- Also refactored setUpNetlinkTestWithKModule function to reduce redundant NS's created and checks made.
- Add conntrack protoinfo TCP support + groundwork for other protocols.
- Tests to cover the above.
This PR adds support for filtering flows
based on conntrack labels. It adds two
filters `ConntrackMatchLabels` &&
`ConntackUnmatchLabels` through which user can
provide a list of labels as type "bytes" which
will then be compared to flow.Labels to see if
any matches were found.
ConntrackMatchLabels: Every label passed should
be contained in flow.Labels for a match to be true
ConntrackUmmatchLabels: Every label passed should
not be contained in the flow.Labels for a match to
be true
Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com>
Add a new method to the ConntrackFilter to be able to
filter conntrack entries by Layer 4 protocol and source
and destination port.
Signed-off-by: Antonio Ojea <aojea@redhat.com>
Today the filter implementation implements
only ip matching for src,dst,reply src,reply dst.
Updating the comments on the filter to reflect that
more clearly and deprecate confusing constants
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
Removed extra pointer not needed in AddIP
Updated tests
Removed the use of io.SeekCurrent and defined it as a const
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
Added tests for:
Table FLUSH
Table GET
Table DELETE with filter
Filter match
Use a simple UDP client to create flows into the conntrack for testing purpose
Each test will run in a separate network namespace so can run in parallel
Added kernel module dependencies into the travis file
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
