Working on filtering by protocol.
This commit is contained in:
Kevin Krakauer
parent
781a68eeb6
commit
aeb3a4017b
|
|
@ -151,6 +151,9 @@ func (table *Table) SetMetadata(metadata interface{}) {
|
||||||
// packets this rule applies to. If there are no matchers in the rule, it
|
// packets this rule applies to. If there are no matchers in the rule, it
|
||||||
// applies to any packet.
|
// applies to any packet.
|
||||||
type Rule struct {
|
type Rule struct {
|
||||||
|
// IPHeaderFilters holds basic IP filtering fields common to every rule.
|
||||||
|
IPHeaderFilter IPHeaderFilter
|
||||||
|
|
||||||
// Matchers is the list of matchers for this rule.
|
// Matchers is the list of matchers for this rule.
|
||||||
Matchers []Matcher
|
Matchers []Matcher
|
||||||
|
|
||||||
|
|
@ -158,6 +161,23 @@ type Rule struct {
|
||||||
Target Target
|
Target Target
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: This is gross.
|
||||||
|
// TODO: Save this in SetEntries.
|
||||||
|
// TODO: Utilize this when traversing tables.
|
||||||
|
type IPHeaderFilter struct {
|
||||||
|
Source [4]byte
|
||||||
|
Destination [4]byte
|
||||||
|
SourceMask [4]byte
|
||||||
|
DestinationMask [4]byte
|
||||||
|
OutputInterface string
|
||||||
|
InputInterface string
|
||||||
|
OutputInterfaceMask string
|
||||||
|
InputInterfaceMask string
|
||||||
|
Protocol uint16
|
||||||
|
Flags uint8
|
||||||
|
InverseFlags uint8
|
||||||
|
}
|
||||||
|
|
||||||
// A Matcher is the interface for matching packets.
|
// A Matcher is the interface for matching packets.
|
||||||
type Matcher interface {
|
type Matcher interface {
|
||||||
// Match returns whether the packet matches and whether the packet
|
// Match returns whether the packet matches and whether the packet
|
||||||
|
|
|
||||||
|
|
@ -166,20 +166,20 @@ func TestFilterInputDropUDP(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestFilterInputDropUDPPort(t *testing.T) {
|
// func TestFilterInputDropUDPPort(t *testing.T) {
|
||||||
if err := singleTest(FilterInputDropUDPPort{}); err != nil {
|
// if err := singleTest(FilterInputDropUDPPort{}); err != nil {
|
||||||
t.Fatal(err)
|
// t.Fatal(err)
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
|
|
||||||
func TestFilterInputDropDifferentUDPPort(t *testing.T) {
|
// func TestFilterInputDropDifferentUDPPort(t *testing.T) {
|
||||||
if err := singleTest(FilterInputDropDifferentUDPPort{}); err != nil {
|
// if err := singleTest(FilterInputDropDifferentUDPPort{}); err != nil {
|
||||||
t.Fatal(err)
|
// t.Fatal(err)
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
|
|
||||||
func TestFilterInputDropAll(t *testing.T) {
|
// func TestFilterInputDropAll(t *testing.T) {
|
||||||
if err := singleTest(FilterInputDropAll{}); err != nil {
|
// if err := singleTest(FilterInputDropAll{}); err != nil {
|
||||||
t.Fatal(err)
|
// t.Fatal(err)
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue