Package netlink provides a simple library for netlink. Netlink is the interface a user-space program in linux uses to communicate with the kernel. It can be used to add and remove interfaces, set up ip addresses and routes, and confiugre ipsec. Netlink communication requires elevated privileges, so in most cases this code needs to be run as root. The low level primitives for netlink are contained in the nl subpackage. This package attempts to provide a high-level interface that is loosly modeled on the iproute2 cli.
const ( ConntrackTable = 1 ConntrackExpectTable = 2 )
Constants used in TcU32Sel.Flags.
View Sourceconst ( FOU_ATTR_UNSPEC = iota FOU_ATTR_PORT FOU_ATTR_AF FOU_ATTR_IPPROTO FOU_ATTR_TYPE FOU_ATTR_REMCSUM_NOPARTIAL FOU_ATTR_LOCAL_V4 FOU_ATTR_LOCAL_V6 FOU_ATTR_PEER_V4 FOU_ATTR_PEER_V6 FOU_ATTR_PEER_PORT FOU_ATTR_IFINDEX FOU_ATTR_MAX = FOU_ATTR_REMCSUM_NOPARTIAL )View Source
const ( INET_DIAG_NONE = iota INET_DIAG_MEMINFO INET_DIAG_INFO INET_DIAG_VEGASINFO INET_DIAG_CONG INET_DIAG_TOS INET_DIAG_TCLASS INET_DIAG_SKMEMINFO INET_DIAG_SHUTDOWN INET_DIAG_DCTCPINFO INET_DIAG_PROTOCOL INET_DIAG_SKV6ONLY INET_DIAG_LOCALS INET_DIAG_PEERS INET_DIAG_PAD INET_DIAG_MARK INET_DIAG_BBRINFO INET_DIAG_CLASS_ID INET_DIAG_MD5SIG INET_DIAG_ULP_INFO INET_DIAG_SK_BPF_STORAGES INET_DIAG_CGROUP_ID INET_DIAG_SOCKOPT INET_DIAG_MAX )
INET_DIAG constatns
View Sourceconst ( ETHTOOL_GSSET_INFO = 0x00000037 SIOCETHTOOL = 0x8946 ETHTOOL_GSTRINGS = 0x0000001b ETHTOOL_GSTATS = 0x0000001d )
ioctl for statistics.
View Sourceconst ( ETH_SS_TEST = iota ETH_SS_STATS ETH_SS_PRIV_FLAGS ETH_SS_FEATURES ETH_SS_RSS_HASH_FUNCS )
string set id.
View Sourceconst ( OperUnknown = iota OperNotPresent OperDown OperLowerLayerDown OperTesting OperDormant OperUp )View Source
const ( BOND_MODE_MASK uint64 = 1 << (1 + iota) BOND_ACTIVE_SLAVE_MASK BOND_MIIMON_MASK BOND_UPDELAY_MASK BOND_DOWNDELAY_MASK BOND_USE_CARRIER_MASK BOND_ARP_INTERVAL_MASK BOND_ARP_VALIDATE_MASK BOND_ARP_ALL_TARGETS_MASK BOND_PRIMARY_MASK BOND_PRIMARY_RESELECT_MASK BOND_FAIL_OVER_MAC_MASK BOND_XMIT_HASH_POLICY_MASK BOND_RESEND_IGMP_MASK BOND_NUM_PEER_NOTIF_MASK BOND_ALL_SLAVES_ACTIVE_MASK BOND_MIN_LINKS_MASK BOND_LP_INTERVAL_MASK BOND_PACKETS_PER_SLAVE_MASK BOND_LACP_RATE_MASK BOND_AD_SELECT_MASK )
Flag mask for bond options. Bond.Flagmask must be set to on for option to work.
View Sourceconst ( IP6_TNL_F_IGN_ENCAP_LIMIT IP6TunnelFlag = 1 IP6_TNL_F_USE_ORIG_TCLASS = 2 IP6_TNL_F_USE_ORIG_FLOWLABEL = 4 IP6_TNL_F_MIP6_DEV = 8 IP6_TNL_F_RCV_DSCP_COPY = 10 IP6_TNL_F_USE_ORIG_FWMARK = 20 IP6_TNL_F_ALLOW_LOCAL_REMOTE = 40 )View Source
const ( CAN_STATE_ERROR_ACTIVE = iota CAN_STATE_ERROR_WARNING CAN_STATE_ERROR_PASSIVE CAN_STATE_BUS_OFF CAN_STATE_STOPPED CAN_STATE_SLEEPING )View Source
const ( SizeofLinkStats32 = 0x5c SizeofLinkStats64 = 0xb8 )
ideally golang.org/x/sys/unix would define IfReq but it only has IFNAMSIZ, hence this minimalistic implementation
View Sourceconst ( NDA_UNSPEC = iota NDA_DST NDA_LLADDR NDA_CACHEINFO NDA_PROBES NDA_VLAN NDA_PORT NDA_VNI NDA_IFINDEX NDA_MASTER NDA_LINK_NETNSID NDA_SRC_VNI NDA_PROTOCOL NDA_NH_ID NDA_FDB_EXT_ATTRS NDA_FLAGS_EXT NDA_MAX = NDA_FLAGS_EXT )View Source
const ( NUD_NONE = 0x00 NUD_INCOMPLETE = 0x01 NUD_REACHABLE = 0x02 NUD_STALE = 0x04 NUD_DELAY = 0x08 NUD_PROBE = 0x10 NUD_FAILED = 0x20 NUD_NOARP = 0x40 NUD_PERMANENT = 0x80 )
Neighbor Cache Entry States.
View Sourceconst ( NTF_USE = 0x01 NTF_SELF = 0x02 NTF_MASTER = 0x04 NTF_PROXY = 0x08 NTF_EXT_LEARNED = 0x10 NTF_OFFLOADED = 0x20 NTF_STICKY = 0x40 NTF_ROUTER = 0x80 )
Neighbor Flags
Family type definitions
These can be replaced by the values from sys/unix when it is next released.
View Sourceconst ( PROC_EVENT_NONE = 0x00000000 PROC_EVENT_FORK = 0x00000001 PROC_EVENT_EXEC = 0x00000002 PROC_EVENT_UID = 0x00000004 PROC_EVENT_GID = 0x00000040 PROC_EVENT_SID = 0x00000080 PROC_EVENT_PTRACE = 0x00000100 PROC_EVENT_COMM = 0x00000200 PROC_EVENT_COREDUMP = 0x40000000 PROC_EVENT_EXIT = 0x80000000 )View Source
const ( CN_VAL_PROC = 0x1 PROC_CN_MCAST_LISTEN = 0x1 )View Source
const ( HANDLE_NONE = 0 HANDLE_INGRESS = 0xFFFFFFF1 HANDLE_CLSACT = HANDLE_INGRESS HANDLE_ROOT = 0xFFFFFFFF PRIORITY_MAP_LEN = 16 )View Source
const ( HANDLE_MIN_INGRESS = 0xFFFFFFF2 HANDLE_MIN_EGRESS = 0xFFFFFFF3 )View Source
const ( HORIZON_DROP_POLICY_CAP = 0 HORIZON_DROP_POLICY_DROP = 1 HORIZON_DROP_POLICY_DEFAULT = 255 )View Source
const ( RT_FILTER_PROTOCOL uint64 = 1 << (1 + iota) RT_FILTER_SCOPE RT_FILTER_TYPE RT_FILTER_TOS RT_FILTER_IIF RT_FILTER_OIF RT_FILTER_DST RT_FILTER_SRC RT_FILTER_GW RT_FILTER_TABLE RT_FILTER_HOPLIMIT RT_FILTER_PRIORITY RT_FILTER_MARK RT_FILTER_MASK RT_FILTER_REALM )View Source
const ( TCP_ESTABLISHED = iota + 0x01 TCP_SYN_SENT TCP_SYN_RECV TCP_FIN_WAIT1 TCP_FIN_WAIT2 TCP_TIME_WAIT TCP_CLOSE TCP_CLOSE_WAIT TCP_LAST_ACK TCP_LISTEN TCP_CLOSING TCP_NEW_SYN_REC TCP_MAX_STATES )
TCP States
View Sourceconst ( UNIX_DIAG_NAME = iota UNIX_DIAG_VFS UNIX_DIAG_PEER UNIX_DIAG_ICONS UNIX_DIAG_RQLEN UNIX_DIAG_MEMINFO UNIX_DIAG_SHUTDOWN UNIX_DIAG_UID UNIX_DIAG_MAX )
According to linux/include/uapi/linux/unix_diag.h
View Sourceconst ( VIRTIO_NET_F_CSUM = 0 VIRTIO_NET_F_GUEST_CSUM = 1 VIRTIO_NET_F_CTRL_GUEST_OFFLOADS = 2 VIRTIO_NET_F_MTU = 3 VIRTIO_NET_F_MAC = 5 VIRTIO_NET_F_GUEST_TSO4 = 7 VIRTIO_NET_F_GUEST_TSO6 = 8 VIRTIO_NET_F_GUEST_ECN = 9 VIRTIO_NET_F_GUEST_UFO = 10 VIRTIO_NET_F_HOST_TSO4 = 11 VIRTIO_NET_F_HOST_TSO6 = 12 VIRTIO_NET_F_HOST_ECN = 13 VIRTIO_NET_F_HOST_UFO = 14 VIRTIO_NET_F_MRG_RXBUF = 15 VIRTIO_NET_F_STATUS = 16 VIRTIO_NET_F_CTRL_VQ = 17 VIRTIO_NET_F_CTRL_RX = 18 VIRTIO_NET_F_CTRL_VLAN = 19 VIRTIO_NET_F_GUEST_ANNOUNCE = 21 VIRTIO_NET_F_MQ = 22 VIRTIO_NET_F_CTRL_MAC_ADDR = 23 VIRTIO_NET_F_VQ_NOTF_COAL = 52 VIRTIO_NET_F_NOTF_COAL = 53 VIRTIO_NET_F_GUEST_USO4 = 54 VIRTIO_NET_F_GUEST_USO6 = 55 VIRTIO_NET_F_HOST_USO = 56 VIRTIO_NET_F_HASH_REPORT = 57 VIRTIO_NET_F_GUEST_HDRLEN = 59 VIRTIO_NET_F_RSC_EXT = 61 VIRTIO_NET_F_STANDBY = 62 VIRTIO_NET_F_SPEED_DUPLEX = 63 VIRTIO_NET_F_GSO = 6 )
features for virtio net
View Sourceconst ( VIRTIO_NET_S_LINK_UP = 1 VIRTIO_NET_S_ANNOUNCE = 2 )
virtio net status
View Sourceconst ( VIRTIO_F_NOTIFY_ON_EMPTY = 24 VIRTIO_F_ANY_LAYOUT = 27 VIRTIO_F_VERSION_1 = 32 VIRTIO_F_ACCESS_PLATFORM = 33 VIRTIO_F_IOMMU_PLATFORM = VIRTIO_F_ACCESS_PLATFORM VIRTIO_F_RING_PACKED = 34 VIRTIO_F_IN_ORDER = 35 VIRTIO_F_ORDER_PLATFORM = 36 VIRTIO_F_SR_IOV = 37 VIRTIO_F_NOTIFICATION_DATA = 38 VIRTIO_F_NOTIF_CONFIG_DATA = 39 VIRTIO_F_RING_RESET = 40 )
virtio config
View Sourceconst ( VIRTIO_ID_NET = 1 VIRTIO_ID_BLOCK = 2 VIRTIO_ID_CONSOLE = 3 VIRTIO_ID_RNG = 4 VIRTIO_ID_BALLOON = 5 VIRTIO_ID_IOMEM = 6 VIRTIO_ID_RPMSG = 7 VIRTIO_ID_SCSI = 8 VIRTIO_ID_9P = 9 VIRTIO_ID_MAC80211_WLAN = 10 VIRTIO_ID_RPROC_SERIAL = 11 VIRTIO_ID_CAIF = 12 VIRTIO_ID_MEMORY_BALLOON = 13 VIRTIO_ID_GPU = 16 VIRTIO_ID_CLOCK = 17 VIRTIO_ID_INPUT = 18 VIRTIO_ID_VSOCK = 19 VIRTIO_ID_CRYPTO = 20 VIRTIO_ID_SIGNAL_DIST = 21 VIRTIO_ID_PSTORE = 22 VIRTIO_ID_IOMMU = 23 VIRTIO_ID_MEM = 24 VIRTIO_ID_SOUND = 25 VIRTIO_ID_FS = 26 VIRTIO_ID_PMEM = 27 VIRTIO_ID_RPMB = 28 VIRTIO_ID_MAC80211_HWSIM = 29 VIRTIO_ID_VIDEO_ENCODER = 30 VIRTIO_ID_VIDEO_DECODER = 31 VIRTIO_ID_SCMI = 32 VIRTIO_ID_NITRO_SEC_MOD = 33 VIRTIO_ID_I2C_ADAPTER = 34 VIRTIO_ID_WATCHDOG = 35 VIRTIO_ID_CAN = 36 VIRTIO_ID_DMABUF = 37 VIRTIO_ID_PARAM_SERV = 38 VIRTIO_ID_AUDIO_POLICY = 39 VIRTIO_ID_BT = 40 VIRTIO_ID_GPIO = 41 VIRTIO_TRANS_ID_NET = 0x1000 VIRTIO_TRANS_ID_BLOCK = 0x1001 VIRTIO_TRANS_ID_BALLOON = 0x1002 VIRTIO_TRANS_ID_CONSOLE = 0x1003 VIRTIO_TRANS_ID_SCSI = 0x1004 VIRTIO_TRANS_ID_RNG = 0x1005 VIRTIO_TRANS_ID_9P = 0x1009 )
virtio device ids
View Sourceconst ( XDP_SHOW_INFO = 1 << iota XDP_SHOW_RING_CFG XDP_SHOW_UMEM XDP_SHOW_MEMINFO XDP_SHOW_STATS )
XDP diagnosis show flag constants to request particular information elements.
