This PR adds support for filtering flows
based on conntrack labels. It adds two
filters `ConntrackMatchLabels` &&
`ConntackUnmatchLabels` through which user can
provide a list of labels as type "bytes" which
will then be compared to flow.Labels to see if
any matches were found.
ConntrackMatchLabels: Every label passed should
be contained in flow.Labels for a match to be true
ConntrackUmmatchLabels: Every label passed should
not be contained in the flow.Labels for a match to
be true
Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com>
Add a new method to the ConntrackFilter to be able to
filter conntrack entries by Layer 4 protocol and source
and destination port.
Signed-off-by: Antonio Ojea <aojea@redhat.com>
Today the filter implementation implements
only ip matching for src,dst,reply src,reply dst.
Updating the comments on the filter to reflect that
more clearly and deprecate confusing constants
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
Removed extra pointer not needed in AddIP
Updated tests
Removed the use of io.SeekCurrent and defined it as a const
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
- Conntrack table FLUSH
- Conntrack table DELETE with filter
The filter is only for IP field
- Conntrack table GET
The flow information is not complete, but the method
returns a simplified structure with basic flow info
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>