and return with extension info.
func (h *Handle) VDPADelDev(name string) error
VDPADelDev removes VDPA device Equivalent to: `vdpa dev del <name>`
func (h *Handle) VDPAGetDevByName(name string) (*VDPADev, error)
VDPAGetDevByName returns VDPA device selected by name Equivalent to: `vdpa dev show <name>`
func (h *Handle) VDPAGetDevConfigByName(name string) (*VDPADevConfig, error)
VDPAGetDevConfigByName returns VDPA device configuration selected by name Equivalent to: `vdpa dev config show <name>`
func (h *Handle) VDPAGetDevConfigList() ([]*VDPADevConfig, error)
VDPAGetDevConfigList returns list of VDPA devices configurations Equivalent to: `vdpa dev config show`
func (h *Handle) VDPAGetDevList() ([]*VDPADev, error)
VDPAGetDevList returns list of VDPA devices Equivalent to: `vdpa dev show`
func (h *Handle) VDPAGetDevVStats(name string, queueIndex uint32) (*VDPADevVStats, error)
VDPAGetDevVStats returns vstats for VDPA device Equivalent to: `vdpa dev vstats show <name> qidx <queueIndex>`
func (h *Handle) VDPAGetMGMTDevByBusAndName(bus, name string) (*VDPAMGMTDev, error)
VDPAGetMGMTDevByBusAndName returns mgmt devices selected by bus and name Equivalent to: `vdpa mgmtdev show <bus>/<name>`
func (h *Handle) VDPAGetMGMTDevList() ([]*VDPAMGMTDev, error)
VDPAGetMGMTDevList returns list of mgmt devices Equivalent to: `vdpa mgmtdev show`
func (h *Handle) VDPANewDev(name, mgmtBus, mgmtName string, params VDPANewDevParams) error
VDPANewDev adds new VDPA device Equivalent to: `vdpa dev add name <name> mgmtdev <mgmtBus>/mgmtName [params]`
func (h *Handle) XfrmPolicyAdd(policy *XfrmPolicy) error
XfrmPolicyAdd will add an xfrm policy to the system. Equivalent to: `ip xfrm policy add $policy`
func (h *Handle) XfrmPolicyDel(policy *XfrmPolicy) error
XfrmPolicyDel will delete an xfrm policy from the system. Note that the Tmpls are ignored when matching the policy to delete. Equivalent to: `ip xfrm policy del $policy`
func (h *Handle) XfrmPolicyFlush() error
XfrmPolicyFlush will flush the policies on the system. Equivalent to: `ip xfrm policy flush`
func (h *Handle) XfrmPolicyGet(policy *XfrmPolicy) (*XfrmPolicy, error)
XfrmPolicyGet gets a the policy described by the index or selector, if found. Equivalent to: `ip xfrm policy get { SELECTOR | index INDEX } dir DIR [ctx CTX ] [ mark MARK [ mask MASK ] ] [ ptype PTYPE ]`.
func (h *Handle) XfrmPolicyList(family int) ([]XfrmPolicy, error)
XfrmPolicyList gets a list of xfrm policies in the system. Equivalent to: `ip xfrm policy show`. The list can be filtered by ip family.
func (h *Handle) XfrmPolicyUpdate(policy *XfrmPolicy) error
XfrmPolicyUpdate will update an xfrm policy to the system. Equivalent to: `ip xfrm policy update $policy`
func (h *Handle) XfrmStateAdd(state *XfrmState) error
XfrmStateAdd will add an xfrm state to the system. Equivalent to: `ip xfrm state add $state`
func (h *Handle) XfrmStateDel(state *XfrmState) error
XfrmStateDel will delete an xfrm state from the system. Note that the Algos are ignored when matching the state to delete. Equivalent to: `ip xfrm state del $state`
func (h *Handle) XfrmStateFlush(proto Proto) error
XfrmStateFlush will flush the xfrm state on the system. proto = 0 means any transformation protocols Equivalent to: `ip xfrm state flush [ proto XFRM-PROTO ]`
func (h *Handle) XfrmStateGet(state *XfrmState) (*XfrmState, error)
XfrmStateGet gets the xfrm state described by the ID, if found. Equivalent to: `ip xfrm state get ID [ mark MARK [ mask MASK ] ]`. Only the fields which constitue the SA ID must be filled in: ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM-PROTO ] [ spi SPI ] mark is optional
func (h *Handle) XfrmStateList(family int) ([]XfrmState, error)
XfrmStateList gets a list of xfrm states in the system. Equivalent to: `ip xfrm state show`. The list can be filtered by ip family.
func (h *Handle) XfrmStateUpdate(state *XfrmState) error
XfrmStateUpdate will update an xfrm state to the system. Equivalent to: `ip xfrm state update $state`
type Hfsc struct {
QdiscAttrs
Defcls uint16
}
func NewHfsc(attrs QdiscAttrs) *Hfsc
func (hfsc *Hfsc) Attrs() *QdiscAttrs
func (hfsc *Hfsc) String() string
func (hfsc *Hfsc) Type() string
HfscClass is a representation of the HFSC class
type HfscClass struct {
ClassAttrs
Rsc ServiceCurve
Fsc ServiceCurve
Usc ServiceCurve
}
func NewHfscClass(attrs ClassAttrs) *HfscClass
NewHfscClass returns a new HFSC struct with the set parameters
func (hfsc *HfscClass) Attrs() *ClassAttrs
Attrs return the Hfsc parameters
func (hfsc *HfscClass) SetFsc(m1 uint32, d uint32, m2 uint32)
SetFsc sets the Fsc curve. The bandwidth (m1 and m2) is specified in bits and the delay in seconds.
func (hfsc *HfscClass) SetLS(m1 uint32, d uint32, m2 uint32)
SetLS implements the LS from the `tc` CLI. This function behaves the same as if one would set the USC through the `tc` command-line tool. This means bandwidth (m1 and m2) is specified in bits and the delay in ms.
func (hfsc *HfscClass) SetRsc(m1 uint32, d uint32, m2 uint32)
SetRsc sets the Rsc curve. The bandwidth (m1 and m2) is specified in bits and the delay in seconds.
func (hfsc *HfscClass) SetSC(m1 uint32, d uint32, m2 uint32)
SetSC implements the SC from the `tc` CLI. This function behaves the same as if one would set the USC through the `tc` command-line tool. This means bandwidth (m1 and m2) is specified in bits and the delay in ms.
func (hfsc *HfscClass) SetUL(m1 uint32, d uint32, m2 uint32)
SetUL implements the UL from the `tc` CLI. This function behaves the same as if one would set the USC through the `tc` command-line tool. This means bandwidth (m1 and m2) is specified in bits and the delay in ms.
func (hfsc *HfscClass) SetUsc(m1 uint32, d uint32, m2 uint32)
SetUsc sets the USC curve. The bandwidth (m1 and m2) is specified in bits and the delay in seconds.