View Sourceconst ( XDP_DIAG_NONE = iota XDP_DIAG_INFO XDP_DIAG_UID XDP_DIAG_RX_RING XDP_DIAG_TX_RING XDP_DIAG_UMEM XDP_DIAG_UMEM_FILL_RING XDP_DIAG_UMEM_COMPLETION_RING XDP_DIAG_MEMINFO XDP_DIAG_STATS )
XDP diag element constants
Extended Neighbor Flags
ErrDumpInterrupted is an alias for nl.ErrDumpInterrupted.
AddrAdd will add an IP address to a link device.
Equivalent to: `ip addr add $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger. If `net.IPv4zero` is given as the broadcast address, broadcast is disabled.
AddrDel will delete an IP address from a link device.
Equivalent to: `ip addr del $addr dev $link`
AddrReplace will replace (or, if not present, add) an IP address on a link device.
Equivalent to: `ip addr replace $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger. If `net.IPv4zero` is given as the broadcast address, broadcast is disabled.
AddrSubscribe takes a chan down which notifications will be sent when addresses change. Close the 'done' chan to stop subscription.
AddrSubscribeAt works like AddrSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
AddrSubscribeWithOptions work like AddrSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
BridgeVlanAdd adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanAddRange(link Link, vid, vidEnd uint16, pvid, untagged, self, master bool) error
BridgeVlanAddRange adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
BridgeVlanAddRangeTunnelInfoRange adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID-VIDEND tunnel_info id VIN-VINEND [ self ] [ master ]`
BridgeVlanAddTunnelInfo adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID tunnel_info id TUNID [ self ] [ master ]`
func BridgeVlanDel ¶BridgeVlanDel adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanDelRange ¶ added in v1.2.1func BridgeVlanDelRange(link Link, vid, vidEnd uint16, pvid, untagged, self, master bool) error
BridgeVlanDelRange adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func BridgeVlanDelRangeTunnelInfoRange ¶ added in v1.3.1BridgeVlanDelRangeTunnelInfoRange adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID-VIDEND tunnel_info id VIN-VINEND [ self ] [ master ]`
func BridgeVlanDelTunnelInfo ¶ added in v1.3.1BridgeVlanDelTunnelInfo adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID tunnel_info id TUNID [ self ] [ master ]`
BridgeVlanList gets a map of device id to bridge vlan infos. Equivalent to: `bridge vlan show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
BridgeVlanTunnelShow gets vlanid-tunnelid mapping. Equivalent to: `bridge vlan tunnelshow`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
ChainAdd will add a chain to the system. Equivalent to: `tc chain add`
ChainDel will delete a chain from the system.
ClassAdd will add a class to the system. Equivalent to: `tc class add $class`
ClassChange will change a class in place Equivalent to: `tc class change $class` The parent and handle MUST NOT be changed.
ClassDel will delete a class from the system. Equivalent to: `tc class del $class`
ClassReplace will replace a class to the system. quivalent to: `tc class replace $class` The handle MAY be changed. If a class already exist with this parent/handle pair, the class is changed. If a class does not already exist with this parent/handle, a new class is created.
ConntrackCreate creates a new conntrack flow in the desired table conntrack -I [table] Create a conntrack or expectation
ConntrackDeleteFilter deletes entries on the specified table on the base of the filter conntrack -D [table] parameters Delete conntrack or expectation
Deprecated: use ConntrackDeleteFilters instead.
ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters conntrack -D [table] parameters Delete conntrack or expectation
ConntrackTableFlush flushes all the flows of a specified table conntrack -F [table] Flush table The flush operation applies to all the family types
ConntrackUpdate updates an existing conntrack flow in the desired table using the handle conntrack -U [table] Update a conntrack
DevLinkPortDel deletes a devlink port and returns success or error code.
DevLinkSetEswitchMode sets eswitch mode if able to set successfully or returns an error code. Equivalent to: `devlink dev eswitch set $dev mode switchdev` Equivalent to: `devlink dev eswitch set $dev mode legacy`
DevlinkGetDeviceInfoByNameAsMap returns devlink info for selected device as a map, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
DevlinkPortFnSet sets one or more port function attributes specified by the attribute mask. It returns 0 on success or error code.
DevlinkSetDeviceParam set specific parameter for devlink device Equivalent to: `devlink dev param set <bus>/<device> name <param> cmode <cmode> value <value>` cmode argument should contain valid cmode value as uint8, modes are define in nl.DEVLINK_PARAM_CMODE_* constants value argument should have one of the following types: uint8, uint16, uint32, string, bool
FilterAdd will add a filter to the system. Equivalent to: `tc filter add $filter`
FilterDel will delete a filter from the system. Equivalent to: `tc filter del $filter`
FilterReplace will replace a filter. Equivalent to: `tc filter replace $filter`
GetNetNsIdByFd looks up the network namespace ID for a given fd. fd must be an open file descriptor to a namespace file. Returns -1 if the namespace does not have an ID set.
GetNetNsIdByPid looks up the network namespace ID for a given pid (really thread id). Returns -1 if the namespace does not have an ID set.
GetSocketTimeout returns the timeout value used by default netlink sockets
IpsetAdd adds an entry to an existing ipset.
IpsetCreate creates a new ipset
IpsetDel deletes an entry from an existing ipset.
IpsetDestroy destroys an existing ipset
IpsetFlush flushes an existing ipset
IpsetProtocol returns the ipset protocol version from the kernel
IpsetSwap swaps two ipsets.
IpsetTest tests whether an entry is in a set or not.
IsBitSet check if specific bit is set in the uint64 input value usage example: hasNetClass := IsBitSet(mgmtDev, VIRTIO_ID_NET)
LinkAdd adds a new link device. The type and features of the device are taken from the parameters in the link object. Equivalent to: `ip link add $link`
LinkAddAltName adds a new alternative name for the link device. Equivalent to: `ip link property add $link altname $name`
LinkDel deletes link device. Either Index or Name must be set in the link object for it to be deleted. The other values are ignored. Equivalent to: `ip link del $link`
LinkDelAltName delete an alternative name for the link device. Equivalent to: `ip link property del $link altname $name`
LinkSetBondSlave removes specified slave from bond link via ioctl interface.
LinkSetAlias sets the alias of the link device. Equivalent to: `ip link set dev $link alias $name`
LinkSetAllmulticastOff disables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast off`
LinkSetAllmulticastOn enables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast on`
LinkSetBRSlaveGroupFwdMask set the group_fwd_mask of a bridge slave interface
LinkSetBondSlave add slave to bond link via ioctl interface.
LinkSetBondSlaveActive sets specified slave to ACTIVE in an `active-backup` bond link via ioctl interface.
Multiple calls keeps the status unchanged(shown in the unit test).
LinkSetBondSlaveQueueId modify bond slave queue-id.
