Categorygithub.com/aau-network-security/openvswitchovs
package
0.0.0-20210515183826-906eb8da3f05
Repository: https://github.com/aau-network-security/openvswitch.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
15
Dependents
2
Files
4.7k SLOC

# README

ovs

Package ovs is a client library for Open vSwitch which enables programmatic control of the virtual switch.

Package ovs is a wrapper around the ovs-vsctl and ovs-ofctl utilities, but in the future, it may speak OVSDB and OpenFlow directly with the same interface.

// Create a *ovs.Client.  Specify ovs.OptionFuncs to customize it.
c := ovs.New(
    // Prepend "sudo" to all commands.
    ovs.Sudo(),
)

// $ sudo ovs-vsctl --may-exist add-br ovsbr0
if err := c.VSwitch.AddBridge("ovsbr0"); err != nil {
    log.Fatalf("failed to add bridge: %v", err)
}

// $ sudo ovs-ofctl add-flow ovsbr0 priority=100,ip,actions=drop
err := c.OpenFlow.AddFlow("ovsbr0", &ovs.Flow{
    Priority: 100,
    Protocol: ovs.ProtocolIPv4,
    Actions:  []ovs.Action{ovs.Drop()},
})
if err != nil {
    log.Fatalf("failed to add flow: %v", err)
}

