github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/pkg/packetprocessor/packetprocessor.go

github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/pkg/packetprocessor/packetprocessor.go (about)

     1  package packetprocessor
     2  
     3  import (
     4  	provider "go.aporeto.io/enforcerd/trireme-lib/controller/pkg/aclprovider"
     5  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/connection"
     6  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/fqconfig"
     7  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/packet"
     8  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/pucontext"
     9  	"go.aporeto.io/enforcerd/trireme-lib/controller/pkg/tokens"
    10  )
    11  
    12  // PacketProcessor is an interface for extending packet processing functions such
    13  // as encryption, deep packet inspection, etc. These functions are run inline during packet
    14  // processing. A services processor must implement this interface.
    15  type PacketProcessor interface {
    16  	// Initialize  initializes any ACLs that the processor requires
    17  	Initialize(fq fqconfig.FilterQueue, p []provider.IptablesProvider)
    18  
    19  	// Stop stops the packet processor
    20  	Stop() error
    21  
    22  	// PreProcessTCPAppPacket will be called for application packets and return value of false means drop packet.
    23  	PreProcessTCPAppPacket(p *packet.Packet, context *pucontext.PUContext, conn *connection.TCPConnection) bool
    24  
    25  	// PostProcessTCPAppPacket will be called for application packets and return value of false means drop packet.
    26  	PostProcessTCPAppPacket(p *packet.Packet, action interface{}, context *pucontext.PUContext, conn *connection.TCPConnection) bool
    27  
    28  	// PreProcessTCPNetPacket will be called for network packets and return value of false means drop packet
    29  	PreProcessTCPNetPacket(p *packet.Packet, context *pucontext.PUContext, conn *connection.TCPConnection) bool
    30  
    31  	// PostProcessTCPNetPacket will be called for network packets and return value of false means drop packet
    32  	PostProcessTCPNetPacket(p *packet.Packet, action interface{}, claims *tokens.ConnectionClaims, context *pucontext.PUContext, conn *connection.TCPConnection) bool
    33  
    34  	// PreProcessUDPAppPacket will be called for application packets and return value of false means drop packet
    35  	PreProcessUDPAppPacket(p *packet.Packet, context *pucontext.PUContext, conn *connection.UDPConnection, packetType uint8) bool
    36  
    37  	// PostProcessUDPAppPacket will be called for application packets and return value of false means drop packet.
    38  	PostProcessUDPAppPacket(p *packet.Packet, action interface{}, context *pucontext.PUContext, conn *connection.UDPConnection) bool
    39  
    40  	// PreProcessUDPNetPacket will be called for network packets and return value of false means drop packet
    41  	PreProcessUDPNetPacket(p *packet.Packet, context *pucontext.PUContext, conn *connection.UDPConnection) bool
    42  
    43  	// PostProcessUDPNetPacket will be called for network packets and return value of false means drop packet
    44  	PostProcessUDPNetPacket(p *packet.Packet, action interface{}, claims *tokens.ConnectionClaims, context *pucontext.PUContext, conn *connection.UDPConnection) bool
    45  }