Package api defines the API of the Cilium network policy interface +groupName=policy.

CreateL4EgressFilter creates an L4Filter for the specified api.PortProtocol in the egress direction for a particular protocol.

CreateL4IngressFilter creates an L4Filter for the specified api.PortProtocol in the ingress direction for a particular protocol.

GetConsumableCache returns the consumable cache.

GetPolicyEnabled returns the policy enablement configuration.

InitReserved must be called to initialize the Consumables that represent the reserved identities.

JoinPath returns a joined path from a and b.

JSONMarshalRules returns a slice of policy rules as string in JSON representation.

NewCIDRPolicy creates a new CIDRPolicy.

NewConsumable creates a new consumable.

NewL4RuleContexts returns a new L4RuleContexts.

NewPolicyRepository allocates a new policy repository.

NewPreFilter returns prefilter handle.

SecurityIDContexts returns a new L4RuleContexts created.

ParseProxyID parses a proxy ID returned by ProxyID and returns its components.

ProbePreFilter checks whether XDP mode is supported on given device.

ProxyID returns a unique string to identify a proxy mapping.

ResolveIdentityLabels resolves a numeric identity to the identity's labels or nil.

SetPolicyEnabled sets the policy enablement configuration.

ParserTypeHTTP specifies a HTTP parser type.

ParserTypeKafka specifies a Kafka parser type.

ParserTypeNone represents the case where no parser type is provided.

CIDRPolicy contains L3 (CIDR) policy maps for ingress and egress.

CIDRPolicyMap is a list of CIDR filters indexable by address/prefixlen key format: "address/prefixlen", e.g., "10.1.1.0/24" Each prefix struct also includes the rule labels that allowed it.

CIDRPolicyMapRule holds a L3 (CIDR) prefix and the rule labels that allow it.

Consumable holds all of the policies relevant to this security identity, including label-based policies, L4Policy, and L7 policy.

L4RuleContext represents a L4 rule.

L7RuleContext represents a L7 rule.

PreFilter holds global info on related CIDR maps participating in prefilter.

Repository is a list of policy rules which in combination form the security policy.

SearchContext defines the context while evaluating policy.

Translator is an interface for altering policy rules.

L4PolicyMap is a list of L4 filters indexable by protocol/port key format: "port/proto".

L4RuleContexts maps a rule context to a L7RuleContext.

L7DataMap contains a map of L7 rules per endpoint where key is a hash of EndpointSelector.

L7ParserType is the type used to indicate what L7 parser to use and defines all supported types of L7 parsers.

SecurityIDContexts maps a security identity to a L4RuleContexts.