LinkSetDown disables link device. Equivalent to: `ip link set $link down`
LinkSetGROIPv4MaxSize sets the IPv4 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_ipv4_max_size $maxSize`
LinkSetGROMaxSize sets the IPv6 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_max_size $maxSize`
LinkSetGSOIPv4MaxSize sets the IPv4 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_ipv4_max_size $maxSize`
LinkSetGSOMaxSegs sets the GSO maximum segment count of the link device. Equivalent to: `ip link set $link gso_max_segs $maxSegs`
LinkSetGSOMaxSize sets the IPv6 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_max_size $maxSize`
LinkSetGroup sets the link group id which can be used to perform mass actions with iproute2 as well use it as a reference in nft filters. Equivalent to: `ip link set $link group $id`
LinkSetHardwareAddr sets the hardware address of the link device. Equivalent to: `ip link set $link address $hwaddr`
LinkSetIP6AddrGenMode sets the IPv6 address generation mode of the link device. Equivalent to: `ip link set $link addrgenmode $mode`
LinkSetMTU sets the mtu of the link device. Equivalent to: `ip link set $link mtu $mtu`
LinkSetMacvlanMode sets the mode of a macvlan or macvtap link device. Note that passthrough mode cannot be set to and from and will fail. Equivalent to: `ip link set $link type (macvlan|macvtap) mode $mode
LinkSetMaster sets the master of the link device. Equivalent to: `ip link set $link master $master`
LinkSetMasterByIndex sets the master of the link device. Equivalent to: `ip link set $link master $master`
LinkSetAllmulticastOff disables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast off`
LinkSetMulticastOn enables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast on`
LinkSetName sets the name of the link device. Equivalent to: `ip link set $link name $name`
LinkSetNoMaster removes the master of the link device. Equivalent to: `ip link set $link nomaster`
LinkSetNsFd puts the device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `ip link set $link netns $ns`
LinkSetNsPid puts the device into a new network namespace. The pid must be a pid of a running process. Equivalent to: `ip link set $link netns $pid`
LinkSetTxQLen sets the transaction queue length for the link. Equivalent to: `ip link set $link txqlen $qlen`
LinkSetUp enables the link device. Equivalent to: `ip link set $link up`
LinkSetVfHardwareAddr sets the hardware address of a vf for the link. Equivalent to: `ip link set $link vf $vf mac $hwaddr`
LinkSetVfNodeGUID sets the node GUID of a vf for the link. Equivalent to: `ip link set dev $link vf $vf node_guid $nodeguid`
LinkSetVfPortGUID sets the port GUID of a vf for the link. Equivalent to: `ip link set dev $link vf $vf port_guid $portguid`
func LinkSetVfRate(link Link, vf, minRate, maxRate int) error
LinkSetVfRate sets the min and max tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf min_tx_rate $min_rate max_tx_rate $max_rate`
LinkSetVfSpoofchk enables/disables spoof check on a vf for the link. Equivalent to: `ip link set $link vf $vf spoofchk $check`
LinkSetVfState enables/disables virtual link state on a vf. Equivalent to: `ip link set $link vf $vf state $state`
LinkSetVfTrust enables/disables trust state on a vf for the link. Equivalent to: `ip link set $link vf $vf trust $state`
LinkSetVfTxRate sets the tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf rate $rate`
LinkSetVfVlan sets the vlan of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan`
LinkSetVfVlanQos sets the vlan and qos priority of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos`
func LinkSetVfVlanQosProto(link Link, vf, vlan, qos, proto int) error
LinkSetVfVlanQosProto sets the vlan, qos and protocol of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos proto $proto`
LinkSetXdpFd adds a bpf function to the driver. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_XDP)
LinkSetXdpFdWithFlags adds a bpf function to the driver with the given options. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_XDP)
LinkSubscribe takes a chan down which notifications will be sent when links change. Close the 'done' chan to stop subscription.
LinkSubscribeAt works like LinkSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
LinkSubscribeWithOptions work like LinkSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
When options.ListExisting is true, options.ErrorCallback may be called with ErrDumpInterrupted to indicate that results from the initial dump of links may be inconsistent or incomplete.
NeighAdd will add an IP to MAC mapping to the ARP table Equivalent to: `ip neigh add ....`
NeighAppend will append an entry to FDB Equivalent to: `bridge fdb append...`
NeighDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`
NeighSet will add or replace an IP to MAC mapping to the ARP table Equivalent to: `ip neigh replace....`
NeighSubscribe takes a chan down which notifications will be sent when neighbors are added or deleted. Close the 'done' chan to stop subscription.
NeighSubscribeAt works like NeighSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
NeighSubscribeWithOptions work like NeighSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
When options.ListExisting is true, options.ErrorCallback may be called with ErrDumpInterrupted to indicate that results from the initial dump of links may be inconsistent or incomplete.
NewIPNet generates an IPNet from an ip address using a netmask of 32 or 128.
ParseIPNet parses a string in ip/net format and returns a net.IPNet. This is valuable because addresses in netlink are often IPNets and ParseCIDR returns an IPNet with the IP part set to the base IP of the range.
QdiscAdd will add a qdisc to the system. Equivalent to: `tc qdisc add $qdisc`
QdiscChange will change a qdisc in place Equivalent to: `tc qdisc change $qdisc` The parent and handle MUST NOT be changed.
QdiscDel will delete a qdisc from the system. Equivalent to: `tc qdisc del $qdisc`
QdiscReplace will replace a qdisc to the system. Equivalent to: `tc qdisc replace $qdisc` The handle MUST change.
func RdmaLinkAdd(linkName, linkType, netdev string) error
RdmaLinkAdd adds an rdma link for the specified type to the network device. Similar to: rdma link add NAME type TYPE netdev NETDEV
NAME - specifies the new name of the rdma link to add TYPE - specifies which rdma type to use. Link types: rxe - Soft RoCE driver siw - Soft iWARP driver NETDEV - specifies the network device to which the link is bound
REF: https://man7.org/linux/man-pages/man8/rdma-link.8.html
RdmaLinkSetName sets the name of the rdma link device. Return nil on success or error otherwise. Equivalent to: `rdma dev set $old_devname name $name`
RdmaLinkSetNsFd puts the RDMA device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `rdma dev set $dev netns $ns`
RdmaSystemGetNetnsMode gets the net namespace mode for RDMA subsystem Returns mode string and error status as nil on success or returns error otherwise. Equivalent to: `rdma system show netns'
RdmaSystemSetNetnsMode sets the net namespace mode for RDMA subsystem Returns nil on success or appropriate error code. Equivalent to: `rdma system set netns { shared | exclusive }'
RouteAdd will add a route to the system. Equivalent to: `ip route add $route`
RouteAddEcmp will add a route to the system.
RouteAppend will append a route to the system. Equivalent to: `ip route append $route`
RouteChange will change an existing route in the system. Equivalent to: `ip route change $route`
RouteDel will delete a route from the system. Equivalent to: `ip route del $route`
RouteListFilteredIter passes each route that matches the filter to the given iterator func. Iteration continues until all routes are loaded or the func returns false.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
RouteReplace will add a route to the system. Equivalent to: `ip route replace $route`
RouteSubscribe takes a chan down which notifications will be sent when routes are added or deleted. Close the 'done' chan to stop subscription.
RouteSubscribeAt works like RouteSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
RouteSubscribeWithOptions work like RouteSubscribe but enable to provide additional options to modify the behavior. Currently, the namespace can be provided as well as an error callback.
When options.ListExisting is true, options.ErrorCallback may be called with ErrDumpInterrupted to indicate that results from the initial dump of links may be inconsistent or incomplete.
RuleAdd adds a rule to the system. Equivalent to: ip rule add
RuleDel deletes a rule from the system. Equivalent to: ip rule del
SetBits set provided bits in the uint64 input value usage example: features := SetBits(0, VIRTIO_NET_F_MTU, VIRTIO_NET_F_CTRL_MAC_ADDR)
SetNetNSIdByFd sets the ID of the network namespace for a given fd. fd must be an open file descriptor to a namespace file. The ID can only be set for namespaces without an ID already set.
func SetNetNsIdByPid(pid, nsid int) error
SetNetNSIdByPid sets the ID of the network namespace for a given pid (really thread id). The ID can only be set for namespaces without an ID already set.
SetSocketTimeout configures timeout for default netlink sockets
SocketDestroy kills the Socket identified by its local and remote addresses.
VDPADelDev removes VDPA device Equivalent to: `vdpa dev del <name>`
VDPANewDev adds new VDPA device Equivalent to: `vdpa dev add name <name> mgmtdev <mgmtBus>/mgmtName [params]`
VethPeerIndex get veth peer index.
XfrmPolicyAdd will add an xfrm policy to the system. Equivalent to: `ip xfrm policy add $policy`
XfrmPolicyDel will delete an xfrm policy from the system. Note that the Tmpls are ignored when matching the policy to delete. Equivalent to: `ip xfrm policy del $policy`
func XfrmPolicyFlush() error
XfrmPolicyFlush will flush the policies on the system. Equivalent to: `ip xfrm policy flush`
XfrmPolicyUpdate will update an xfrm policy to the system. Equivalent to: `ip xfrm policy update $policy`
XfrmStateAdd will add an xfrm state to the system. Equivalent to: `ip xfrm state add $state`
XfrmStateDel will delete an xfrm state from the system. Note that the Algos are ignored when matching the state to delete. Equivalent to: `ip xfrm state del $state`
XfrmStateFlush will flush the xfrm state on the system. proto = 0 means any transformation protocols Equivalent to: `ip xfrm state flush [ proto XFRM-PROTO ]`
XfrmStateUpdate will update an xfrm state to the system. Equivalent to: `ip xfrm state update $state`
Action represents an action in any supported filter.
Addr represents an IP address from netlink. Netlink ip addresses include a mask, so it stores the address as a net.IPNet.
AddrList gets a list of IP addresses in the system. Equivalent to: `ip addr show`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
ParseAddr parses the string representation of an address in the form $ip/$netmask $label. The label portion is optional
Equal returns true if both Addrs have the same net.IPNet value.
String returns $ip/$netmask $label
AddrSubscribeOptions contains a set of options to use with AddrSubscribeWithOptions.
Bond representation
Type implementation fro Vxlan.
BondAdInfo represents ad info for bond
BondAdSelect type
const ( BOND_AD_SELECT_STABLE BondAdSelect = iota BOND_AD_SELECT_BANDWIDTH BOND_AD_SELECT_COUNT )
Possible BondAdSelect value
type BondArpAllTargets int
BondArpAllTargets type
Possible BondArpAllTargets value
BondArpValidate type
const ( BOND_ARP_VALIDATE_NONE BondArpValidate = iota BOND_ARP_VALIDATE_ACTIVE BOND_ARP_VALIDATE_BACKUP BOND_ARP_VALIDATE_ALL )
Possible BondArpValidate value
BondFailOverMac type
const ( BOND_FAIL_OVER_MAC_NONE BondFailOverMac = iota BOND_FAIL_OVER_MAC_ACTIVE BOND_FAIL_OVER_MAC_FOLLOW )
Possible BondFailOverMac value
BondLacpRate type
const ( BOND_LACP_RATE_SLOW BondLacpRate = iota BOND_LACP_RATE_FAST BOND_LACP_RATE_UNKNOWN )
Possible BondLacpRate value
StringToBondLacpRate returns bond lacp arte, or unknown is the s is invalid.