func (hfsc *HfscClass) String() string
String() returns a string that contains the information and attributes of the HFSC class
func (hfsc *HfscClass) Type() string
Type return the type of the class
Htb is a classful qdisc that rate limits based on tokens
type Htb struct {
QdiscAttrs
Version uint32
Rate2Quantum uint32
Defcls uint32
Debug uint32
DirectPkts uint32
DirectQlen *uint32
}
func NewHtb(attrs QdiscAttrs) *Htb
func (qdisc *Htb) Attrs() *QdiscAttrs
func (qdisc *Htb) Type() string
HtbClass represents an Htb class
type HtbClass struct {
ClassAttrs
Rate uint64
Ceil uint64
Buffer uint32
Cbuffer uint32
Quantum uint32
Level uint32
Prio uint32
}
func NewHtbClass(attrs ClassAttrs, cattrs HtbClassAttrs) *HtbClass
NewHtbClass NOTE: function is in here because it uses other linux functions
func (q *HtbClass) Attrs() *ClassAttrs
Attrs returns the class attributes
func (q HtbClass) String() string
func (q *HtbClass) Type() string
Type return the class type
HtbClassAttrs stores the attributes of HTB class
type HtbClassAttrs struct {
// TODO handle all attributes
Rate uint64
Ceil uint64
Buffer uint32
Cbuffer uint32
Quantum uint32
Level uint32
Prio uint32
}
func (q HtbClassAttrs) String() string
from https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/ip6_tunnel.h#L12
type IP6TunnelFlag uint16
IP6tnlEncap definition
type IP6tnlEncap struct {
ID uint64
Dst net.IP
Src net.IP
Hoplimit uint8
TC uint8
Flags uint16
}
func (e *IP6tnlEncap) Decode(buf []byte) error
func (e *IP6tnlEncap) Encode() ([]byte, error)
func (e *IP6tnlEncap) Equal(x Encap) bool
func (e *IP6tnlEncap) String() string
func (e *IP6tnlEncap) Type() int
IPSetEntry is used for adding, updating, retreiving and deleting entries
type IPSetEntry struct {
Comment string
MAC net.HardwareAddr
IP net.IP
CIDR uint8
Timeout *uint32
Packets *uint64
Bytes *uint64
Protocol *uint8
Port *uint16
IP2 net.IP
CIDR2 uint8
IFace string
Mark *uint32
Replace bool // replace existing entry
}
IPSetResult is the result of a dump request for a set
type IPSetResult struct {
Nfgenmsg *nl.Nfgenmsg
Protocol uint8
ProtocolMinVersion uint8
Revision uint8
Family uint8
Flags uint8
SetName string
TypeName string
Comment string
MarkMask uint32
IPFrom net.IP
IPTo net.IP
PortFrom uint16
PortTo uint16
HashSize uint32
NumEntries uint32
MaxElements uint32
References uint32
SizeInMemory uint32
CadtFlags uint32
Timeout *uint32
LineNo uint32
Entries []IPSetEntry
}
func IpsetList(setname string) (*IPSetResult, error)
IpsetList dumps an specific ipset.
func IpsetListAll() ([]IPSetResult, error)
IpsetListAll dumps all ipsets.
The full conntrack flow structure is very complicated and can be found in the file: http://git.netfilter.org/libnetfilter_conntrack/tree/include/internal/object.h For the time being, the structure below allows to parse and extract the base information of a flow
type IPTuple struct {
Bytes uint64
DstIP net.IP
DstPort uint16
Packets uint64
Protocol uint8
SrcIP net.IP
SrcPort uint16
}
type IPVlan struct {
LinkAttrs
Mode IPVlanMode
Flag IPVlanFlag
}
func (ipvlan *IPVlan) Attrs() *LinkAttrs
func (ipvlan *IPVlan) Type() string
type IPVlanFlag uint16
const (
IPVLAN_FLAG_BRIDGE IPVlanFlag = iota
IPVLAN_FLAG_PRIVATE
IPVLAN_FLAG_VEPA
)
type IPVlanMode uint16
const (
IPVLAN_MODE_L2 IPVlanMode = iota
IPVLAN_MODE_L3
IPVLAN_MODE_L3S
IPVLAN_MODE_MAX
)
IPVtap - IPVtap is a virtual interfaces based on ipvlan
type IPVtap struct {
IPVlan
}
func (ipvtap *IPVtap) Attrs() *LinkAttrs
func (ipvtap IPVtap) Type() string
type IPoIB struct {
LinkAttrs
Pkey uint16
Mode IPoIBMode
Umcast uint16
}
func (ipoib *IPoIB) Attrs() *LinkAttrs
func (ipoib *IPoIB) Type() string
type IPoIBMode uint16
func (m *IPoIBMode) String() string
Ifb links are advanced dummy devices for packet filtering
type Ifb struct {
LinkAttrs
}
func (ifb *Ifb) Attrs() *LinkAttrs
func (ifb *Ifb) Type() string
Ifreq is a struct for ioctl ethernet manipulation syscalls.
type Ifreq struct {
Name [unix.IFNAMSIZ]byte
Data uintptr
}
IfreqSlave is a struct for ioctl bond manipulation syscalls. It is used to assign slave to bond interface with Name.
type IfreqSlave struct {
Name [unix.IFNAMSIZ]byte
Slave [unix.IFNAMSIZ]byte
}
type InetDiagTCPInfoResp struct {
InetDiagMsg *Socket
TCPInfo *TCPInfo
TCPBBRInfo *TCPBBRInfo
}
func SocketDiagTCPInfo(family uint8) ([]*InetDiagTCPInfoResp, error)
SocketDiagTCPInfo requests INET_DIAG_INFO for TCP protocol for specified family type and return with extension TCP info.
type InetDiagUDPInfoResp struct {
InetDiagMsg *Socket
Memory *MemInfo
}
func SocketDiagUDPInfo(family uint8) ([]*InetDiagUDPInfoResp, error)
SocketDiagUDPInfo requests INET_DIAG_INFO for UDP protocol for specified family type and return with extension info.
InetFamily Family type
type InetFamily uint8
Ingress is a qdisc for adding ingress filters
type Ingress struct {
QdiscAttrs
}
func (qdisc *Ingress) Attrs() *QdiscAttrs
func (qdisc *Ingress) Type() string
type Ip6tnl struct {
LinkAttrs
Link uint32
Local net.IP
Remote net.IP
Ttl uint8
Tos uint8
Flags uint32
Proto uint8
FlowInfo uint32
EncapLimit uint8
EncapType uint16
EncapFlags uint16
EncapSport uint16
EncapDport uint16
FlowBased bool
}
func (ip6tnl *Ip6tnl) Attrs() *LinkAttrs
func (ip6tnl *Ip6tnl) Type() string
IpsetCreateOptions is the options struct for creating a new ipset
type IpsetCreateOptions struct {
Replace bool // replace existing ipset
Timeout *uint32
Counters bool
Comments bool
Skbinfo bool
Family uint8
Revision uint8
IPFrom net.IP
IPTo net.IP
PortFrom uint16
PortTo uint16
MaxElements uint32
}
type Iptun struct {
LinkAttrs
Ttl uint8
Tos uint8
PMtuDisc uint8
Link uint32
Local net.IP
Remote net.IP
EncapSport uint16
EncapDport uint16
EncapType uint16
EncapFlags uint16
FlowBased bool
Proto uint8
}
func (iptun *Iptun) Attrs() *LinkAttrs
func (iptun *Iptun) Type() string
Link represents a link device from netlink. Shared link attributes like name may be retrieved using the Attrs() method. Unique data can be retrieved by casting the object to the proper type.
type Link interface {
Attrs() *LinkAttrs
Type() string
}
func LinkByAlias(alias string) (Link, error)
LinkByAlias finds a link by its alias and returns a pointer to the object. If there are multiple links with the alias it returns the first one
func LinkByIndex(index int) (Link, error)
LinkByIndex finds a link by index and returns a pointer to the object.
func LinkByName(name string) (Link, error)
LinkByName finds a link by name and returns a pointer to the object.
func LinkDeserialize(hdr *unix.NlMsghdr, m []byte) (Link, error)
LinkDeserialize deserializes a raw message received from netlink into a link object.
func LinkList() ([]Link, error)
LinkList gets a list of link devices. Equivalent to: `ip link show`
LinkAttrs represents data shared by most link types
type LinkAttrs struct {
Index int
MTU int
TxQLen int // Transmit Queue Length
Name string
HardwareAddr net.HardwareAddr
Flags net.Flags
RawFlags uint32
ParentIndex int // index of the parent link device
MasterIndex int // must be the index of a bridge
Namespace interface{} // nil | NsPid | NsFd
Alias string
AltNames []string
Statistics *LinkStatistics
Promisc int
Allmulti int
Multi int
Xdp *LinkXdp
EncapType string
Protinfo *Protinfo
OperState LinkOperState
PhysSwitchID int
NetNsID int
NumTxQueues int
NumRxQueues int
TSOMaxSegs uint32
TSOMaxSize uint32
GSOMaxSegs uint32
GSOMaxSize uint32
GROMaxSize uint32
GSOIPv4MaxSize uint32
GROIPv4MaxSize uint32
Vfs []VfInfo // virtual functions available on link
Group uint32
PermHWAddr net.HardwareAddr
Slave LinkSlave
}
func NewLinkAttrs() LinkAttrs
NewLinkAttrs returns LinkAttrs structure filled with default values
LinkNotFoundError wraps the various not found errors when getting/reading links. This is intended for better error handling by dependent code so that "not found error" can be distinguished from other errors
type LinkNotFoundError struct {
// contains filtered or unexported fields
}
LinkOperState represents the values of the IFLA_OPERSTATE link attribute, which contains the RFC2863 state of the interface.
type LinkOperState uint8
func (s LinkOperState) String() string
LinkSlave represents a slave device.
type LinkSlave interface {
SlaveType() string
}
type LinkStatistics LinkStatistics64
Ref: struct rtnl_link_stats {...}
type LinkStatistics32 struct {
RxPackets uint32
TxPackets uint32
RxBytes uint32
TxBytes uint32
RxErrors uint32
TxErrors uint32
RxDropped uint32
TxDropped uint32
Multicast uint32
Collisions uint32
RxLengthErrors uint32
RxOverErrors uint32
RxCrcErrors uint32
RxFrameErrors uint32
RxFifoErrors uint32
RxMissedErrors uint32
TxAbortedErrors uint32
TxCarrierErrors uint32
TxFifoErrors uint32
TxHeartbeatErrors uint32
TxWindowErrors uint32
RxCompressed uint32
TxCompressed uint32
}
Ref: struct rtnl_link_stats64 {...}
type LinkStatistics64 struct {
RxPackets uint64
TxPackets uint64
RxBytes uint64
TxBytes uint64
RxErrors uint64
TxErrors uint64
RxDropped uint64
TxDropped uint64
Multicast uint64
Collisions uint64
RxLengthErrors uint64
RxOverErrors uint64
RxCrcErrors uint64
RxFrameErrors uint64
RxFifoErrors uint64
RxMissedErrors uint64
TxAbortedErrors uint64
TxCarrierErrors uint64
TxFifoErrors uint64
TxHeartbeatErrors uint64
TxWindowErrors uint64
RxCompressed uint64
TxCompressed uint64
}
LinkSubscribeOptions contains a set of options to use with LinkSubscribeWithOptions.
type LinkSubscribeOptions struct {
Namespace *netns.NsHandle
ErrorCallback func(error)
ListExisting bool
ReceiveBufferSize int
ReceiveBufferForceSize bool
ReceiveTimeout *unix.Timeval
}
LinkUpdate is used to pass information back from LinkSubscribe()
type LinkUpdate struct {
nl.IfInfomsg
Header unix.NlMsghdr
Link
}
type LinkXdp struct {
Fd int
Attached bool
AttachMode uint32
Flags uint32
ProgId uint32
}
type MPLSDestination struct {
Labels []int
}
func (d *MPLSDestination) Decode(buf []byte) error
func (d *MPLSDestination) Encode() ([]byte, error)
func (d *MPLSDestination) Equal(x Destination) bool
func (d *MPLSDestination) Family() int
func (d *MPLSDestination) String() string
type MPLSEncap struct {
Labels []int
}
func (e *MPLSEncap) Decode(buf []byte) error
func (e *MPLSEncap) Encode() ([]byte, error)
func (e *MPLSEncap) Equal(x Encap) bool
func (e *MPLSEncap) String() string
func (e *MPLSEncap) Type() int
Macvlan links have ParentIndex set in their Attrs()
type Macvlan struct {
LinkAttrs
Mode MacvlanMode
// MACAddrs is only populated for Macvlan SOURCE links
MACAddrs []net.HardwareAddr
BCQueueLen uint32
UsedBCQueueLen uint32
}
func (macvlan *Macvlan) Attrs() *LinkAttrs
func (macvlan *Macvlan) Type() string
type MacvlanMode uint16
const (
MACVLAN_MODE_DEFAULT MacvlanMode = iota
MACVLAN_MODE_PRIVATE
MACVLAN_MODE_VEPA
MACVLAN_MODE_BRIDGE
MACVLAN_MODE_PASSTHRU
MACVLAN_MODE_SOURCE
)
Macvtap - macvtap is a virtual interfaces based on macvlan
type Macvtap struct {
Macvlan
}
func (macvtap Macvtap) Type() string
MatchAll filters match all packets
type MatchAll struct {
FilterAttrs
ClassId uint32
Actions []Action
}
func (filter *MatchAll) Attrs() *FilterAttrs
func (filter *MatchAll) Type() string
According to https://man7.org/linux/man-pages/man7/sock_diag.7.html
type MemInfo struct {
RMem uint32
WMem uint32
FMem uint32
TMem uint32
}
type MirredAct uint8
const (
TCA_EGRESS_REDIR MirredAct = 1 /* packet redirect to EGRESS*/
TCA_EGRESS_MIRROR MirredAct = 2 /* mirror packet to EGRESS */
TCA_INGRESS_REDIR MirredAct = 3 /* packet redirect to INGRESS*/
TCA_INGRESS_MIRROR MirredAct = 4 /* mirror packet to INGRESS */
)
func (a MirredAct) String() string
type MirredAction struct {
ActionAttrs
MirredAction MirredAct
Ifindex int
}
func NewMirredAction(redirIndex int) *MirredAction
func (action *MirredAction) Attrs() *ActionAttrs
func (action *MirredAction) Type() string
Mode is an enum representing an ipsec transport.
type Mode uint8
const (
XFRM_MODE_TRANSPORT Mode = iota
XFRM_MODE_TUNNEL
XFRM_MODE_ROUTEOPTIMIZATION
XFRM_MODE_IN_TRIGGER
XFRM_MODE_BEET
XFRM_MODE_MAX
)
func (m Mode) String() string
Ndmsg is for adding, removing or receiving information about a neighbor table entry
type Ndmsg struct {
Family uint8
Index uint32
State uint16
Flags uint8
Type uint8
}
func (msg *Ndmsg) Len() int
func (msg *Ndmsg) Serialize() []byte
Neigh represents a link layer neighbor from netlink.
type Neigh struct {
LinkIndex int
Family int
State int
Type int
Flags int
FlagsExt int
IP net.IP
HardwareAddr net.HardwareAddr
LLIPAddr net.IP //Used in the case of NHRP
Vlan int
VNI int
MasterIndex int
}
func NeighDeserialize(m []byte) (*Neigh, error)
func NeighList(linkIndex, family int) ([]Neigh, error)
NeighList returns a list of IP-MAC mappings in the system (ARP table). Equivalent to: `ip neighbor show`. The list can be filtered by link and ip family.