# Functions

All outputs the packet on all switch ports except the port on which it was received.
ArpOp matches packets based on their IPv6 label information, using the specified op.
ARPOperation matches packets with the specified ARP operation matching oper.
ARPSourceHardwareAddress matches packets with an ARP source hardware address (SHA) matching addr.
ARPSourceProtocolAddress matches packets with an ARP source protocol address (SPA) IPv4 address or IPv4 CIDR block matching addr.
ARPTargetHardwareAddress matches packets with an ARP target hardware address (THA) matching addr.
ARPTargetProtocolAddress matches packets with an ARP target protocol address (TPA) IPv4 address or IPv4 CIDR block matching addr.
Conjunction associates a flow with a certain conjunction ID to match on more than one dimension across multiple set matches.
ConjunctionID matches flows that have matched all dimension of a conjunction inside of the openflow table.
ConnectionTracking sends a packet through the host's connection tracker.
ConnectionTrackingMark matches a metadata associated with a connection tracking entry.
ConnectionTrackingState matches packets using their connection state, when connection tracking is enabled on the host.
ConnectionTrackingZone is a mechanism to define separate connection tracking contexts.
DataLinkDestination matches packets with a destination hardware address and optional wildcard mask matching addr.
DataLinkSource matches packets with a source hardware address and optional wildcard mask matching addr.
DataLinkType matches packets with the specified EtherType.
DataLinkVLAN matches packets with the specified VLAN ID matching vid.
DataLinkVLANPCP matches packets with the specified VLAN PCP matching pcp.
Debug returns an OptionFunc which enables debugging output for the Client type.
Drop immediately discards the packet.
Exec returns an OptionFunc which sets an ExecFunc for use with a Client.
FieldMatch returns an fieldMatch.
Flood outputs the packet on all switch ports other than the port on which it was received, which have flooding enabled.
FlowFormat specifies the flow format to be used when shelling to 'ovs-ofctl'.
ICMP6Code matches packets with the specified ICMP type matching typ.
ICMP6Type matches packets with the specified ICMP type matching typ.
ICMPCode matches packets with the specified ICMP code.
ICMPType matches packets with the specified ICMP type matching typ.
InPort outputs the packet on the port from which it was received.
InPortMatch matches packets ingressing from a specified OVS port.
IPFrag returns an ipFragMatch.
IPv6Destination matches packets with a destination IPv6 address or IPv6 CIDR block matching ip.
IPv6Label matches packets based on their IPv6 label information, using the specified label and optional mask value.
IPv6Source matches packets with a source IPv6 address or IPv6 CIDR block matching ip.
IsPortNotExist checks if err is of type Error and is caused by asking OVS for information regarding a non-existent port.
Learn dynamically installs a LearnedFlow.
Load loads the specified value into the specified field.
Local outputs the packet on the local port, which corresponds to the network device that has the same name as the bridge.
Metadata returns a Match that matches the given Metadata exactly.
MetadataWithMask returns a Match with specified Metadata and mask.
ModDataLinkDestination modifies the data link destination of a packet.
ModDataLinkSource modifies the data link source of a packet.
ModNetworkDestination modifies the destination IPv4 address of a packet.
ModNetworkSource modifies the source IPv4 address of a packet.
ModTransportDestinationPort modifies the destination port of a packet.
ModTransportSourcePort modifies the source port of a packet.
ModVLANVID modifies the VLAN ID (VID) on a packet.
Move sets the value of the destination field to the value of the source field.
NeighborDiscoverySourceLinkLayer matches packets with an IPv6 neighbor solicitation source link-layer address matching addr.
NeighborDiscoveryTarget matches packets with an IPv6 neighbor discovery target IPv6 address or IPv6 CIDR block matching ip.
NeighborDiscoveryTargetLinkLayer matches packets with an IPv6 neighbor solicitation target link-layer address matching addr.
NetworkDestination matches packets with a destination IPv4 address or IPv4 CIDR block matching ip.
NetworkECN creates a new networkECN.
NetworkProtocol matches packets with the specified IP or IPv6 protocol number matching num.
NetworkSource matches packets with a source IPv4 address or IPv4 CIDR block matching ip.
NetworkTOS returns a new networkTOS type.
NetworkTTL returns a new networkTTL.
New creates a new Client with zero or more OptionFunc configurations applied.
NewDataPathActions returns an implementation of DataPathActions.
Normal subjects the packet to the device's normal L2/L3 processing.
Output outputs the packet to the specified switch port.
OutputField outputs the packet to the switch port described by the specified field.
Pipe returns an OptionFunc which sets a PipeFunc for use with a Client.
Protocols specifies one or more OpenFlow protocol versions to be used when shelling to 'ovs-ofctl'.
Resubmit resubmits a packet for further processing by matching flows with the specified port and table.
ResubmitPort resubmits a packet into the current table with its context modified to look like it originated from the specified openflow port ID.
SetField overwrites the specified field with the specified value.
SetSSLParam configures SSL authentication using a private key, certificate, and CA certificate for use with ovs-ofctl.
SetState sets the specified CTState flag.
SetTCPFlag sets the specified TCPFlag.
SetTCPParam configures the OVSDB connection using a TCP format ip:port for use with all ovs-vsctl commands.
SetTunnel sets the tunnel id, e.g.
StripVLAN strips the VLAN tag from a packet, if one is present.
Sudo specifies that "sudo" should be prefixed to all OVS commands.
TCPFlags matches packets using their enabled TCP flags, when matching TCP flags on a TCP segment.
Timeout returns an OptionFunc which sets a timeout in seconds for all Open vSwitch interactions.
TransportDestinationMaskedPort matches packets with a transport layer (TCP/UDP) destination port matching a masked port range.
TransportDestinationPort matches packets with a transport layer (TCP/UDP) destination port matching port.
TransportDestinationPortRange represent a port range intended for a transport protocol destination port.
TransportSourceMaskedPort matches packets with a transport layer (TCP/UDP) source port matching a masked port range.
TransportSourcePort matches packets with a transport layer (TCP/UDP) source port matching port.
TransportSourcePortRange represent a port range intended for a transport protocol source port.
TunnelDst returns a Match with specified Tunnel Destination.
TunnelFlags returns a new tunnelFlags.
TunnelGBP returns a new tunnelGBP.
TunnelGbpFlags returns a new tunnelFlags.
TunnelID returns a Match that matches the given ID exactly.
TunnelIDWithMask returns a Match with specified ID and mask.
TunnelSrc returns a Match with specified Tunnel Source.
TunnelTOS returns a new tunnelTOS.
TunnelTTL returns a new tunnelTTL.
UnsetState unsets the specified CTState flag.
UnsetTCPFlag unsets the specified TCPFlag.
VLANTCI matches packets based on their VLAN tag control information, using the specified TCI and optional mask value.
VLANTCI1 matches packets based on their VLAN tag control information, using the specified TCI and optional mask value.