BondMode type
const ( BOND_MODE_BALANCE_RR BondMode = iota BOND_MODE_ACTIVE_BACKUP BOND_MODE_BALANCE_XOR BOND_MODE_BROADCAST BOND_MODE_802_3AD BOND_MODE_BALANCE_TLB BOND_MODE_BALANCE_ALB BOND_MODE_UNKNOWN )
Possible BondMode
StringToBondMode returns bond mode, or unknown is the s is invalid.
type BondPrimaryReselect int
BondPrimaryReselect type
const ( BOND_PRIMARY_RESELECT_ALWAYS BondPrimaryReselect = iota BOND_PRIMARY_RESELECT_BETTER BOND_PRIMARY_RESELECT_FAILURE )
Possible BondPrimaryReselect value
type BondSlaveMiiStatus uint8
BondSlaveMiiStatus represents the values of the IFLA_BOND_SLAVE_MII_STATUS bond slave attribute, which contains the status of MII link monitoring
type BondSlaveState uint8
BondSlaveState represents the values of the IFLA_BOND_SLAVE_STATE bond slave attribute, which contains the state of the bond slave.
type BondXmitHashPolicy int
BondXmitHashPolicy type
const ( BOND_XMIT_HASH_POLICY_LAYER2 BondXmitHashPolicy = iota BOND_XMIT_HASH_POLICY_LAYER3_4 BOND_XMIT_HASH_POLICY_LAYER2_3 BOND_XMIT_HASH_POLICY_ENCAP2_3 BOND_XMIT_HASH_POLICY_ENCAP3_4 BOND_XMIT_HASH_POLICY_VLAN_SRCMAC BOND_XMIT_HASH_POLICY_UNKNOWN )
Possible BondXmitHashPolicy value
StringToBondXmitHashPolicy returns bond lacp arte, or unknown is the s is invalid.
SetProg adds a bpf function to the route via netlink RTA_ENCAP. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_LWT_*) matching the direction the program should be applied to (LWT_BPF_IN, LWT_BPF_OUT, LWT_BPF_XMIT).
SetXmitHeadroom sets the xmit headroom (LWT_BPF_MAX_HEADROOM) via netlink RTA_ENCAP. maximum headroom is LWT_BPF_MAX_HEADROOM
const ( BPF_PROG_TYPE_UNSPEC BpfProgType = iota BPF_PROG_TYPE_SOCKET_FILTER BPF_PROG_TYPE_KPROBE BPF_PROG_TYPE_SCHED_CLS BPF_PROG_TYPE_SCHED_ACT BPF_PROG_TYPE_TRACEPOINT BPF_PROG_TYPE_XDP BPF_PROG_TYPE_PERF_EVENT BPF_PROG_TYPE_CGROUP_SKB BPF_PROG_TYPE_CGROUP_SOCK BPF_PROG_TYPE_LWT_IN BPF_PROG_TYPE_LWT_OUT BPF_PROG_TYPE_LWT_XMIT BPF_PROG_TYPE_SOCK_OPS BPF_PROG_TYPE_SK_SKB BPF_PROG_TYPE_CGROUP_DEVICE BPF_PROG_TYPE_SK_MSG BPF_PROG_TYPE_RAW_TRACEPOINT BPF_PROG_TYPE_CGROUP_SOCK_ADDR BPF_PROG_TYPE_LWT_SEG6LOCAL BPF_PROG_TYPE_LIRC_MODE2 BPF_PROG_TYPE_SK_REUSEPORT BPF_PROG_TYPE_FLOW_DISSECTOR BPF_PROG_TYPE_CGROUP_SYSCTL BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE BPF_PROG_TYPE_CGROUP_SOCKOPT BPF_PROG_TYPE_TRACING BPF_PROG_TYPE_STRUCT_OPS BPF_PROG_TYPE_EXT BPF_PROG_TYPE_LSM BPF_PROG_TYPE_SK_LOOKUP )
Bridge links are simple linux bridges
Chain contains the attributes of a Chain
ChainList gets a list of chains in the system. Equivalent to: `tc chain list`. The list can be filtered by link.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
Class interfaces for all classes
ClassList gets a list of classes in the system. Equivalent to: `tc class show`.
Generally returns nothing if link and parent are not specified. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
ClassAttrs represents a netlink class. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.
ClassStatistics representation based on generic networking statistics for netlink. See Documentation/networking/gen_stats.txt in Linux source code for more details.
NewClassStatistics Construct a ClassStatistics struct which fields are all initialized by 0.
Clsact is a qdisc for adding filters
type CommProcEvent struct {
ProcessPid uint32
ProcessTgid uint32
Comm [16]byte
}
type ConntrackFilter struct {
}
AddIP adds an IP to the conntrack filter
AddIPNet adds a IP subnet to the conntrack filter
AddLabels adds the provided list (zero or more) of labels to the conntrack filter ConntrackFilterType here can be either:
AddPort adds a Port to the conntrack filter if the Layer 4 protocol allows it
AddProtocol adds the Layer 4 protocol to the conntrack filter
AddZone adds a zone to the conntrack filter
MatchConntrackFlow applies the filter to the flow and returns true if the flow matches the filter false otherwise
type ConntrackFilterType uint8
Filter types
ConntrackTableList returns the flow list of a table of a specific family conntrack -L [table] [options] List conntrack or expectation table
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
type ConntrackTableType uint8
ConntrackTableType Conntrack table for the netlink operation
type CustomConntrackFilter interface {
MatchConntrackFlow(flow *ConntrackFlow) bool
}
Device links cannot be created via netlink. These links are links created by udev like 'lo' and 'etho0'
DevlinkDevAttrs represents device attributes
DevlinkDevEswitchAttr represents device's eswitch attributes
DevlinkDevice represents device and its attributes
DevlinkGetDeviceByName provides a pointer to devlink device and nil error, otherwise returns an error code.
DevLinkGetDeviceList provides a pointer to devlink devices and nil error, otherwise returns an error code.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
GetDevlinkInfo returns devlink info for target device, otherwise returns an error code.
GetDevlinkInfoAsMap returns devlink info for target device as a map, otherwise returns an error code.
DevlinkDeviceInfo represents devlink info
DevlinkGetDeviceInfoByName returns devlink info for selected device, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
DevlinkParam represents parameter of the device
DevlinkGetDeviceParamByName returns specific parameter for devlink device Equivalent to: `devlink dev param show <bus>/<device> name <param>`
DevlinkGetDeviceParams returns parameters for devlink device Equivalent to: `devlink dev param show <bus>/<device>`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
type DevlinkParamValue struct {
Data interface{}
CMODE uint8
}
DevlinkParamValue contains values of the parameter Data field contains specific type which can be casted by unsing info from the DevlinkParam.Type field
DevlinkPort represents port and its attributes
DevLinkGetPortList provides a pointer to devlink ports and nil error, otherwise returns an error code. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
DevLinkGetPortByIndex provides a pointer to devlink portand nil error, otherwise returns an error code.
DevLinkPortAdd adds a devlink port and returns a port on success otherwise returns nil port and an error code.
DevlinkPortFn represents port function and its attributes
DevlinkPortFnSetAttrs represents attributes to set
DevlinkResource represents a device resource
DevlinkResources represents all devlink resources of a devlink device
DevlinkGetDeviceResources returns devlink device resources
Dir is an enum representing an ipsec template direction.
const ( XFRM_DIR_IN Dir = iota XFRM_DIR_OUT XFRM_DIR_FWD XFRM_SOCKET_IN XFRM_SOCKET_OUT XFRM_SOCKET_FWD )
Dummy links are dummy ethernet devices
EncapType is an enum representing the optional packet encapsulation.
const ( XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1 XFRM_ENCAP_ESPINUDP )
type ExecProcEvent struct {
ProcessPid uint32
ProcessTgid uint32
}
FilterList gets a list of filters in the system. Equivalent to: `tc filter show`.
Generally returns nothing if link and parent are not specified. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
FilterAttrs represents a netlink filter. A filter is associated with a link, has a handle and a parent. The root filter of a device should have a parent == HANDLE_ROOT.
Fq is a classless packet scheduler meant to be mostly used for locally generated traffic.
FQ_Codel (Fair Queuing Controlled Delay) is queuing discipline that combines Fair Queuing with the CoDel AQM scheme.
GenericClass classes represent types that are not currently understood by this netlink library.
Attrs return the class attributes
Type return the class type
GenericFilter filters represent types that are not currently understood by this netlink library.
GenericLink links represent types that are not currently understood by this netlink library.
GenericQdisc qdiscs represent types that are not currently understood by this netlink library.
const ( GENEVE_DF_UNSET GeneveDf = iota GENEVE_DF_SET GENEVE_DF_INHERIT GENEVE_DF_MAX )
GnetStatsBasic Ref: struct gnet_stats_basic { ... }
GnetStatsQueue Ref: struct gnet_stats_queue { ... }
GnetStatsRateEst Ref: struct gnet_stats_rate_est { ... }
GnetStatsRateEst64 Ref: struct gnet_stats_rate_est64 { ... }
Gretap devices must specify LocalIP and RemoteIP on create
type Handle ¶Handle is an handle for the netlink requests on a specific network namespace. All the requests on the same netlink family share the same netlink socket, which gets released when the handle is Close'd.
func NewHandle ¶NewHandle returns a netlink handle on the current network namespace. Caller may specify the netlink families the handle should support. If no families are specified, all the families the netlink package supports will be automatically added.
func NewHandleAt ¶NewHandleAt returns a netlink handle on the network namespace specified by ns. If ns=netns.None(), current network namespace will be assumed
func NewHandleAtFrom ¶NewHandleAtFrom works as NewHandle but allows client to specify the new and the origin netns Handle.
func (*Handle) AddrAdd ¶AddrAdd will add an IP address to a link device.
Equivalent to: `ip addr add $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger. If `net.IPv4zero` is given as the broadcast address, broadcast is disabled.
func (*Handle) AddrDel ¶AddrDel will delete an IP address from a link device.
Equivalent to: `ip addr del $addr dev $link`
func (*Handle) AddrList ¶AddrList gets a list of IP addresses in the system. Equivalent to: `ip addr show`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) AddrReplace ¶AddrReplace will replace (or, if not present, add) an IP address on a link device.
Equivalent to: `ip addr replace $addr dev $link`
If `addr` is an IPv4 address and the broadcast address is not given, it will be automatically computed based on the IP mask if /30 or larger. If `net.IPv4zero` is given as the broadcast address, broadcast is disabled.
func (*Handle) BridgeVlanAdd ¶BridgeVlanAdd adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func (*Handle) BridgeVlanAddRange ¶ added in v1.2.1BridgeVlanAddRange adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func (*Handle) BridgeVlanDel ¶BridgeVlanDel adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
func (*Handle) BridgeVlanDelRange ¶ added in v1.2.1BridgeVlanDelRange adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`
func (*Handle) BridgeVlanList ¶BridgeVlanList gets a map of device id to bridge vlan infos. Equivalent to: `bridge vlan show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) ChainAdd ¶ added in v1.2.1ChainAdd will add a chain to the system. Equivalent to: `tc chain add`
func (*Handle) ChainDel ¶ added in v1.2.1ChainDel will delete a chain from the system. Equivalent to: `tc chain del $chain`
func (*Handle) ChainList ¶ added in v1.2.1ChainList gets a list of chains in the system. Equivalent to: `tc chain list`. The list can be filtered by link.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) ClassAdd ¶ClassAdd will add a class to the system. Equivalent to: `tc class add $class`
func (*Handle) ClassChange ¶ClassChange will change a class in place Equivalent to: `tc class change $class` The parent and handle MUST NOT be changed.
func (*Handle) ClassDel ¶ClassDel will delete a class from the system. Equivalent to: `tc class del $class`
func (*Handle) ClassList ¶ClassList gets a list of classes in the system. Equivalent to: `tc class show`.