func NeighListExecute(msg Ndmsg) ([]Neigh, error)
NeighListExecute returns a list of neighbour entries filtered by link, ip family, flag and state.
func NeighProxyList(linkIndex, family int) ([]Neigh, error)
NeighProxyList returns a list of neighbor proxies in the system. Equivalent to: `ip neighbor show proxy`. The list can be filtered by link and ip family.
func (neigh *Neigh) String() string
String returns $ip/$hwaddr $label
NeighSubscribeOptions contains a set of options to use with NeighSubscribeWithOptions.
type NeighSubscribeOptions struct {
Namespace *netns.NsHandle
ErrorCallback func(error)
ListExisting bool
// max size is based on value of /proc/sys/net/core/rmem_max
ReceiveBufferSize int
ReceiveBufferForceSize bool
ReceiveTimeout *unix.Timeval
}
NeighUpdate is sent when a neighbor changes - type is RTM_NEWNEIGH or RTM_DELNEIGH.
type NeighUpdate struct {
Type uint16
Neigh
}
type Netem struct {
QdiscAttrs
Latency uint32
DelayCorr uint32
Limit uint32
Loss uint32
LossCorr uint32
Gap uint32
Duplicate uint32
DuplicateCorr uint32
Jitter uint32
ReorderProb uint32
ReorderCorr uint32
CorruptProb uint32
CorruptCorr uint32
Rate64 uint64
}
func NewNetem(attrs QdiscAttrs, nattrs NetemQdiscAttrs) *Netem
NOTE function is here because it uses other linux functions
func (qdisc *Netem) Attrs() *QdiscAttrs
func (netem *Netem) String() string
func (qdisc *Netem) Type() string
type NetemQdiscAttrs struct {
Latency uint32 // in us
DelayCorr float32 // in %
Limit uint32
Loss float32 // in %
LossCorr float32 // in %
Gap uint32
Duplicate float32 // in %
DuplicateCorr float32 // in %
Jitter uint32 // in us
ReorderProb float32 // in %
ReorderCorr float32 // in %
CorruptProb float32 // in %
CorruptCorr float32 // in %
Rate64 uint64
}
func (q NetemQdiscAttrs) String() string
type Netkit struct {
LinkAttrs
Mode NetkitMode
Policy NetkitPolicy
PeerPolicy NetkitPolicy
// contains filtered or unexported fields
}
func (n *Netkit) Attrs() *LinkAttrs
func (n *Netkit) IsPrimary() bool
func (n *Netkit) SetPeerAttrs(Attrs *LinkAttrs)
SetPeerAttrs will not take effect if trying to modify an existing netkit device
func (n *Netkit) Type() string
type NetkitMode uint32
const (
NETKIT_MODE_L2 NetkitMode = iota
NETKIT_MODE_L3
)
type NetkitPolicy int
const (
NETKIT_POLICY_FORWARD NetkitPolicy = 0
NETKIT_POLICY_BLACKHOLE NetkitPolicy = 2
)
type NextHopFlag int
const (
FLAG_ONLINK NextHopFlag = unix.RTNH_F_ONLINK
FLAG_PERVASIVE NextHopFlag = unix.RTNH_F_PERVASIVE
)
type NexthopInfo struct {
LinkIndex int
Hops int
Gw net.IP
Flags int
NewDst Destination
Encap Encap
Via Destination
}
func (n NexthopInfo) Equal(x NexthopInfo) bool
func (n *NexthopInfo) ListFlags() []string
func (n *NexthopInfo) String() string
type NsFd int
type NsPid int
type PDP struct {
Version uint32
TID uint64
PeerAddress net.IP
MSAddress net.IP
Flow uint16
NetNSFD uint32
ITEI uint32
OTEI uint32
}
func GTPPDPByITEI(link Link, itei int) (*PDP, error)
func GTPPDPByMSAddress(link Link, addr net.IP) (*PDP, error)
func GTPPDPByTID(link Link, tid int) (*PDP, error)
func GTPPDPList() ([]*PDP, error)
func (pdp *PDP) String() string
type PeditAction struct {
ActionAttrs
Proto uint8
SrcMacAddr net.HardwareAddr
DstMacAddr net.HardwareAddr
SrcIP net.IP
DstIP net.IP
SrcPort uint16
DstPort uint16
}
func NewPeditAction() *PeditAction
func (p *PeditAction) Attrs() *ActionAttrs
func (p *PeditAction) Type() string
PfifoFast is the default qdisc created by the kernel if one has not been defined for the interface
type PfifoFast struct {
QdiscAttrs
Bands uint8
PriorityMap [PRIORITY_MAP_LEN]uint8
}
func (qdisc *PfifoFast) Attrs() *QdiscAttrs
func (qdisc *PfifoFast) Type() string
type PoliceAction struct {
ActionAttrs
Rate uint32 // in byte per second
Burst uint32 // in byte
RCellLog int
Mtu uint32
Mpu uint16 // in byte
PeakRate uint32 // in byte per second
PCellLog int
AvRate uint32 // in byte per second
Overhead uint16
LinkLayer int
ExceedAction TcPolAct
NotExceedAction TcPolAct
}
func NewPoliceAction() *PoliceAction
func (action *PoliceAction) Attrs() *ActionAttrs
func (action *PoliceAction) Type() string
PolicyAction is an enum representing an ipsec policy action.
type PolicyAction uint8
const (
XFRM_POLICY_ALLOW PolicyAction = 0
XFRM_POLICY_BLOCK PolicyAction = 1
)
func (a PolicyAction) String() string
Prio is a basic qdisc that works just like PfifoFast
type Prio struct {
QdiscAttrs
Bands uint8
PriorityMap [PRIORITY_MAP_LEN]uint8
}
func NewPrio(attrs QdiscAttrs) *Prio
func (qdisc *Prio) Attrs() *QdiscAttrs
func (qdisc *Prio) Type() string
type ProcEvent struct {
ProcEventHeader
Msg ProcEventMsg
}
type ProcEventHeader struct {
What uint32
CPU uint32
Timestamp uint64
}
type ProcEventMsg interface {
Pid() uint32
Tgid() uint32
}
Protinfo represents bridge flags from netlink.
type Protinfo struct {
Hairpin bool
Guard bool
FastLeave bool
RootBlock bool
Learning bool
Flood bool
ProxyArp bool
ProxyArpWiFi bool
Isolated bool
NeighSuppress bool
}
func LinkGetProtinfo(link Link) (Protinfo, error)
func (prot *Protinfo) String() string
String returns a list of enabled flags
Proto is an enum representing an ipsec protocol.
type Proto uint8
const (
XFRM_PROTO_ROUTE2 Proto = unix.IPPROTO_ROUTING
XFRM_PROTO_ESP Proto = unix.IPPROTO_ESP
XFRM_PROTO_AH Proto = unix.IPPROTO_AH
XFRM_PROTO_HAO Proto = unix.IPPROTO_DSTOPTS
XFRM_PROTO_COMP Proto = unix.IPPROTO_COMP
XFRM_PROTO_IPSEC_ANY Proto = unix.IPPROTO_RAW
)
func (p Proto) String() string
ProtoInfo wraps an L4-protocol structure - roughly corresponds to the __nfct_protoinfo union found in libnetfilter_conntrack/include/internal/object.h. Currently, only protocol names, and TCP state is supported.
type ProtoInfo interface {
Protocol() string
}
ProtoInfoDCCP only supports the protocol name.
type ProtoInfoDCCP struct{}
func (*ProtoInfoDCCP) Protocol() string
Protocol returns "dccp".
