EncodeConn netlink encodes a `Con` object.

GenerateBPFSampler returns BPF assembly for a traffic sampler.

IsNAT returns whether this Con represents a NAT translation.

NewAttributeScanner returns a new instance of AttributeScanner.

NewCircuitBreaker instantiates a new CircuitBreaker that only allows a maxEventsPerSec to pass.

NewConntrack creates an implementation of the Conntrack interface.

NewConntracker creates a new conntracker with a short term buffer capped at the given size.

NewConsumer creates a new Conntrack event consumer.

NewDecoder returns a new netlink message Decoder.

NewNoOpConntracker creates a conntracker which always returns empty information.

NewSocket creates a new NETLINK socket.

AttributeScanner provides an iterator API to traverse each field in a netlink message.

CircuitBreaker is meant to enforce a maximum rate of events per second Once the event rate goes above the threshold the circuit breaker will trip and remain open until Reset() is called.

Con represents a conntrack entry, along with any network namespace info (nsid).

Consumer is responsible for encapsulating all the logic of hooking into Conntrack via a Netlink socket and streaming new connection events.

Decoder is responsible for decoding netlink messages.

Event encapsulates the result of a single netlink.Con.Receive() call.

A NestedFrame encapsulates the decoding information of a certain nesting level.

Socket is an implementation of netlink.Socket (github.com/mdlayher/netlink) It's mostly a copy of the original implementation (netlink.conn) with a few optimizations: * We don't MSG_PEEK as we use a pre-allocated buffer large enough to fit any netlink message; * We use a buffer pool for the message data; * We remove all the synchronization & go-channels cruft and bring it upstream in a cheaper/simpler way (Consumer).

Conntrack is an interface to the system conntrack table.

Conntracker is a wrapper around go-conntracker that keeps a record of all connections in user space.