Generally returns nothing if link and parent are not specified. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) ClassReplace ¶ClassReplace will replace a class to the system. quivalent to: `tc class replace $class` The handle MAY be changed. If a class already exist with this parent/handle pair, the class is changed. If a class does not already exist with this parent/handle, a new class is created.
func (*Handle) Close ¶ added in v1.2.1Close releases the resources allocated to this handle
func (*Handle) ConntrackCreate ¶ added in v1.2.1ConntrackCreate creates a new conntrack flow in the desired table using the handle conntrack -I [table] Create a conntrack or expectation
func (*Handle) ConntrackDeleteFilter deprecatedConntrackDeleteFilter deletes entries on the specified table on the base of the filter using the netlink handle passed conntrack -D [table] parameters Delete conntrack or expectation
Deprecated: use Handle.ConntrackDeleteFilters instead.
func (*Handle) ConntrackDeleteFilters ¶ added in v1.2.1ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters using the netlink handle passed conntrack -D [table] parameters Delete conntrack or expectation
func (*Handle) ConntrackTableFlush ¶ConntrackTableFlush flushes all the flows of a specified table using the netlink handle passed conntrack -F [table] Flush table The flush operation applies to all the family types
func (*Handle) ConntrackTableList ¶ConntrackTableList returns the flow list of a table of a specific family using the netlink handle passed conntrack -L [table] [options] List conntrack or expectation table
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) ConntrackUpdate ¶ added in v1.2.1ConntrackUpdate updates an existing conntrack flow in the desired table using the handle conntrack -U [table] Update a conntrack
func (*Handle) Delete deprecatedDelete releases the resources allocated to this handle
Deprecated: use Close instead which is in line with typical resource release patterns for files and other resources.
func (*Handle) DevLinkGetAllPortList ¶ added in v1.2.1DevLinkGetPortList provides a pointer to devlink ports and nil error, otherwise returns an error code. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) DevLinkGetDeviceByName ¶ added in v1.1.0DevlinkGetDeviceByName provides a pointer to devlink device and nil error, otherwise returns an error code.
func (*Handle) DevLinkGetDeviceList ¶ added in v1.1.0DevLinkGetDeviceList provides a pointer to devlink devices and nil error, otherwise returns an error code. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) DevLinkGetPortByIndex ¶ added in v1.2.1DevLinkGetPortByIndexprovides a pointer to devlink device and nil error, otherwise returns an error code.
func (*Handle) DevLinkPortAdd ¶ added in v1.2.1DevLinkPortAdd adds a devlink port and returns a port on success otherwise returns nil port and an error code.
func (*Handle) DevLinkPortDel ¶ added in v1.2.1DevLinkPortDel deletes a devlink port and returns success or error code.
func (*Handle) DevLinkSetEswitchMode ¶ added in v1.1.0DevLinkSetEswitchMode sets eswitch mode if able to set successfully or returns an error code. Equivalent to: `devlink dev eswitch set $dev mode switchdev` Equivalent to: `devlink dev eswitch set $dev mode legacy`
func (*Handle) DevlinkGetDeviceInfoByName ¶ added in v1.2.1DevlinkGetDeviceInfoByName returns devlink info for selected device, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
func (*Handle) DevlinkGetDeviceInfoByNameAsMap ¶ added in v1.2.1DevlinkGetDeviceInfoByNameAsMap returns devlink info for selected device as a map, otherwise returns an error code. Equivalent to: `devlink dev info $dev`
func (*Handle) DevlinkGetDeviceParamByName ¶ added in v1.2.1DevlinkGetDeviceParamByName returns specific parameter for devlink device Equivalent to: `devlink dev param show <bus>/<device> name <param>`
func (*Handle) DevlinkGetDeviceParams ¶ added in v1.2.1DevlinkGetDeviceParams returns parameters for devlink device Equivalent to: `devlink dev param show <bus>/<device>`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) DevlinkPortFnSet ¶ added in v1.2.1DevlinkPortFnSet sets one or more port function attributes specified by the attribute mask. It returns 0 on success or error code.
func (*Handle) DevlinkSetDeviceParam ¶ added in v1.2.1DevlinkSetDeviceParam set specific parameter for devlink device Equivalent to: `devlink dev param set <bus>/<device> name <param> cmode <cmode> value <value>` cmode argument should contain valid cmode value as uint8, modes are define in nl.DEVLINK_PARAM_CMODE_* constants value argument should have one of the following types: uint8, uint16, uint32, string, bool
func (*Handle) FilterAdd ¶FilterAdd will add a filter to the system. Equivalent to: `tc filter add $filter`
func (*Handle) FilterDel ¶FilterDel will delete a filter from the system. Equivalent to: `tc filter del $filter`
func (*Handle) FilterList ¶FilterList gets a list of filters in the system. Equivalent to: `tc filter show`.
Generally returns nothing if link and parent are not specified. If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) FilterReplace ¶ added in v1.1.0FilterReplace will replace a filter. Equivalent to: `tc filter replace $filter`
func (*Handle) GetNetNsIdByFd ¶ added in v1.1.0GetNetNsIdByFd looks up the network namespace ID for a given fd. fd must be an open file descriptor to a namespace file. Returns -1 if the namespace does not have an ID set.
func (*Handle) GetNetNsIdByPid ¶ added in v1.1.0GetNetNsIdByPid looks up the network namespace ID for a given pid (really thread id). Returns -1 if the namespace does not have an ID set.
func (*Handle) GetSocketReceiveBufferSize ¶GetSocketReceiveBufferSize gets the receiver buffer size for each socket in the netlink handle. The retrieved value should be the double to the one set for SetSocketReceiveBufferSize.
func (*Handle) IpsetAdd ¶ added in v1.2.1IpsetAdd adds an entry to an existing ipset.
func (*Handle) IpsetDel ¶ added in v1.2.1IpsetDel deletes an entry from an existing ipset.
func (*Handle) LinkAdd ¶LinkAdd adds a new link device. The type and features of the device are taken from the parameters in the link object. Equivalent to: `ip link add $link`
func (*Handle) LinkAddAltName ¶ added in v1.2.1LinkAddAltName adds a new alternative name for the link device. Equivalent to: `ip link property add $link altname $name`
func (*Handle) LinkByAlias ¶LinkByAlias finds a link by its alias and returns a pointer to the object. If there are multiple links with the alias it returns the first one
If the kernel doesn't support IFLA_IFALIAS, this method will fall back to filtering a dump of all link names. In this case, if the returned error is ErrDumpInterrupted the result may be missing or outdated.
func (*Handle) LinkByIndex ¶LinkByIndex finds a link by index and returns a pointer to the object.
func (*Handle) LinkByName ¶LinkByName finds a link by name and returns a pointer to the object.
If the kernel doesn't support IFLA_IFNAME, this method will fall back to filtering a dump of all link names. In this case, if the returned error is ErrDumpInterrupted the result may be missing or outdated.
func (*Handle) LinkDel ¶LinkDel deletes link device. Either Index or Name must be set in the link object for it to be deleted. The other values are ignored. Equivalent to: `ip link del $link`
func (*Handle) LinkDelAltName ¶ added in v1.2.1LinkDelAltName delete an alternative name for the link device. Equivalent to: `ip link property del $link altname $name`
func (*Handle) LinkList ¶LinkList gets a list of link devices. Equivalent to: `ip link show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) LinkSetAlias ¶LinkSetAlias sets the alias of the link device. Equivalent to: `ip link set dev $link alias $name`
func (*Handle) LinkSetAllmulticastOff ¶ added in v1.1.0LinkSetAllmulticastOff disables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast off`
func (*Handle) LinkSetAllmulticastOn ¶ added in v1.1.0LinkSetAllmulticastOn enables the reception of all hardware multicast packets for the link device. Equivalent to: `ip link set $link allmulticast on`
func (*Handle) LinkSetBRSlaveGroupFwdMask ¶ added in v1.2.1LinkSetBRSlaveGroupFwdMask set the group_fwd_mask of a bridge slave interface
func (*Handle) LinkSetDown ¶LinkSetDown disables link device. Equivalent to: `ip link set $link down`
func (*Handle) LinkSetGROIPv4MaxSize ¶ added in v1.2.1LinkSetGROIPv4MaxSize sets the IPv4 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_ipv4_max_size $maxSize`
func (*Handle) LinkSetGROMaxSize ¶ added in v1.2.1LinkSetGROMaxSize sets the IPv6 GRO maximum size of the link device. Equivalent to: `ip link set $link gro_max_size $maxSize`
func (*Handle) LinkSetGSOIPv4MaxSize ¶ added in v1.2.1LinkSetGSOIPv4MaxSize sets the IPv4 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_ipv4_max_size $maxSize`
func (*Handle) LinkSetGSOMaxSegs ¶ added in v1.2.1LinkSetGSOMaxSegs sets the GSO maximum segment count of the link device. Equivalent to: `ip link set $link gso_max_segs $maxSegs`
func (*Handle) LinkSetGSOMaxSize ¶ added in v1.2.1LinkSetGSOMaxSize sets the IPv6 GSO maximum size of the link device. Equivalent to: `ip link set $link gso_max_size $maxSize`
func (*Handle) LinkSetGroup ¶ added in v1.1.0LinkSetGroup sets the link group id which can be used to perform mass actions with iproute2 as well use it as a reference in nft filters. Equivalent to: `ip link set $link group $id`
func (*Handle) LinkSetHardwareAddr ¶LinkSetHardwareAddr sets the hardware address of the link device. Equivalent to: `ip link set $link address $hwaddr`
func (*Handle) LinkSetIP6AddrGenMode ¶ added in v1.3.1LinkSetIP6AddrGenMode sets the IPv6 address generation mode of the link device. Equivalent to: `ip link set $link addrgenmode $mode`
func (*Handle) LinkSetMTU ¶LinkSetMTU sets the mtu of the link device. Equivalent to: `ip link set $link mtu $mtu`
func (*Handle) LinkSetMacvlanMode ¶ added in v1.2.1LinkSetMacvlanMode sets the mode of the macvlan or macvtap link device. Note that passthrough mode cannot be set to and from and will fail. Equivalent to: `ip link set $link type (macvlan|macvtap) mode $mode
func (*Handle) LinkSetMaster ¶LinkSetMaster sets the master of the link device. Equivalent to: `ip link set $link master $master`
func (*Handle) LinkSetMasterByIndex ¶LinkSetMasterByIndex sets the master of the link device. Equivalent to: `ip link set $link master $master`
func (*Handle) LinkSetMulticastOff ¶ added in v1.2.1LinkSetAllmulticastOff disables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast off`
func (*Handle) LinkSetMulticastOn ¶ added in v1.2.1LinkSetMulticastOn enables the reception of multicast packets for the link device. Equivalent to: `ip link set $link multicast on`
func (*Handle) LinkSetName ¶LinkSetName sets the name of the link device. Equivalent to: `ip link set $link name $name`
func (*Handle) LinkSetNoMaster ¶LinkSetNoMaster removes the master of the link device. Equivalent to: `ip link set $link nomaster`
func (*Handle) LinkSetNsFd ¶LinkSetNsFd puts the device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `ip link set $link netns $ns`
func (*Handle) LinkSetNsPid ¶LinkSetNsPid puts the device into a new network namespace. The pid must be a pid of a running process. Equivalent to: `ip link set $link netns $pid`
func (*Handle) LinkSetTxQLen ¶LinkSetTxQLen sets the transaction queue length for the link. Equivalent to: `ip link set $link txqlen $qlen`
func (*Handle) LinkSetUp ¶LinkSetUp enables the link device. Equivalent to: `ip link set $link up`
func (*Handle) LinkSetVfGUID ¶ added in v1.1.0LinkSetVfGUID sets the node or port GUID of a vf for the link.
