NewESFromK8sLabelSelector returns a new endpoint selector from the label where it the given srcPrefix will be encoded in the label's keys.

NewESFromLabels creates a new endpoint selector from the given labels.

ParseL4Proto parses a string as layer 4 protocol.

List of Kafka apiKeys which have a topic in their request.

Allowed means that reachability is allowed.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKey which are not associated with any topic.

List of Kafka Roles.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

Denied means that reachability is denied.

List of Kafka apiKeys which have a topic in their request.

EntityAll is an entity that represents all traffic.

EntityCluster is an entity that represents traffic within the endpoint's cluster, to endpoints not managed by cilium.

EntityHost is an entity that represents traffic within endpoint host.

EntityWorld is an entity that represents traffic external to endpoint's cluster.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKey which are not associated with any topic.

List of Kafka apiKeys which have a topic in their request.

KafkaMaxTopicLen is the maximum character len of a topic.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKey which are not associated with any topic.

MaxCIDRPrefixLengths is used to prevent compile failures at runtime.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

List of Kafka Roles.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKey which are not associated with any topic.

List of Kafka apiKeys which have a topic in their request.

Undecided means that we have not come to a decision yet.

List of Kafka apiKeys which have a topic in their request.

List of Kafka apiKeys which have a topic in their request.

CIDRMatchAll is a []CIDR that matches everything.

EntitySelectorMapping maps special entity names that come in policies to selectors.

KafkaAPIKeyMap is the map of all allowed kafka API keys with the key values.

KafkaReverseApiKeyMap is the map of all allowed kafka API keys with the key values.

KafkaTopicValidChar is a one-time regex generation of all allowed characters in kafka topic name.

WildcardEndpointSelector is a wildcard endpoint selector matching all endpoints that can be described with labels.

CIDRRule is a rule that specifies a CIDR prefix to/from which outside communication is allowed, along with an optional list of subnets within that CIDR prefix to/from which outside communication is not allowed.

EgressRule contains all rule types which can be applied at egress, i.e.

EndpointSelector is a wrapper for k8s LabelSelector.

IngressRule contains all rule types which can be applied at ingress, i.e.

K8sServiceNamespace is an abstraction for the k8s service + namespace types.

K8sServiceSelectorNamespace wraps service selector with namespace.

L7Rules is a union of port level rule types.

PortProtocol specifies an L4 port with an optional transport protocol.

PortRule is a list of ports/protocol combinations with optional Layer 7 rules which must be met.

PortRuleHTTP is a list of HTTP protocol constraints.

PortRuleKafka is a list of Kafka protocol constraints.

Rule is a policy rule which must be applied to all endpoints which match the labels contained in the endpointSelector Each rule is split into an ingress section which contains all rules applicable at ingress, and an egress section applicable at egress.

Service wraps around selectors for services.

CIDR specifies a block of IP addresses.

Decision is a reachability policy decision.

EndpointSelectorSlice is a slice of EndpointSelectors that can be sorted.

Entity specifies the class of receiver/sender endpoints that do not have individual identities.

EntitySlice is a slice of entities.

KafkaRole is the list of all low-level apiKeys to be expanded as per the value of Role.

L4Proto is a layer 4 protocol name.

Rules is a collection of api.Rule.

ServiceSelector is a label selector for k8s services.