- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 866 for tproxy (0.2 sec)
-
tools/istio-iptables/pkg/capture/run_linux.go
) // configureTProxyRoutes configures ip firewall rules to enable TPROXY support. // See https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/original_src_filter func configureTProxyRoutes(cfg *config.Config) error { if cfg.InboundPortsInclude != "" { if cfg.InboundInterceptionMode == constants.TPROXY { link, err := netlink.LinkByName("lo") if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 22:24:38 UTC 2024 - 3.1K bytes - Viewed (0) -
cni/pkg/iptables/iptables_linux.go
} for _, family := range families { // Equiv: // ip rule add fwmark 0x111/0xfff pref 32764 lookup 100 // // Adds in-pod rules for marking packets with the istio-specific TPROXY mark. // A very similar mechanism is used for sidecar TPROXY. // // TODO largely identical/copied from tools/istio-iptables/pkg/capture/run_linux.go inpodMarkRule := netlink.NewRule() inpodMarkRule.Family = family
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 22:24:38 UTC 2024 - 3.3K bytes - Viewed (0) -
tools/istio-iptables/pkg/capture/run_unspecified.go
) // ErrNotImplemented is returned when a requested feature is not implemented. var ErrNotImplemented = errors.New("not implemented") // configureTProxyRoutes configures ip firewall rules to enable TPROXY support. // See https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/original_src_filter func configureTProxyRoutes(cfg *config.Config) error { return ErrNotImplemented }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Nov 01 16:18:12 UTC 2023 - 1.2K bytes - Viewed (0) -
pkg/test/framework/resource/settings.go
SkipString ArrayFlags SkipMatcher *Matcher // SkipWorkloadClasses can be used to skip deploying special workload types like TPROXY, VMs, etc. SkipWorkloadClasses ArrayFlags // OnlyWorkloadClasses can be used to only deploy specific workload types like TPROXY, VMs, etc. OnlyWorkloadClasses ArrayFlags // The label selector, in parsed form. Selector label.Selector
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 09 19:04:51 UTC 2024 - 9.2K bytes - Viewed (0) -
tools/istio-clean-iptables/pkg/cmd/cleanup_test.go
func(cfg *config.Config) { cfg.RedirectDNS = true cfg.OwnerGroupsExclude = "888,ftp" }, }, { "inbound-interception-mode", func(cfg *config.Config) { cfg.InboundInterceptionMode = "TPROXY" cfg.InboundTProxyMark = "1337" }, }, } for _, tt := range cases { t.Run(tt.name, func(t *testing.T) { cfg := constructTestConfig() tt.config(cfg) ext := &dep.DependenciesStub{}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 11 17:46:23 UTC 2024 - 3.2K bytes - Viewed (0) -
tools/istio-clean-iptables/pkg/cmd/root.go
&cfg.CaptureAllDNS) flag.BindEnv(fs, constants.InboundInterceptionMode, "m", "The mode used to redirect inbound connections to Envoy, either \"REDIRECT\" or \"TPROXY\".", &cfg.InboundInterceptionMode) flag.BindEnv(fs, constants.InboundTProxyMark, "t", "", &cfg.InboundTProxyMark) } func GetCommand(logOpts *log.Options) *cobra.Command { cfg := config.DefaultConfig()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 11 17:46:23 UTC 2024 - 3K bytes - Viewed (0) -
tools/istio-clean-iptables/pkg/config/config.go
fmt.Println("") } func (c *Config) Validate() error { return types.ValidateOwnerGroups(c.OwnerGroupsInclude, c.OwnerGroupsExclude) } var envoyUserVar = env.Register(constants.EnvoyUser, "istio-proxy", "Envoy proxy username") func (c *Config) FillConfigFromEnvironment() { // Fill in env-var only options c.OwnerGroupsInclude = constants.OwnerGroupsInclude.Get() c.OwnerGroupsExclude = constants.OwnerGroupsExclude.Get()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Nov 01 04:37:36 UTC 2023 - 3.9K bytes - Viewed (0) -
pkg/kube/inject/validate.go
case meshconfig.ProxyConfig_TPROXY.String(): case string(model.InterceptionNone): // not a global mesh config - must be enabled for each sidecar default: return fmt.Errorf("interceptionMode invalid, use REDIRECT,TPROXY,NONE: %v", mode) } return nil } // ValidateIncludeIPRanges validates the includeIPRanges parameter func ValidateIncludeIPRanges(ipRanges string) error { if ipRanges != "*" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 20:06:41 UTC 2024 - 5.9K bytes - Viewed (0) -
tools/istio-clean-iptables/pkg/cmd/cleanup.go
chains = []string{constants.ISTIOINBOUND, constants.ISTIODIVERT, constants.ISTIOTPROXY} flushAndDeleteChains(ext, iptV, constants.MANGLE, chains) if cfg.InboundInterceptionMode == constants.TPROXY { DeleteRule(ext, iptV, constants.MANGLE, constants.PREROUTING, "-p", constants.TCP, "-m", "mark", "--mark", cfg.InboundTProxyMark, "-j", "CONNMARK", "--save-mark") DeleteRule(ext, iptV, constants.MANGLE, constants.OUTPUT,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 13 15:51:15 UTC 2024 - 5.1K bytes - Viewed (0) -
tools/istio-iptables/pkg/config/config.go
return err } return ValidateIPv4LoopbackCidr(c.HostIPv4LoopbackCidr) } var envoyUserVar = env.Register(constants.EnvoyUser, "istio-proxy", "Envoy proxy username") func (c *Config) FillConfigFromEnvironment() error { // Fill in env-var only options c.OwnerGroupsInclude = constants.OwnerGroupsInclude.Get()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 22:24:38 UTC 2024 - 9.2K bytes - Viewed (0)