func (*Handle) LinkSetVfHardwareAddr ¶LinkSetVfHardwareAddr sets the hardware address of a vf for the link. Equivalent to: `ip link set $link vf $vf mac $hwaddr`
func (*Handle) LinkSetVfRate ¶ added in v1.1.0LinkSetVfRate sets the min and max tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf min_tx_rate $min_rate max_tx_rate $max_rate`
func (*Handle) LinkSetVfSpoofchk ¶LinkSetVfSpoofchk enables/disables spoof check on a vf for the link. Equivalent to: `ip link set $link vf $vf spoofchk $check`
func (*Handle) LinkSetVfState ¶ added in v1.1.0LinkSetVfState enables/disables virtual link state on a vf. Equivalent to: `ip link set $link vf $vf state $state`
func (*Handle) LinkSetVfTrust ¶LinkSetVfTrust enables/disables trust state on a vf for the link. Equivalent to: `ip link set $link vf $vf trust $state`
func (*Handle) LinkSetVfTxRate ¶LinkSetVfTxRate sets the tx rate of a vf for the link. Equivalent to: `ip link set $link vf $vf rate $rate`
func (*Handle) LinkSetVfVlan ¶LinkSetVfVlan sets the vlan of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan`
func (*Handle) LinkSetVfVlanQos ¶ added in v1.1.0LinkSetVfVlanQos sets the vlan and qos priority of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos`
func (*Handle) LinkSetVfVlanQosProto ¶ added in v1.2.1LinkSetVfVlanQosProto sets the vlan, qos and protocol of a vf for the link. Equivalent to: `ip link set $link vf $vf vlan $vlan qos $qos proto $proto`
func (*Handle) NeighAdd ¶NeighAdd will add an IP to MAC mapping to the ARP table Equivalent to: `ip neigh add ....`
func (*Handle) NeighAppend ¶NeighAppend will append an entry to FDB Equivalent to: `bridge fdb append...`
func (*Handle) NeighDel ¶NeighDel will delete an IP address from a link device. Equivalent to: `ip addr del $addr dev $link`
func (*Handle) NeighList ¶NeighList returns a list of IP-MAC mappings in the system (ARP table). Equivalent to: `ip neighbor show`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) NeighListExecute ¶ added in v1.1.0NeighListExecute returns a list of neighbour entries filtered by link, ip family, flag and state.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) NeighProxyList ¶NeighProxyList returns a list of neighbor proxies in the system. Equivalent to: `ip neighbor show proxy`. The list can be filtered by link, ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) NeighSet ¶NeighSet will add or replace an IP to MAC mapping to the ARP table Equivalent to: `ip neigh replace....`
func (*Handle) QdiscAdd ¶QdiscAdd will add a qdisc to the system. Equivalent to: `tc qdisc add $qdisc`
func (*Handle) QdiscChange ¶QdiscChange will change a qdisc in place Equivalent to: `tc qdisc change $qdisc` The parent and handle MUST NOT be changed.
func (*Handle) QdiscDel ¶QdiscDel will delete a qdisc from the system. Equivalent to: `tc qdisc del $qdisc`
func (*Handle) QdiscList ¶QdiscList gets a list of qdiscs in the system. Equivalent to: `tc qdisc show`. The list can be filtered by link.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) QdiscReplace ¶QdiscReplace will replace a qdisc to the system. Equivalent to: `tc qdisc replace $qdisc` The handle MUST change.
func (*Handle) RdmaLinkAdd ¶ added in v1.2.1RdmaLinkAdd adds an rdma link for the specified type to the network device.
func (*Handle) RdmaLinkByName ¶ added in v1.1.0RdmaLinkByName finds a link by name and returns a pointer to the object if found and nil error, otherwise returns error code.
If the returned error is ErrDumpInterrupted, the result may be missing or outdated and the caller should retry.
func (*Handle) RdmaLinkList ¶ added in v1.2.1RdmaLinkList gets a list of RDMA link devices. Equivalent to: `rdma dev show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) RdmaLinkSetName ¶ added in v1.1.0RdmaLinkSetName sets the name of the rdma link device. Return nil on success or error otherwise. Equivalent to: `rdma dev set $old_devname name $name`
func (*Handle) RdmaLinkSetNsFd ¶ added in v1.1.0RdmaLinkSetNsFd puts the RDMA device into a new network namespace. The fd must be an open file descriptor to a network namespace. Similar to: `rdma dev set $dev netns $ns`
func (*Handle) RdmaPortStatisticList ¶ added in v1.3.1RdmaPortStatisticList get rdma device port statistic counters Returns rdma device port statistic counters on success or returns error otherwise. Equivalent to: `rdma statistic show link DEV/PORT'
func (*Handle) RdmaResourceList ¶ added in v1.3.1RdmaResourceList list rdma resource tracking information Returns all rdma devices resource tracking summary on success or returns error otherwise. Equivalent to: `rdma resource'
func (*Handle) RdmaStatistic ¶ added in v1.3.1RdmaStatistic get rdma device statistic counters Returns rdma device statistic counters on success or returns error otherwise. Equivalent to: `rdma statistic show link [DEV]'
func (*Handle) RdmaSystemGetNetnsMode ¶ added in v1.1.0RdmaSystemGetNetnsMode gets the net namespace mode for RDMA subsystem Returns mode string and error status as nil on success or returns error otherwise. Equivalent to: `rdma system show netns'
func (*Handle) RdmaSystemSetNetnsMode ¶ added in v1.1.0RdmaSystemSetNetnsMode sets the net namespace mode for RDMA subsystem Returns nil on success or appropriate error code. Equivalent to: `rdma system set netns { shared | exclusive }'
func (*Handle) RouteAdd ¶RouteAdd will add a route to the system. Equivalent to: `ip route add $route`
func (*Handle) RouteAddEcmp ¶ added in v1.2.1RouteAddEcmp will add a route to the system.
func (*Handle) RouteAppend ¶ added in v1.2.1RouteAppend will append a route to the system. Equivalent to: `ip route append $route`
func (*Handle) RouteChange ¶ added in v1.2.1RouteChange will change an existing route in the system. Equivalent to: `ip route change $route`
func (*Handle) RouteDel ¶RouteDel will delete a route from the system. Equivalent to: `ip route del $route`
func (*Handle) RouteGet ¶RouteGet gets a route to a specific destination from the host system. Equivalent to: 'ip route get'.
func (*Handle) RouteGetWithOptions ¶ added in v1.2.1RouteGetWithOptions gets a route to a specific destination from the host system. Equivalent to: 'ip route get <> vrf <VrfName>'.
func (*Handle) RouteList ¶RouteList gets a list of routes in the system. Equivalent to: `ip route show`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) RouteListFiltered ¶RouteListFiltered gets a list of routes in the system filtered with specified rules. All rules must be defined in RouteFilter struct
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) RouteReplace ¶RouteReplace will add a route to the system. Equivalent to: `ip route replace $route`
func (*Handle) RuleAdd ¶RuleAdd adds a rule to the system. Equivalent to: ip rule add
func (*Handle) RuleDel ¶RuleDel deletes a rule from the system. Equivalent to: ip rule del
func (*Handle) RuleList ¶RuleList lists rules in the system. Equivalent to: ip rule list
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) RuleListFiltered ¶ added in v1.2.1RuleListFiltered lists rules in the system. Equivalent to: ip rule list
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) SetNetNsIdByFd ¶ added in v1.1.0SetNetNSIdByFd sets the ID of the network namespace for a given fd. fd must be an open file descriptor to a namespace file. The ID can only be set for namespaces without an ID already set.
func (*Handle) SetNetNsIdByPid ¶ added in v1.1.0SetNetNSIdByPid sets the ID of the network namespace for a given pid (really thread id). The ID can only be set for namespaces without an ID already set.
func (*Handle) SetSocketReceiveBufferSize ¶SetSocketReceiveBufferSize sets the receive buffer size for each socket in the netlink handle. The maximum value is capped by /proc/sys/net/core/rmem_max.
func (*Handle) SetSocketTimeout ¶SetSocketTimeout sets the send and receive timeout for each socket in the netlink handle. Although the socket timeout has granularity of one microsecond, the effective granularity is floored by the kernel timer tick, which default value is four milliseconds.
func (*Handle) SetStrictCheck ¶ added in v1.2.1SetStrictCheck sets the strict check socket option for each socket in the netlink handle. Returns early if any set operation fails
func (*Handle) SocketDestroy ¶ added in v1.2.1SocketDestroy kills the Socket identified by its local and remote addresses.
func (*Handle) SocketDiagTCP ¶ added in v1.2.1SocketDiagTCP requests INET_DIAG_INFO for TCP protocol for specified family type and return related socket.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) SocketDiagTCPInfo ¶ added in v1.2.1SocketDiagTCPInfo requests INET_DIAG_INFO for TCP protocol for specified family type and return with extension TCP info.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) SocketDiagUDP ¶ added in v1.2.1SocketDiagUDP requests INET_DIAG_INFO for UDP protocol for specified family type and return related socket.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) SocketDiagUDPInfo ¶ added in v1.2.1SocketDiagUDPInfo requests INET_DIAG_INFO for UDP protocol for specified family type and return with extension info.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) SocketGet ¶ added in v1.2.1SocketGet returns the Socket identified by its local and remote addresses.