ProtoInfoSCTP only supports the protocol name.
type ProtoInfoSCTP struct{}
func (*ProtoInfoSCTP) Protocol() string
Protocol returns "sctp".
ProtoInfoTCP corresponds to the `tcp` struct of the __nfct_protoinfo union. Only TCP state is currently supported.
type ProtoInfoTCP struct {
State uint8
}
func (*ProtoInfoTCP) Protocol() string
Protocol returns "tcp".
type Qdisc interface {
Attrs() *QdiscAttrs
Type() string
}
func QdiscList(link Link) ([]Qdisc, error)
QdiscList gets a list of qdiscs in the system. Equivalent to: `tc qdisc show`. The list can be filtered by link.
QdiscAttrs represents a netlink qdisc. A qdisc is associated with a link, has a handle, a parent and a refcnt. The root qdisc of a device should have parent == HANDLE_ROOT.
type QdiscAttrs struct {
LinkIndex int
Handle uint32
Parent uint32
Refcnt uint32 // read only
IngressBlock *uint32
Statistics *QdiscStatistics
}
func (q QdiscAttrs) String() string
type QdiscStatistics ClassStatistics
type QueueInfo struct {
RQueue uint32
WQueue uint32
}
Link represents a rdma device from netlink.
type RdmaLink struct {
Attrs RdmaLinkAttrs
}
func RdmaLinkByName(name string) (*RdmaLink, error)
RdmaLinkByName finds a link by name and returns a pointer to the object if found and nil error, otherwise returns error code.
func RdmaLinkList() ([]*RdmaLink, error)
RdmaLinkList gets a list of RDMA link devices. Equivalent to: `rdma dev show`
LinkAttrs represents data shared by most link types
type RdmaLinkAttrs struct {
Index uint32
Name string
FirmwareVersion string
NodeGuid string
SysImageGuid string
}
Route represents a netlink route.
type Route struct {
LinkIndex int
ILinkIndex int
Scope Scope
Dst *net.IPNet
Src net.IP
Gw net.IP
MultiPath []*NexthopInfo
Protocol RouteProtocol
Priority int
Family int
Table int
Type int
Tos int
Flags int
MPLSDst *int
NewDst Destination
Encap Encap
Via Destination
Realm int
MTU int
Window int
Rtt int
RttVar int
Ssthresh int
Cwnd int
AdvMSS int
Reordering int
Hoplimit int
InitCwnd int
Features int
RtoMin int
InitRwnd int
QuickACK int
Congctl string
FastOpenNoCookie int
}
func RouteGet(destination net.IP) ([]Route, error)
RouteGet gets a route to a specific destination from the host system. Equivalent to: 'ip route get'.
func RouteGetWithOptions(destination net.IP, options *RouteGetOptions) ([]Route, error)
RouteGetWithOptions gets a route to a specific destination from the host system. Equivalent to: 'ip route get <> vrf <VrfName>'.
func RouteList(link Link, family int) ([]Route, error)
RouteList gets a list of routes in the system. Equivalent to: `ip route show`. The list can be filtered by link and ip family.
func RouteListFiltered(family int, filter *Route, filterMask uint64) ([]Route, error)
RouteListFiltered gets a list of routes in the system filtered with specified rules. All rules must be defined in RouteFilter struct
func (r *Route) ClearFlag(flag NextHopFlag)
func (r Route) Equal(x Route) bool
func (r *Route) ListFlags() []string
func (r *Route) SetFlag(flag NextHopFlag)
func (r Route) String() string
RouteGetOptions contains a set of options to use with RouteGetWithOptions
type RouteGetOptions struct {
Iif string
IifIndex int
Oif string
VrfName string
SrcAddr net.IP
UID *uint32
Mark uint32
FIBMatch bool
}
Protocol describe what was the originator of the route
type RouteProtocol int
func (p RouteProtocol) String() string
RouteSubscribeOptions contains a set of options to use with RouteSubscribeWithOptions.
type RouteSubscribeOptions struct {
Namespace *netns.NsHandle
ErrorCallback func(error)
ListExisting bool
ReceiveBufferSize int
ReceiveBufferForceSize bool
ReceiveTimeout *unix.Timeval
}
NlFlags is only non-zero for RTM_NEWROUTE, the following flags can be set:
type RouteUpdate struct {
Type uint16
NlFlags uint16
Route
}
Rule represents a netlink rule.
type Rule struct {
Priority int
Family int
Table int
Mark uint32
Mask *uint32
Tos uint
TunID uint
Goto int
Src *net.IPNet
Dst *net.IPNet
Flow int
IifName string
OifName string
SuppressIfgroup int
SuppressPrefixlen int
Invert bool
Dport *RulePortRange
Sport *RulePortRange
IPProto int
UIDRange *RuleUIDRange
Protocol uint8
Type uint8
}
func NewRule() *Rule
NewRule return empty rules.
func RuleList(family int) ([]Rule, error)
RuleList lists rules in the system. Equivalent to: ip rule list
func RuleListFiltered(family int, filter *Rule, filterMask uint64) ([]Rule, error)
RuleListFiltered gets a list of rules in the system filtered by the specified rule template `filter`. Equivalent to: ip rule list
func (r Rule) String() string
RulePortRange represents rule sport/dport range.
type RulePortRange struct {
Start uint16
End uint16
}
func NewRulePortRange(start, end uint16) *RulePortRange
NewRulePortRange creates rule sport/dport range.
RuleUIDRange represents rule uid range.
type RuleUIDRange struct {
Start uint32
End uint32
}
func NewRuleUIDRange(start, end uint32) *RuleUIDRange
NewRuleUIDRange creates rule uid range.
SEG6 definitions
type SEG6Encap struct {
Mode int
Segments []net.IP
}
func (e *SEG6Encap) Decode(buf []byte) error
func (e *SEG6Encap) Encode() ([]byte, error)
func (e *SEG6Encap) Equal(x Encap) bool
func (e *SEG6Encap) String() string
func (e *SEG6Encap) Type() int
SEG6LocalEncap definitions
type SEG6LocalEncap struct {
Flags [nl.SEG6_LOCAL_MAX]bool
Action int
Segments []net.IP // from SRH in seg6_local_lwt
Table int // table id for End.T and End.DT6
InAddr net.IP
In6Addr net.IP
Iif int
Oif int
// contains filtered or unexported fields
}
func (e *SEG6LocalEncap) Decode(buf []byte) error
func (e *SEG6LocalEncap) Encode() ([]byte, error)
func (e *SEG6LocalEncap) Equal(x Encap) bool
func (e *SEG6LocalEncap) SetProg(progFd int, progName string) error
func (e *SEG6LocalEncap) String() string
func (e *SEG6LocalEncap) Type() int
Scope is an enum representing a route scope.
type Scope uint8
const (
SCOPE_UNIVERSE Scope = unix.RT_SCOPE_UNIVERSE
SCOPE_SITE Scope = unix.RT_SCOPE_SITE
SCOPE_LINK Scope = unix.RT_SCOPE_LINK
SCOPE_HOST Scope = unix.RT_SCOPE_HOST
SCOPE_NOWHERE Scope = unix.RT_SCOPE_NOWHERE
)
func (s Scope) String() string
ServiceCurve is a nondecreasing function of some time unit, returning the amount of service (an allowed or allocated amount of bandwidth) at some specific point in time. The purpose of it should be subconsciously obvious: if a class was allowed to transfer not less than the amount specified by its service curve, then the service curve is not violated.
type ServiceCurve struct {
// contains filtered or unexported fields
}
func (c *ServiceCurve) Attrs() (uint32, uint32, uint32)
Attrs return the parameters of the service curve
func (c *ServiceCurve) Burst() uint32
Burst returns the burst rate (m1) of the curve
func (c *ServiceCurve) Delay() uint32
Delay return the delay (d) of the curve
func (c *ServiceCurve) Rate() uint32
Rate returns the rate (m2) of the curve
type Sfq struct {
QdiscAttrs
// TODO: Only the simplified options for SFQ are handled here. Support for the extended one can be added later.