# Constants

AnyTable is a special table value to match flows in any table.
List of common CTState constants available in OVS 2.5.
List of common CTState constants available in OVS 2.5.
List of common CTState constants available in OVS 2.5.
List of common CTState constants available in OVS 2.5.
List of common CTState constants available in OVS 2.5.
List of common CTState constants available in OVS 2.5.
DefaultIngressBurstPolicing is to change the ingress policing burst to the default size, 1000 kb.
DefaultIngressRatePolicing is used to disable the ingress policing, which is the default behavior.
FailMode constants which can be used in OVS configurations.
FailMode constants which can be used in OVS configurations.
FlowFormatNXMTableID is a flow format which allows Nicira Extended match with the ability to place a flow in a specific table.
FlowFormatOXMOpenFlow14 is a flow format which allows Open vSwitch extensible match.
InterfaceType constants which can be used in OVS configurations.
InterfaceType constants which can be used in OVS configurations.
InterfaceType constants which can be used in OVS configurations.
InterfaceType constants which can be used in OVS configurations.
InterfaceType constants which can be used in OVS configurations.
OvS IP frag flags.
OvS IP frag flags.
OvS IP frag flags.
OvS IP frag flags.
OvS IP frag flags.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortAction constants for ModPort API.
PortLOCAL is a special in_port value which refers to the local port of an OVS bridge.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
Protocol constants for use with Protocols and BridgeOptions.
Protocol constants for use with Protocols and BridgeOptions.
Protocol constants for use with Protocols and BridgeOptions.
Protocol constants for use with Protocols and BridgeOptions.
Protocol constants for use with Protocols and BridgeOptions.
Protocol constants for use with Protocols and BridgeOptions.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
Protocol constants which can be used in OVS flow configurations.
RFC 793 TCP Flags.
RFC 793 TCP Flags.
RFC 793 TCP Flags.
RFC 793 TCP Flags.
RFC 793 TCP Flags.
RFC 793 TCP Flags.
VLANNone is a special value which indicates that DataLinkVLAN should only match packets with no VLAN tag specified.

# Variables

ErrInvalidFlowStats is returned when flow statistics from 'ovs-ofctl dump-aggregate' do not match the expected output format.
ErrInvalidPortRange is returned when there's a port range that invalid.
ErrInvalidPortStats is returned when port statistics from 'ovs-ofctl dump-ports' do not match the expected output format.
ErrInvalidProtoTrace is returned when the output from ovs-appctl ofproto/trace is in an unexpected format.
ErrInvalidTable is returned when tables from 'ovs-ofctl dump-tables' do not match the expected output format.

# Structs

AppService runs commands that are available from ovs-appctl.
A BitRange is a representation of a range of values from base value with a bitmask applied.
An BridgeOptions enables configuration of a bridge.
A Client is a client type which enables programmatic control of Open vSwitch.
DataPathFlows represents the initial/final flows passed/returned from ofproto/trace.
A DockerOptions struct enables configuration of the interface added to the docker container.
A DockerService is used in a Client to execute 'ovs-docker' commands.
An Error is an error returned when shelling out to an Open vSwitch control program.
A Flow is an OpenFlow flow meant for adding flows to a software bridge.
A FlowError is an error encountered while marshaling or unmarshaling a Flow.
FlowStats contains a variety of statistics about an Open vSwitch port, including its port ID and numbers about packet receive and transmit operations.
A FlowTransaction is a transaction used when adding or deleting multiple flows using an Open vSwitch flow bundle.
An InterfaceOptions struct enables configuration of an Interface.
A LearnedFlow is defined as part of the Learn action.
A MatchFlow is an OpenFlow flow intended for flow deletion.
A MatchFlowError is an error encountered while marshaling or unmarshaling a MatchFlow.
An OpenFlowService is used in a Client to execute 'ovs-ofctl' commands.
An PortRange represents a range of ports expressed in 16 bit integers.
PortStats contains a variety of statistics about an Open vSwitch port, including its port ID and numbers about packet receive and transmit operations.
PortStatsReceive contains information regarding the number of received packets, bytes, etc.
PortStatsTransmit contains information regarding the number of transmitted packets, bytes, etc.
ProtoTrace is a type representing output from ovs-app-ctl ofproto/trace.
A Table is an Open vSwitch table.
A VSwitchGetService is used in a VSwitchService to execute 'ovs-vsctl get' subcommands.
A VSwitchService is used in a Client to execute 'ovs-vsctl' commands.
A VSwitchSetService is used in a VSwitchService to execute 'ovs-vsctl set' subcommands.

# Interfaces

An Action is a type which can be marshaled into an OpenFlow action.
DataPathActions is a text unmarshaler for data path actions in ofproto/trace output.
A Match is a type which can be marshaled into an OpenFlow packet matching statement.
A TransportPortRanger represents a port range that can be expressed as an array of bitwise matches.

# Type aliases

CTState is a connection tracking state, which can be used with the ConnectionTrackingState function.
An ExecFunc is a function which accepts input arguments and returns raw byte output and an error.
A FailMode is a failure mode which Open vSwitch uses when it cannot contact a controller.
An InterfaceType is a network interface type recognized by Open vSwitch.
IPFragFlag is a string type which can be used with the IPFragMatch.
An OptionFunc is a function which can apply configuration to a Client.
A PipeFunc is a function which accepts an input stdin stream, command, and arguments, and returns command output and an error.
A PortAction is a port actions to change the port characteristics of the specific port through the ModPort API.
A Protocol is an OpenFlow protocol designation accepted by Open vSwitch.
TCPFlag represents a flag in the TCP header, which can be used with the TCPFlags function.