If the returned error is ErrDumpInterrupted, the search for a result may be incomplete and the caller should retry.
func (*Handle) SupportsNetlinkFamily ¶SupportsNetlinkFamily reports whether the passed netlink family is supported by this Handle
func (*Handle) UnixSocketDiag ¶ added in v1.2.1UnixSocketDiag requests UNIX_DIAG_INFO for unix sockets.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) UnixSocketDiagInfo ¶ added in v1.2.1UnixSocketDiagInfo requests UNIX_DIAG_INFO for unix sockets and return with extension info.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) VDPADelDev ¶ added in v1.2.1VDPADelDev removes VDPA device Equivalent to: `vdpa dev del <name>`
func (*Handle) VDPAGetDevByName ¶ added in v1.2.1VDPAGetDevByName returns VDPA device selected by name Equivalent to: `vdpa dev show <name>`
func (*Handle) VDPAGetDevConfigByName ¶ added in v1.2.1VDPAGetDevConfigByName returns VDPA device configuration selected by name Equivalent to: `vdpa dev config show <name>`
func (*Handle) VDPAGetDevConfigList ¶ added in v1.2.1VDPAGetDevConfigList returns list of VDPA devices configurations Equivalent to: `vdpa dev config show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) VDPAGetDevList ¶ added in v1.2.1VDPAGetDevList returns list of VDPA devices Equivalent to: `vdpa dev show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) VDPAGetDevVStats ¶ added in v1.2.1VDPAGetDevVStats returns vstats for VDPA device Equivalent to: `vdpa dev vstats show <name> qidx <queueIndex>`
func (*Handle) VDPAGetMGMTDevByBusAndName ¶ added in v1.2.1VDPAGetMGMTDevByBusAndName returns mgmt devices selected by bus and name Equivalent to: `vdpa mgmtdev show <bus>/<name>`
func (*Handle) VDPAGetMGMTDevList ¶ added in v1.2.1VDPAGetMGMTDevList returns list of mgmt devices Equivalent to: `vdpa mgmtdev show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) VDPANewDev ¶ added in v1.2.1VDPANewDev adds new VDPA device Equivalent to: `vdpa dev add name <name> mgmtdev <mgmtBus>/mgmtName [params]`
func (*Handle) XfrmPolicyAdd ¶XfrmPolicyAdd will add an xfrm policy to the system. Equivalent to: `ip xfrm policy add $policy`
func (*Handle) XfrmPolicyDel ¶XfrmPolicyDel will delete an xfrm policy from the system. Note that the Tmpls are ignored when matching the policy to delete. Equivalent to: `ip xfrm policy del $policy`
func (*Handle) XfrmPolicyFlush ¶XfrmPolicyFlush will flush the policies on the system. Equivalent to: `ip xfrm policy flush`
func (*Handle) XfrmPolicyGet ¶XfrmPolicyGet gets a the policy described by the index or selector, if found. Equivalent to: `ip xfrm policy get { SELECTOR | index INDEX } dir DIR [ctx CTX ] [ mark MARK [ mask MASK ] ] [ ptype PTYPE ]`.
func (*Handle) XfrmPolicyList ¶XfrmPolicyList gets a list of xfrm policies in the system. Equivalent to: `ip xfrm policy show`. The list can be filtered by ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) XfrmPolicyUpdate ¶XfrmPolicyUpdate will update an xfrm policy to the system. Equivalent to: `ip xfrm policy update $policy`
func (*Handle) XfrmStateAdd ¶XfrmStateAdd will add an xfrm state to the system. Equivalent to: `ip xfrm state add $state`
func (*Handle) XfrmStateDel ¶XfrmStateDel will delete an xfrm state from the system. Note that the Algos are ignored when matching the state to delete. Equivalent to: `ip xfrm state del $state`
func (*Handle) XfrmStateFlush ¶XfrmStateFlush will flush the xfrm state on the system. proto = 0 means any transformation protocols Equivalent to: `ip xfrm state flush [ proto XFRM-PROTO ]`
func (*Handle) XfrmStateGet ¶XfrmStateGet gets the xfrm state described by the ID, if found. Equivalent to: `ip xfrm state get ID [ mark MARK [ mask MASK ] ]`. Only the fields which constitue the SA ID must be filled in: ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM-PROTO ] [ spi SPI ] mark is optional
func (*Handle) XfrmStateList ¶XfrmStateList gets a list of xfrm states in the system. Equivalent to: `ip xfrm state show`. The list can be filtered by ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
func (*Handle) XfrmStateUpdate ¶XfrmStateUpdate will update an xfrm state to the system. Equivalent to: `ip xfrm state update $state`
HfscClass is a representation of the HFSC class
NewHfscClass returns a new HFSC struct with the set parameters
Attrs return the Hfsc parameters
SetFsc sets the Fsc curve. The bandwidth (m1 and m2) is specified in bits and the delay in seconds.
SetLS implements the LS from the `tc` CLI. This function behaves the same as if one would set the USC through the `tc` command-line tool. This means bandwidth (m1 and m2) is specified in bits and the delay in ms.
SetRsc sets the Rsc curve. The bandwidth (m1 and m2) is specified in bits and the delay in seconds.
SetSC implements the SC from the `tc` CLI. This function behaves the same as if one would set the USC through the `tc` command-line tool. This means bandwidth (m1 and m2) is specified in bits and the delay in ms.
SetUL implements the UL from the `tc` CLI. This function behaves the same as if one would set the USC through the `tc` command-line tool. This means bandwidth (m1 and m2) is specified in bits and the delay in ms.
SetUsc sets the USC curve. The bandwidth (m1 and m2) is specified in bits and the delay in seconds.
String() returns a string that contains the information and attributes of the HFSC class
Type return the type of the class
Htb is a classful qdisc that rate limits based on tokens
HtbClass represents an Htb class
NewHtbClass NOTE: function is in here because it uses other linux functions
Attrs returns the class attributes
Type return the class type
HtbClassAttrs stores the attributes of HTB class
IPSetEntry is used for adding, updating, retreiving and deleting entries
IPSetResult is the result of a dump request for a set
IpsetList dumps an specific ipset.
IpsetListAll dumps all ipsets.
const ( IPVLAN_FLAG_BRIDGE IPVlanFlag = iota IPVLAN_FLAG_PRIVATE IPVLAN_FLAG_VEPA )
const ( IPVLAN_MODE_L2 IPVlanMode = iota IPVLAN_MODE_L3 IPVLAN_MODE_L3S IPVLAN_MODE_MAX )
IPVtap - IPVtap is a virtual interfaces based on ipvlan
Ifb links are advanced dummy devices for packet filtering
Ifreq is a struct for ioctl ethernet manipulation syscalls.
IfreqSlave is a struct for ioctl bond manipulation syscalls. It is used to assign slave to bond interface with Name.
SocketDiagTCPInfo requests INET_DIAG_INFO for TCP protocol for specified family type and return with extension TCP info.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
type InetDiagUDPInfoResp struct {
InetDiagMsg *Socket
Memory *MemInfo
}
SocketDiagUDPInfo requests INET_DIAG_INFO for UDP protocol for specified family type and return with extension info.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
Ingress is a qdisc for adding ingress filters
IpsetCreateOptions is the options struct for creating a new ipset
Link represents a link device from netlink. Shared link attributes like name may be retrieved using the Attrs() method. Unique data can be retrieved by casting the object to the proper type.
LinkByAlias finds a link by its alias and returns a pointer to the object. If there are multiple links with the alias it returns the first one
If the kernel doesn't support IFLA_IFALIAS, this method will fall back to filtering a dump of all link names. In this case, if the returned error is ErrDumpInterrupted the result may be missing or outdated.
LinkByIndex finds a link by index and returns a pointer to the object.
LinkByName finds a link by name and returns a pointer to the object.
If the kernel doesn't support IFLA_IFNAME, this method will fall back to filtering a dump of all link names. In this case, if the returned error is ErrDumpInterrupted the result may be missing or outdated.
LinkDeserialize deserializes a raw message received from netlink into a link object.
LinkList gets a list of link devices. Equivalent to: `ip link show`
LinkAttrs represents data shared by most link types
NewLinkAttrs returns LinkAttrs structure filled with default values
type LinkNotFoundError struct {
}
LinkNotFoundError wraps the various not found errors when getting/reading links. This is intended for better error handling by dependent code so that "not found error" can be distinguished from other errors
LinkOperState represents the values of the IFLA_OPERSTATE link attribute, which contains the RFC2863 state of the interface.
type LinkSlave interface {
SlaveType() string
}
LinkSlave represents a slave device.
Ref: struct rtnl_link_stats {...}
Ref: struct rtnl_link_stats64 {...}
LinkSubscribeOptions contains a set of options to use with LinkSubscribeWithOptions.
LinkUpdate is used to pass information back from LinkSubscribe()
type MPLSDestination struct {
Labels []int
}
type MPLSEncap struct {
Labels []int
}
Macvlan links have ParentIndex set in their Attrs()
const ( MACVLAN_MODE_DEFAULT MacvlanMode = iota MACVLAN_MODE_PRIVATE MACVLAN_MODE_VEPA MACVLAN_MODE_BRIDGE MACVLAN_MODE_PASSTHRU MACVLAN_MODE_SOURCE )
Macvtap - macvtap is a virtual interfaces based on macvlan
MatchAll filters match all packets
Mode is an enum representing an ipsec transport.
const ( XFRM_MODE_TRANSPORT Mode = iota XFRM_MODE_TUNNEL XFRM_MODE_ROUTEOPTIMIZATION XFRM_MODE_IN_TRIGGER XFRM_MODE_BEET XFRM_MODE_MAX )
Ndmsg is for adding, removing or receiving information about a neighbor table entry
Neigh represents a link layer neighbor from netlink.
NeighList returns a list of IP-MAC mappings in the system (ARP table). Equivalent to: `ip neighbor show`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
NeighListExecute returns a list of neighbour entries filtered by link, ip family, flag and state.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
NeighProxyList returns a list of neighbor proxies in the system. Equivalent to: `ip neighbor show proxy`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
String returns $ip/$hwaddr $label
NeighSubscribeOptions contains a set of options to use with NeighSubscribeWithOptions.
NeighUpdate is sent when a neighbor changes - type is RTM_NEWNEIGH or RTM_DELNEIGH.
NOTE function is here because it uses other linux functions
SetPeerAttrs will not take effect if trying to modify an existing netkit device
PfifoFast is the default qdisc created by the kernel if one has not been defined for the interface
PolicyAction is an enum representing an ipsec policy action.
Prio is a basic qdisc that works just like PfifoFast
type ProcEventHeader struct {
}
Protinfo represents bridge flags from netlink.