Quantum uint8
Perturb uint8
Limit uint32
Divisor uint8
}
func (qdisc *Sfq) Attrs() *QdiscAttrs
func (sfq *Sfq) String() string
func (qdisc *Sfq) Type() string
type Sittun struct {
LinkAttrs
Link uint32
Ttl uint8
Tos uint8
PMtuDisc uint8
Proto uint8
Local net.IP
Remote net.IP
EncapLimit uint8
EncapType uint16
EncapFlags uint16
EncapSport uint16
EncapDport uint16
}
func (sittun *Sittun) Attrs() *LinkAttrs
func (sittun *Sittun) Type() string
type SkbEditAction struct {
ActionAttrs
QueueMapping *uint16
PType *uint16
Priority *uint32
Mark *uint32
Mask *uint32
}
func NewSkbEditAction() *SkbEditAction
func (action *SkbEditAction) Attrs() *ActionAttrs
func (action *SkbEditAction) Type() string
Socket represents a netlink socket.
type Socket struct {
Family uint8
State uint8
Timer uint8
Retrans uint8
ID SocketID
Expires uint32
RQueue uint32
WQueue uint32
UID uint32
INode uint32
}
func SocketDiagTCP(family uint8) ([]*Socket, error)
SocketDiagTCP requests INET_DIAG_INFO for TCP protocol for specified family type and return related socket.
func SocketDiagUDP(family uint8) ([]*Socket, error)
SocketDiagUDP requests INET_DIAG_INFO for UDP protocol for specified family type and return related socket.
func SocketGet(local, remote net.Addr) (*Socket, error)
SocketGet returns the Socket identified by its local and remote addresses.
SocketID identifies a single socket.
type SocketID struct {
SourcePort uint16
DestinationPort uint16
Source net.IP
Destination net.IP
Interface uint32
Cookie [2]uint32
}
type TCPBBRInfo struct {
BBRBW uint64
BBRMinRTT uint32
BBRPacingGain uint32
BBRCwndGain uint32
}
type TCPInfo struct {
State uint8
Ca_state uint8
Retransmits uint8
Probes uint8
Backoff uint8
Options uint8
Snd_wscale uint8 // no uint4
Rcv_wscale uint8
Delivery_rate_app_limited uint8
Fastopen_client_fail uint8
Rto uint32
Ato uint32
Snd_mss uint32
Rcv_mss uint32
Unacked uint32
Sacked uint32
Lost uint32
Retrans uint32
Fackets uint32
Last_data_sent uint32
Last_ack_sent uint32
Last_data_recv uint32
Last_ack_recv uint32
Pmtu uint32
Rcv_ssthresh uint32
Rtt uint32
Rttvar uint32
Snd_ssthresh uint32
Snd_cwnd uint32
Advmss uint32
Reordering uint32
Rcv_rtt uint32
Rcv_space uint32
Total_retrans uint32
Pacing_rate uint64
Max_pacing_rate uint64
Bytes_acked uint64 /* RFC4898 tcpEStatsAppHCThruOctetsAcked */
Bytes_received uint64 /* RFC4898 tcpEStatsAppHCThruOctetsReceived */
Segs_out uint32 /* RFC4898 tcpEStatsPerfSegsOut */
Segs_in uint32 /* RFC4898 tcpEStatsPerfSegsIn */
Notsent_bytes uint32
Min_rtt uint32
Data_segs_in uint32 /* RFC4898 tcpEStatsDataSegsIn */
Data_segs_out uint32 /* RFC4898 tcpEStatsDataSegsOut */
Delivery_rate uint64
Busy_time uint64 /* Time (usec) busy sending data */
Rwnd_limited uint64 /* Time (usec) limited by receive window */
Sndbuf_limited uint64 /* Time (usec) limited by send buffer */
Delivered uint32
Delivered_ce uint32
Bytes_sent uint64 /* RFC4898 tcpEStatsPerfHCDataOctetsOut */
Bytes_retrans uint64 /* RFC4898 tcpEStatsPerfOctetsRetrans */
Dsack_dups uint32 /* RFC4898 tcpEStatsStackDSACKDups */
Reord_seen uint32 /* reordering events seen */
Rcv_ooopack uint32 /* Out-of-order packets received */
Snd_wnd uint32 /* peer's advertised receive window after * scaling (bytes) */
}
Tbf is a classless qdisc that rate limits based on tokens
type Tbf struct {
QdiscAttrs
Rate uint64
Limit uint32
Buffer uint32
Peakrate uint64
Minburst uint32
}
func (qdisc *Tbf) Attrs() *QdiscAttrs
func (qdisc *Tbf) Type() string
type TcAct int32
const (
TC_ACT_UNSPEC TcAct = -1
TC_ACT_OK TcAct = 0
TC_ACT_RECLASSIFY TcAct = 1
TC_ACT_SHOT TcAct = 2
TC_ACT_PIPE TcAct = 3
TC_ACT_STOLEN TcAct = 4
TC_ACT_QUEUED TcAct = 5
TC_ACT_REPEAT TcAct = 6
TC_ACT_REDIRECT TcAct = 7
TC_ACT_JUMP TcAct = 0x10000000
)
func (a TcAct) String() string
type TcPolAct int32
const (
TC_POLICE_UNSPEC TcPolAct = TcPolAct(TC_ACT_UNSPEC)
TC_POLICE_OK TcPolAct = TcPolAct(TC_ACT_OK)
TC_POLICE_RECLASSIFY TcPolAct = TcPolAct(TC_ACT_RECLASSIFY)
TC_POLICE_SHOT TcPolAct = TcPolAct(TC_ACT_SHOT)
TC_POLICE_PIPE TcPolAct = TcPolAct(TC_ACT_PIPE)
)
func (a TcPolAct) String() string
TcU32Key contained of Sel in the U32 filters. This is the type alias and the frontend representation of nl.TcU32Key. It is serialized into chanonical nl.TcU32Sel with the appropriate endianness.
type TcU32Key = nl.TcU32Key
Sel of the U32 filters that contains multiple TcU32Key. This is the type alias and the frontend representation of nl.TcU32Sel. It is serialized into canonical nl.TcU32Sel with the appropriate endianness.
type TcU32Sel = nl.TcU32Sel
from https://elixir.bootlin.com/linux/v5.15.4/source/include/uapi/linux/if_tunnel.h#L91
type TunnelEncapFlag uint16
from https://elixir.bootlin.com/linux/v5.15.4/source/include/uapi/linux/if_tunnel.h#L84
type TunnelEncapType uint16
const (
None TunnelEncapType = iota
FOU
GUE
)
type TunnelKeyAct int8
const (
TCA_TUNNEL_KEY_SET TunnelKeyAct = 1 // set tunnel key
TCA_TUNNEL_KEY_UNSET TunnelKeyAct = 2 // unset tunnel key
)
type TunnelKeyAction struct {
ActionAttrs
Action TunnelKeyAct
SrcAddr net.IP
DstAddr net.IP
KeyID uint32
DestPort uint16
}
func NewTunnelKeyAction() *TunnelKeyAction
func (action *TunnelKeyAction) Attrs() *ActionAttrs
func (action *TunnelKeyAction) Type() string
Tuntap links created via /dev/tun/tap, but can be destroyed via netlink
type Tuntap struct {
LinkAttrs
Mode TuntapMode
Flags TuntapFlag
NonPersist bool
Queues int
Fds []*os.File
Owner uint32
Group uint32
}
func (tuntap *Tuntap) Attrs() *LinkAttrs
func (tuntap *Tuntap) Type() string
type TuntapFlag uint16
type TuntapMode uint16
func (ttm TuntapMode) String() string
U32 filters on many packet related properties
type U32 struct {
FilterAttrs
ClassId uint32
Divisor uint32 // Divisor MUST be power of 2.
