- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 46 for ipset (0.29 sec)
-
cni/pkg/ipset/ipset.go
// doesn't support creating `list:set` types yet (is in main branch tho). // So this will actually create 2 underlying ipsets, one for v4 and one for v6 func NewIPSet(name string, v6 bool, deps NetlinkIpsetDeps) (IPSet, error) { var err error set := IPSet{ V4Name: fmt.Sprintf(V4Name, name), Deps: deps, Prefix: name, } err = deps.ipsetIPHashCreate(set.V4Name, false) if v6 {
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 3.9K bytes - Viewed (0) -
cni/pkg/nodeagent/net.go
// allow overriding for tests netnsRunner func(fdable NetnsFd, toRun func() error) error hostsideProbeIPSet ipset.IPSet } var _ MeshDataplane = &NetServer{} func newNetServer(ztunnelServer ZtunnelServer, podNsMap *podNetnsCache, iptablesConfigurator *iptables.IptablesConfigurator, podNs PodNetnsFinder, probeSet ipset.IPSet, ) *NetServer { return &NetServer{ ztunnelServer: ztunnelServer, currentPodSnapshot: podNsMap,
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 12.2K bytes - Viewed (1) -
cni/pkg/nodeagent/server.go
} // createHostsideProbeIpset creates an ipset. This is designed to be called from the host netns. // Note that if the ipset already exist by name, Create will not return an error. // // We will unconditionally flush our set before use here, so it shouldn't matter. func createHostsideProbeIpset(isV6 bool) (ipset.IPSet, error) { linDeps := ipset.RealNlDeps() probeSet, err := ipset.NewIPSet(iptables.ProbeIPSet, isV6, linDeps)
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 7.2K bytes - Viewed (0) -
cni/pkg/ipset/nldeps_linux.go
err := netlink.IpsetFlush(name) if err != nil { return fmt.Errorf("failed to flush ipset %s: %w", name, err) } return nil } // Alpine and some distros struggles with this - ipset CLI utilities support this, but // the kernel can be out of sync with the CLI utility, leading to errors like: // // ipset v7.10: Argument `comment' is supported in the kernel module of the set type hash:ip
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 3.9K bytes - Viewed (0) -
cni/pkg/nodeagent/net_test.go
ipsetDeps *ipset.MockedIpsetDeps } func getTestFixure(ctx context.Context) netTestFixture { podNsMap := newPodNetnsCache(openNsTestOverride) nlDeps := &fakeIptablesDeps{} iptablesConfigurator, _ := iptables.NewIptablesConfigurator(nil, &dependencies.DependenciesStub{}, nlDeps) ztunnelServer := &fakeZtunnel{} fakeIPSetDeps := ipset.FakeNLDeps()
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 16.4K bytes - Viewed (0) -
cni/pkg/ipset/nldeps_unspecified.go
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package ipset import ( "errors" "net/netip" ) func RealNlDeps() NetlinkIpsetDeps { return &realDeps{} } type realDeps struct{} func (m *realDeps) ipsetIPHashCreate(name string, v6 bool) error {
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 1.8K bytes - Viewed (0) -
cni/pkg/ipset/nldeps_mock.go
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package ipset import ( "net/netip" "github.com/stretchr/testify/mock" ) type MockedIpsetDeps struct { mock.Mock } func FakeNLDeps() *MockedIpsetDeps { return &MockedIpsetDeps{} }
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Apr 30 22:24:38 GMT 2024 - 1.8K bytes - Viewed (0) -
cni/pkg/iptables/iptables.go
// See the License for the specific language governing permissions and // limitations under the License. package iptables import ( "errors" "fmt" "net/netip" "strings" "istio.io/istio/cni/pkg/ipset" istiolog "istio.io/istio/pkg/log" "istio.io/istio/tools/istio-iptables/pkg/builder" iptablesconfig "istio.io/istio/tools/istio-iptables/pkg/config" iptablesconstants "istio.io/istio/tools/istio-iptables/pkg/constants"
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue May 07 19:54:50 GMT 2024 - 19.7K bytes - Viewed (0) -
manifests/charts/istio-cni/templates/daemonset.yaml
# capabilities we actually require capabilities: drop: - ALL add: # CAP_NET_ADMIN is required to allow ipset and route table access - NET_ADMIN # CAP_NET_RAW is required to allow iptables mutation of the `nat` table - NET_RAW
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri May 03 19:29:42 GMT 2024 - 9.4K bytes - Viewed (0) -
cmd/endpoint.go
hostIPCache[host] = hostIPSet } } if IPSet, ok := pathIPMap[endpoint.Path]; ok { if !IPSet.Intersection(hostIPSet).IsEmpty() { return nil, setupType, config.ErrInvalidErasureEndpoints(nil).Msg(fmt.Sprintf("same path '%s' can not be served by different port on same address", endpoint.Path)) } pathIPMap[endpoint.Path] = IPSet.Union(hostIPSet) } else {
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sun Apr 21 11:43:18 GMT 2024 - 34.1K bytes - Viewed (0)