String returns a list of enabled flags
Proto is an enum representing an ipsec protocol.
type ProtoInfo interface {
Protocol() string
}
ProtoInfo wraps an L4-protocol structure - roughly corresponds to the __nfct_protoinfo union found in libnetfilter_conntrack/include/internal/object.h. Currently, only protocol names, and TCP state is supported.
type ProtoInfoDCCP struct{}
ProtoInfoDCCP only supports the protocol name.
type ProtoInfoSCTP struct{}
ProtoInfoSCTP only supports the protocol name.
type ProtoInfoTCP struct {
State uint8
}
ProtoInfoTCP corresponds to the `tcp` struct of the __nfct_protoinfo union. Only TCP state is currently supported.
QdiscList gets a list of qdiscs in the system. Equivalent to: `tc qdisc show`. The list can be filtered by link.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
QdiscAttrs represents a netlink qdisc. A qdisc is associated with a link, has a handle, a parent and a refcnt. The root qdisc of a device should have parent == HANDLE_ROOT.
RdmaDeviceStatistic represents a rdma device statistic counter
RdmaStatistic get rdma device statistic counters Returns rdma device statistic counters on success or returns error otherwise. Equivalent to: `rdma statistic show link [DEV]'
Link represents a rdma device from netlink.
RdmaLinkByName finds a link by name and returns a pointer to the object if found and nil error, otherwise returns error code.
If the returned error is ErrDumpInterrupted, the result may be missing or outdated and the caller should retry.
RdmaLinkList gets a list of RDMA link devices. Equivalent to: `rdma dev show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
LinkAttrs represents data shared by most link types
RdmaPortStatistic represents a rdma port statistic counter
RdmaPortStatisticList get rdma device port statistic counters Returns rdma device port statistic counters on success or returns error otherwise. Equivalent to: `rdma statistic show link DEV/PORT'
RdmaResource represents a rdma device resource tracking summaries
RdmaResourceList list rdma resource tracking information Returns all rdma devices resource tracking summary on success or returns error otherwise. Equivalent to: `rdma resource'
Route represents a netlink route.
RouteGet gets a route to a specific destination from the host system. Equivalent to: 'ip route get'.
RouteGetWithOptions gets a route to a specific destination from the host system. Equivalent to: 'ip route get <> vrf <VrfName>'.
RouteList gets a list of routes in the system. Equivalent to: `ip route show`. The list can be filtered by link and ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
RouteListFiltered gets a list of routes in the system filtered with specified rules. All rules must be defined in RouteFilter struct
RouteGetOptions contains a set of options to use with RouteGetWithOptions
Protocol describe what was the originator of the route
RouteSubscribeOptions contains a set of options to use with RouteSubscribeWithOptions.
NlFlags is only non-zero for RTM_NEWROUTE, the following flags can be set:
Rule represents a netlink rule.
NewRule return empty rules.
RuleList lists rules in the system. Equivalent to: ip rule list
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
RuleListFiltered gets a list of rules in the system filtered by the specified rule template `filter`. Equivalent to: ip rule list
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
RulePortRange represents rule sport/dport range.
NewRulePortRange creates rule sport/dport range.
RuleUIDRange represents rule uid range.
NewRuleUIDRange creates rule uid range.
SADir is an enum representing an ipsec template direction.
const ( XFRM_SA_DIR_IN SADir = iota + 1 XFRM_SA_DIR_OUT )
type SEG6Encap struct {
Mode int
Segments []net.IP
}
SEG6 definitions
SEG6LocalEncap definitions
Scope is an enum representing a route scope.
type ServiceCurve struct {
}
ServiceCurve is a nondecreasing function of some time unit, returning the amount of service (an allowed or allocated amount of bandwidth) at some specific point in time. The purpose of it should be subconsciously obvious: if a class was allowed to transfer not less than the amount specified by its service curve, then the service curve is not violated.
Attrs return the parameters of the service curve
Burst returns the burst rate (m1) of the curve
Delay return the delay (d) of the curve
Rate returns the rate (m2) of the curve
Socket represents a netlink socket.
SocketDiagTCP requests INET_DIAG_INFO for TCP protocol for specified family type and return related socket.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
SocketDiagUDP requests INET_DIAG_INFO for UDP protocol for specified family type and return related socket.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
SocketGet returns the Socket identified by its local and remote addresses.
If the returned error is ErrDumpInterrupted, the search for a result may be incomplete and the caller should retry.
SocketID identifies a single socket.
Tbf is a classless qdisc that rate limits based on tokens
const ( TC_ACT_UNSPEC TcAct = -1 TC_ACT_OK TcAct = 0 TC_ACT_RECLASSIFY TcAct = 1 TC_ACT_SHOT TcAct = 2 TC_ACT_PIPE TcAct = 3 TC_ACT_STOLEN TcAct = 4 TC_ACT_QUEUED TcAct = 5 TC_ACT_REPEAT TcAct = 6 TC_ACT_REDIRECT TcAct = 7 TC_ACT_JUMP TcAct = 0x10000000 )
TcU32Key contained of Sel in the U32 filters. This is the type alias and the frontend representation of nl.TcU32Key. It is serialized into chanonical nl.TcU32Sel with the appropriate endianness.
Sel of the U32 filters that contains multiple TcU32Key. This is the type alias and the frontend representation of nl.TcU32Sel. It is serialized into canonical nl.TcU32Sel with the appropriate endianness.
Tuntap links created via /dev/tun/tap, but can be destroyed via netlink
AddQueues opens and attaches multiple queue file descriptors to an existing TUN/TAP interface in multi-queue mode.
It performs TUNSETIFF ioctl on each opened file descriptor with the current tuntap configuration. Each resulting fd is set to non-blocking mode and returned as *os.File.
If the interface was created with a name pattern (e.g. "tap%d"), the first successful TUNSETIFF call will return the resolved name, which is saved back into tuntap.Name.
This method assumes that the interface already exists and is in multi-queue mode. The returned FDs are also appended to tuntap.Fds and tuntap.Queues is updated.
It is the caller's responsibility to close the FDs when they are no longer needed.
RemoveQueues closes the given TAP queue file descriptors and removes them from the tuntap.Fds list.
This is a logical counterpart to AddQueues and allows releasing specific queues (e.g., to simulate queue failure or perform partial detach).
The method updates tuntap.Queues to reflect the number of remaining active queues.
It is safe to call with a subset of tuntap.Fds, but the caller must ensure that the passed *os.File descriptors belong to this interface.
U32 filters on many packet related properties
UnixSocketDiagInfo requests UNIX_DIAG_INFO for unix sockets and return with extension info.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
UnixSocket represents a netlink unix socket.
UnixSocketDiag requests UNIX_DIAG_INFO for unix sockets.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
VDPADev contains info about VDPA device
VDPAGetDevByName returns VDPA device selected by name Equivalent to: `vdpa dev show <name>`
VDPAGetDevList returns list of VDPA devices Equivalent to: `vdpa dev show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
VDPADevConfig contains configuration of the VDPA device
VDPAGetDevConfigByName returns VDPA device configuration selected by name Equivalent to: `vdpa dev config show <name>`
VDPAGetDevConfigList returns list of VDPA devices configurations Equivalent to: `vdpa dev config show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
VDPADevConfigNet conatins status and net config for the VDPA device
VDPADevConfigNetCfg contains net config for the VDPA device
type VDPADevConfigNetStatus struct {
LinkUp bool
Announce bool
}
VDPADevConfigNetStatus contains info about net status
VDPADevVStats conatins vStats for the VDPA device
VDPAGetDevVStats returns vstats for VDPA device Equivalent to: `vdpa dev vstats show <name> qidx <queueIndex>`
type VDPADevVStatsVendor struct {
Name string
Value uint64
}
VDPADevVStatsVendor conatins name and value for vendor specific vstat option
VDPAMGMTDev conatins info about VDPA management device
func VDPAGetMGMTDevByBusAndName ¶ added in v1.2.1VDPAGetMGMTDevByBusAndName returns mgmt devices selected by bus and name Equivalent to: `vdpa mgmtdev show <bus>/<name>`
VDPAGetMGMTDevList returns list of mgmt devices Equivalent to: `vdpa mgmtdev show`
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
VDPANewDevParams contains parameters for new VDPA device use SetBits to configure requried features for the device example:
VDPANewDevParams{Features: SetBits(0, VIRTIO_NET_F_MTU, VIRTIO_NET_F_CTRL_MAC_ADDR)}
Veth devices must specify PeerName on create
VfInfo represents configuration of virtual function
type Via struct {
AddrFamily int
Addr net.IP
}
Vlan links have ParentIndex set in their Attrs()
VlanProtocol type
VlanProtocol possible values
StringToVlanProtocol returns vlan protocol, or unknown is the s is invalid.
type VrfSlave struct {
Table uint32
}
XDPSocket represents an XDP socket (and the common diagnosis part in particular). Please note that in contrast to UnixSocket the XDPSocket type does not feature “State” information.
XfrmMark represents the mark associated to the state or policy
XfrmPolicy represents an ipsec policy. It represents the overlay network and has a list of XfrmPolicyTmpls representing the base addresses of the policy.
XfrmPolicyGet gets a the policy described by the index or selector, if found. Equivalent to: `ip xfrm policy get { SELECTOR | index INDEX } dir DIR [ctx CTX ] [ mark MARK [ mask MASK ] ] [ ptype PTYPE ]`.
XfrmPolicyList gets a list of xfrm policies in the system. Equivalent to: `ip xfrm policy show`. The list can be filtered by ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec policy. These rules are matched with XfrmState to determine encryption and authentication algorithms.
XfrmReplayState represents the sequence number states for "legacy" anti-replay mode.
XfrmState represents the state of an ipsec policy. It optionally contains an XfrmStateAlgo for encryption and one for authentication.
XfrmStateAllocSpi will allocate an xfrm state in the system. Equivalent to: `ip xfrm state allocspi`
XfrmStateGet gets the xfrm state described by the ID, if found. Equivalent to: `ip xfrm state get ID [ mark MARK [ mask MASK ] ]`. Only the fields which constitue the SA ID must be filled in: ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM-PROTO ] [ spi SPI ] mark is optional
XfrmStateList gets a list of xfrm states in the system. Equivalent to: `ip [-4|-6] xfrm state show`. The list can be filtered by ip family.
If the returned error is ErrDumpInterrupted, results may be inconsistent or incomplete.
XfrmStateAlgo represents the algorithm to use for the ipsec encryption.
XfrmStateEncap represents the encapsulation to use for the ipsec encryption.
XfrmStateLimits represents the configured limits for the state.
XfrmStateStats represents the current number of bytes/packets processed by this State, the State's installation and first use time and the replay window counters.
Virtual XFRM Interfaces
Named "xfrmi" to prevent confusion with XFRM objects
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4