Hash uint32
Link uint32
RedirIndex int
Sel *TcU32Sel
Actions []Action
Police *PoliceAction
}
func (filter *U32) Attrs() *FilterAttrs
func (filter *U32) Type() string
type UnixDiagInfoResp struct {
DiagMsg *UnixSocket
Name *string
Peer *uint32
Queue *QueueInfo
Shutdown *uint8
}
func UnixSocketDiagInfo() ([]*UnixDiagInfoResp, error)
UnixSocketDiagInfo requests UNIX_DIAG_INFO for unix sockets and return with extension info.
UnixSocket represents a netlink unix socket.
type UnixSocket struct {
Type uint8
Family uint8
State uint8
INode uint32
Cookie [2]uint32
// contains filtered or unexported fields
}
func UnixSocketDiag() ([]*UnixSocket, error)
UnixSocketDiag requests UNIX_DIAG_INFO for unix sockets.
VDPADev contains info about VDPA device
type VDPADev struct {
VendorID uint32
MaxVQS uint32
MaxVQSize uint16
MinVQSize uint16
// contains filtered or unexported fields
}
func VDPAGetDevByName(name string) (*VDPADev, error)
VDPAGetDevByName returns VDPA device selected by name Equivalent to: `vdpa dev show <name>`
func VDPAGetDevList() ([]*VDPADev, error)
VDPAGetDevList returns list of VDPA devices Equivalent to: `vdpa dev show`
VDPADevConfig contains configuration of the VDPA device
type VDPADevConfig struct {
Features uint64
NegotiatedFeatures uint64
Net VDPADevConfigNet
// contains filtered or unexported fields
}
func VDPAGetDevConfigByName(name string) (*VDPADevConfig, error)
VDPAGetDevConfigByName returns VDPA device configuration selected by name Equivalent to: `vdpa dev config show <name>`
func VDPAGetDevConfigList() ([]*VDPADevConfig, error)
VDPAGetDevConfigList returns list of VDPA devices configurations Equivalent to: `vdpa dev config show`
VDPADevConfigNet conatins status and net config for the VDPA device
type VDPADevConfigNet struct {
Status VDPADevConfigNetStatus
Cfg VDPADevConfigNetCfg
}
VDPADevConfigNetCfg contains net config for the VDPA device
type VDPADevConfigNetCfg struct {
MACAddr net.HardwareAddr
MaxVQP uint16
MTU uint16
}
VDPADevConfigNetStatus contains info about net status
type VDPADevConfigNetStatus struct {
LinkUp bool
Announce bool
}
VDPADevVStats conatins vStats for the VDPA device
type VDPADevVStats struct {
QueueIndex uint32
Vendor []VDPADevVStatsVendor
NegotiatedFeatures uint64
// contains filtered or unexported fields
}
func VDPAGetDevVStats(name string, queueIndex uint32) (*VDPADevVStats, error)
VDPAGetDevVStats returns vstats for VDPA device Equivalent to: `vdpa dev vstats show <name> qidx <queueIndex>`
VDPADevVStatsVendor conatins name and value for vendor specific vstat option
type VDPADevVStatsVendor struct {
Name string
Value uint64
}
VDPAMGMTDev conatins info about VDPA management device
type VDPAMGMTDev struct {
BusName string
DevName string
SupportedClasses uint64
SupportedFeatures uint64
MaxVQS uint32
}
func VDPAGetMGMTDevByBusAndName(bus, name string) (*VDPAMGMTDev, error)
VDPAGetMGMTDevByBusAndName returns mgmt devices selected by bus and name Equivalent to: `vdpa mgmtdev show <bus>/<name>`
func VDPAGetMGMTDevList() ([]*VDPAMGMTDev, error)
VDPAGetMGMTDevList returns list of mgmt devices Equivalent to: `vdpa mgmtdev show`
VDPANewDevParams contains parameters for new VDPA device use SetBits to configure requried features for the device example:
VDPANewDevParams{Features: SetBits(0, VIRTIO_NET_F_MTU, VIRTIO_NET_F_CTRL_MAC_ADDR)}
type VDPANewDevParams struct {
MACAddr net.HardwareAddr
MaxVQP uint16
MTU uint16
Features uint64
}
Veth devices must specify PeerName on create
type Veth struct {
LinkAttrs
PeerName string // veth on create only
PeerHardwareAddr net.HardwareAddr
PeerNamespace interface{}
}
func (veth *Veth) Attrs() *LinkAttrs
func (veth *Veth) Type() string
VfInfo represents configuration of virtual function
type VfInfo struct {
ID int
Mac net.HardwareAddr
Vlan int
Qos int
VlanProto int
TxRate int // IFLA_VF_TX_RATE Max TxRate
Spoofchk bool
LinkState uint32
MaxTxRate uint32 // IFLA_VF_RATE Max TxRate
MinTxRate uint32 // IFLA_VF_RATE Min TxRate
RxPackets uint64
TxPackets uint64
RxBytes uint64
TxBytes uint64
Multicast uint64
Broadcast uint64
RxDropped uint64
TxDropped uint64
RssQuery uint32
Trust uint32
}
type Via struct {
AddrFamily int
Addr net.IP
}
func (v *Via) Decode(b []byte) error
func (v *Via) Encode() ([]byte, error)
func (v *Via) Equal(x Destination) bool
func (v *Via) Family() int
func (v *Via) String() string
Vlan links have ParentIndex set in their Attrs()
type Vlan struct {
LinkAttrs
VlanId int
VlanProtocol VlanProtocol
}
func (vlan *Vlan) Attrs() *LinkAttrs
func (vlan *Vlan) Type() string
VlanProtocol type
type VlanProtocol int
VlanProtocol possible values
const (
VLAN_PROTOCOL_UNKNOWN VlanProtocol = 0
VLAN_PROTOCOL_8021Q VlanProtocol = 0x8100
VLAN_PROTOCOL_8021AD VlanProtocol = 0x88A8
)
func StringToVlanProtocol(s string) VlanProtocol
StringToVlanProtocol returns vlan protocol, or unknown is the s is invalid.
func (p VlanProtocol) String() string
type Vrf struct {
LinkAttrs
Table uint32
}
func (vrf *Vrf) Attrs() *LinkAttrs
func (vrf *Vrf) Type() string
type VrfSlave struct {
Table uint32
}
func (v *VrfSlave) SlaveType() string
type Vti struct {
LinkAttrs
IKey uint32
OKey uint32
Link uint32
Local net.IP
Remote net.IP
}
func (vti *Vti) Attrs() *LinkAttrs
func (vti *Vti) Type() string
type Vxlan struct {
LinkAttrs
VxlanId int
VtepDevIndex int
SrcAddr net.IP
Group net.IP
TTL int
TOS int
Learning bool
Proxy bool
RSC bool
L2miss bool
L3miss bool
UDPCSum bool
UDP6ZeroCSumTx bool
UDP6ZeroCSumRx bool
NoAge bool
GBP bool
FlowBased bool
Age int
Limit int
Port int
PortLow int
PortHigh int
}
func (vxlan *Vxlan) Attrs() *LinkAttrs
func (vxlan *Vxlan) Type() string
Wireguard represent links of type "wireguard", see https://www.wireguard.com/
type Wireguard struct {
LinkAttrs
}
func (wg *Wireguard) Attrs() *LinkAttrs
func (wg *Wireguard) Type() string
https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L21
type XDPDiagInfoResp struct {
XDPDiagMsg *XDPSocket
XDPInfo *XDPInfo
}
func SocketDiagXDP() ([]*XDPDiagInfoResp, error)
SocketDiagXDP requests XDP_DIAG_INFO for XDP family sockets.
func SocketXDPGetInfo(ino uint32, cookie uint64) (*XDPDiagInfoResp, error)
XDPSocketGet returns the XDP socket identified by its inode number and/or socket cookie. Specify the cookie as SOCK_ANY_COOKIE if
XDPDiagStats contains ring statistics for an XDP socket.
https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L74
type XDPDiagStats struct {
RxDropped uint64
RxInvalid uint64
RxFull uint64
FillRingEmpty uint64
TxInvalid uint64
TxRingEmpty uint64
}
XDPDiagUmem describes the umem attached to an XDP socket.
https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L62
type XDPDiagUmem struct {
Size uint64
ID uint32
NumPages uint32
ChunkSize uint32
Headroom uint32
Ifindex uint32
QueueID uint32
Flags uint32
Refs uint32
}
type XDPInfo struct {
// XDP_DIAG_INFO/xdp_diag_info
// https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L51
Ifindex uint32
QueueID uint32
// XDP_DIAG_UID
UID uint32
// XDP_RX_RING
// https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L56
RxRingEntries uint32
TxRingEntries uint32
UmemFillRingEntries uint32
UmemCompletionRingEntries uint32
// XDR_DIAG_UMEM
Umem *XDPDiagUmem
// XDR_DIAG_STATS
Stats *XDPDiagStats
}
XDPSocket represents an XDP socket (and the common diagnosis part in particular). Please note that in contrast to UnixSocket the XDPSocket type does not feature “State” information.
type XDPSocket struct {
// xdp_diag_msg
// https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L21
Family uint8
Type uint8
Ino uint32
Cookie [2]uint32
// contains filtered or unexported fields
}
XfrmMark represents the mark associated to the state or policy
type XfrmMark struct {
Value uint32
Mask uint32
}
func (m *XfrmMark) String() string
type XfrmMsg interface {
Type() nl.XfrmMsgType
}
type XfrmMsgExpire struct {
XfrmState *XfrmState
Hard bool
}
func (ue *XfrmMsgExpire) Type() nl.XfrmMsgType
XfrmPolicy represents an ipsec policy. It represents the overlay network and has a list of XfrmPolicyTmpls representing the base addresses of the policy.
type XfrmPolicy struct {
Dst *net.IPNet
Src *net.IPNet
Proto Proto
DstPort int
SrcPort int
Dir Dir
Priority int
Index int
Action PolicyAction
Ifindex int
Ifid int
Mark *XfrmMark
Tmpls []XfrmPolicyTmpl
}
func XfrmPolicyGet(policy *XfrmPolicy) (*XfrmPolicy, error)
XfrmPolicyGet gets a the policy described by the index or selector, if found. Equivalent to: `ip xfrm policy get { SELECTOR | index INDEX } dir DIR [ctx CTX ] [ mark MARK [ mask MASK ] ] [ ptype PTYPE ]`.
func XfrmPolicyList(family int) ([]XfrmPolicy, error)
XfrmPolicyList gets a list of xfrm policies in the system. Equivalent to: `ip xfrm policy show`. The list can be filtered by ip family.
func (p XfrmPolicy) String() string
XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec policy. These rules are matched with XfrmState to determine encryption and authentication algorithms.
type XfrmPolicyTmpl struct {
Dst net.IP
Src net.IP
Proto Proto
Mode Mode
Spi int
Reqid int
Optional int
}
func (t XfrmPolicyTmpl) String() string
XfrmReplayState represents the sequence number states for "legacy" anti-replay mode.
type XfrmReplayState struct {
OSeq uint32
Seq uint32
BitMap uint32
}
func (r XfrmReplayState) String() string
XfrmState represents the state of an ipsec policy. It optionally contains an XfrmStateAlgo for encryption and one for authentication.
type XfrmState struct {
Dst net.IP
Src net.IP
Proto Proto
Mode Mode
Spi int
Reqid int
ReplayWindow int
Limits XfrmStateLimits
Statistics XfrmStateStats
Mark *XfrmMark
OutputMark *XfrmMark
Ifid int
Auth *XfrmStateAlgo
Crypt *XfrmStateAlgo
Aead *XfrmStateAlgo
Encap *XfrmStateEncap
ESN bool
DontEncapDSCP bool
OSeqMayWrap bool
Replay *XfrmReplayState
Selector *XfrmPolicy
}
func XfrmStateAllocSpi(state *XfrmState) (*XfrmState, error)
XfrmStateAllocSpi will allocate an xfrm state in the system. Equivalent to: `ip xfrm state allocspi`
func XfrmStateGet(state *XfrmState) (*XfrmState, error)
XfrmStateGet gets the xfrm state described by the ID, if found. Equivalent to: `ip xfrm state get ID [ mark MARK [ mask MASK ] ]`. Only the fields which constitue the SA ID must be filled in: ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM-PROTO ] [ spi SPI ] mark is optional
func XfrmStateList(family int) ([]XfrmState, error)
XfrmStateList gets a list of xfrm states in the system. Equivalent to: `ip [-4|-6] xfrm state show`. The list can be filtered by ip family.
func (sa XfrmState) Print(stats bool) string
func (sa XfrmState) String() string
XfrmStateAlgo represents the algorithm to use for the ipsec encryption.
type XfrmStateAlgo struct {
Name string
Key []byte
TruncateLen int // Auth only
ICVLen int // AEAD only
}
func (a XfrmStateAlgo) String() string
XfrmStateEncap represents the encapsulation to use for the ipsec encryption.
type XfrmStateEncap struct {
Type EncapType
SrcPort int
DstPort int
OriginalAddress net.IP
}
func (e XfrmStateEncap) String() string
XfrmStateLimits represents the configured limits for the state.
type XfrmStateLimits struct {
ByteSoft uint64
ByteHard uint64
PacketSoft uint64
PacketHard uint64
TimeSoft uint64
TimeHard uint64
TimeUseSoft uint64
TimeUseHard uint64
}
XfrmStateStats represents the current number of bytes/packets processed by this State, the State's installation and first use time and the replay window counters.
type XfrmStateStats struct {
ReplayWindow uint32
Replay uint32
Failed uint32
Bytes uint64
Packets uint64
AddTime uint64
UseTime uint64
}
Virtual XFRM Interfaces
Named "xfrmi" to prevent confusion with XFRM objects
type Xfrmi struct {
LinkAttrs
Ifid uint32
}
func (xfrm *Xfrmi) Attrs() *LinkAttrs
func (xfrm *Xfrmi) Type() string
| Name | Synopsis |
|---|---|
| .. | |
| cmd | |
| ipset-test | |
| nl | Package nl has low level primitives for making Netlink calls. |