BufferSince returns a caller-owned view containing the packet payload starting from and including a particular header.

DefaultDADConfigurations returns the default DAD configurations.

DefaultNUDConfigurations returns a NUDConfigurations populated with default values defined by RFC 4861 section 10.

DefaultTables returns a default set of tables.

EmptyFilterTable returns a Table with no rules and the filter table chains mapped to HookUnset.

EmptyNATTable returns a Table with no rules and the filter table chains mapped to HookUnset.

MergeFragment appends the data portion of frag to dst.

New allocates a new networking stack with only the requested networking and transport protocols configured with default options.

NewICMPRateLimiter returns a global rate limiter for controlling the rate at which ICMP messages are generated by the stack.

NewNUDState returns new NUDState using c as configuration and the specified random number generator for use in recomputing ReachableTime.

NewPacketBuffer creates a new PacketBuffer with opts.

PayloadSince returns a caller-owned view containing the payload starting from and including a particular header.

AddressAssigned indicates an address is assigned.

AddressConfigSlaac is an address endpoint added by SLAAC, as per RFC 4862 section 5.5.3.

AddressConfigStatic is a statically configured address endpoint that was added by some user-specified action (adding an explicit address, joining a multicast group).

AddressDisabled indicates the NIC the address is assigned to is disabled.

AddressRemovalDADFailed indicates the address was removed because DAD failed.

AddressRemovalInterfaceRemoved indicates the address was removed because the NIC it is assigned to was removed.

AddressRemovalInvalidated indicates the address was removed because it was invalidated.

AddressRemovalManualAction indicates the address was removed explicitly using the stack API.

AddressTentative indicates an address is yet to pass DAD (IPv4 addresses are never tentative).

CanBePrimaryEndpoint indicates the endpoint can be used as a primary endpoint for new connections with no local address.

The following are the supported link endpoint capabilities.

The following are the supported link endpoint capabilities.

The following are the supported link endpoint capabilities.

The following are the supported link endpoint capabilities.

CapabilityRXChecksumOffload indicates that the link endpoint supports checksum verification on received packets and that it's safe for the stack to skip checksum verification.

The following are the supported link endpoint capabilities.

CapabilityTXChecksumOffload indicates that the link endpoint supports checksum computation for outgoing packets and the stack can skip computing checksums when sending packets.

DADAlreadyRunning indicates that DAD was already started for an address.

DADDisabled indicates that DAD is disabled.

DADStarting indicates that DAD is starting for an address.

212 KiB.

4 MiB.

DefaultTOS is the default type of service value for network endpoints.

Delay means reachability to the neighbor is unknown and pending confirmation from an upper-level protocol like TCP, but packets are still able to be transmitted to the possibly stale link address.

DestinationHostDownTransportError indicates that the destination host is down.

DestinationHostUnreachableTransportError indicates that the destination host was unreachable.

DestinationNetworkUnreachableTransportError indicates that the destination network was unreachable.

DestinationPortUnreachableTransportError indicates that a packet reached the destination host, but the transport protocol was not active on the destination port.

DestinationProtoUnreachableTransportError indicates that the destination protocol was unreachable.

Each value identifies a specific table.

FirstPrimaryEndpoint indicates the endpoint should be the first primary endpoint considered.

Forward happens once it's decided that a packet should be forwarded to another host.

GSOGvisor is used for gVisor GSO segments which have to be sent by endpoint.WritePackets.

Types of gso segments.

GSONotSupported indicates that segmentation offloading is not supported.

Hardware GSO types:.

Types of gso segments.

GvisorGSOMaxSize is a maximum allowed size of a software GSO segment.

GvisorGSOSupported indicates that segmentation offloading may be performed in gVisor.

HookUnset indicates that there is no hook set for an entrypoint or underflow.

HostGSOSupported indicates that segmentation offloading may be performed by the host.

Incomplete means that there is an outstanding request to resolve the address.

Input happens before a packet reaches an application.

Each value identifies a specific table.

4 KiB.

Each value identifies a specific table.

max entries per interface.

NeverPrimaryEndpoint indicates the endpoint should never be a primary endpoint.

NumHooks is the total number of hooks.

Each value identifies a specific table.

Output happens after a packet is written by an application to be sent out.

PacketBufferStructSize is the minimal size of the packet buffer overhead.

PacketLoop indicates that the packet should be handled locally.

PacketOut indicates that the packet should be passed to the link endpoint.

PacketTooBigTransportError indicates that a packet did not reach its destination because a link on the path to the destination had an MTU that was too small to carry the packet.

ParsedOK indicates that a packet was successfully parsed.

Permanent is a permanent endpoint (vs.

PermanentExpired is a permanent endpoint that had its address removed from the NIC, and it is waiting to be removed once no references to it are held.

PermanentTentative is a permanent address endpoint that is not yet considered to be fully bound to an interface in the traditional sense.

Postrouting happens just before a packet goes out on the wire.

Prerouting happens before a packet is routed to applications or to be forwarded.

Probe means a reachability confirmation is actively being sought by periodically retransmitting reachability probes until a reachability confirmation is received, or until the maximum number of probes has been sent.

Reachable means the path to the neighbor is functioning properly for both receive and transmit paths.

The types of errors that may be returned when rejecting IPv4 packets.

The types of errors that may be returned when rejecting IPv4 packets.

The types of errors that may be returned when rejecting IPv4 packets.

The types of errors that may be returned when rejecting IPv4 packets.

The types of errors that may be returned when rejecting IPv4 packets.

The types of errors that may be returned when rejecting IPv4 packets.

The types of errors that may be returned when rejecting IPv6 packets.

The types of errors that may be returned when rejecting IPv6 packets.

The types of errors that may be returned when rejecting IPv6 packets.

The types of errors that may be returned when rejecting IPv6 packets.

RuleAccept indicates the packet should continue through netstack.

RuleDrop indicates the packet should be dropped.

RuleJump indicates the packet should jump to another chain.

RuleReturn indicates the packet should return to the previous chain.

SourceHostIsolatedTransportError indicates that the source machine is not on the network.

SourceRouteFailedTransportError indicates that the source route failed.

Stale means reachability to the neighbor is unknown, but packets are still able to be transmitted to the possibly stale link address.

Static describes entries that have been explicitly added by the user.

Temporary is an endpoint, created on a one-off basis to temporarily consider the NIC bound an an address that it is not explicitly bound to (such as a permanent address).

TransportLayerParseError indicates that the transport packet was not successfully parsed.

TransportPacketDestinationPortUnreachable indicates that there weren't any listeners interested in the packet and the transport protocol has no means to notify the sender.

TransportPacketHandled indicates that a transport packet was handled by the transport layer and callers need not take any further action.

TransportPacketProtocolUnreachable indicates that the transport protocol requested in the packet is not supported.

Unknown means reachability has not been verified yet.

UnknownDestinationPacketHandled tells the caller that it should do no further processing.

UnknownDestinationPacketMalformed denotes that the packet was malformed and no further processing should be attempted other than updating statistics.

UnknownDestinationPacketUnhandled tells the caller that the packet was well formed but that the issue was not handled and the stack should take the default action.

UnknownTransportProtocol indicates that the transport protocol is unknown.

Unreachable means reachability confirmation failed; the maximum number of reachability probes has been sent and no replies have been received.

StackFromEnv is the global stack created in restore run.

AcceptTarget accepts packets.

AddressableEndpointState is an implementation of an AddressableEndpoint.

AddressableEndpointStateOptions contains options used to configure an AddressableEndpointState.

AddressLifetimes encodes an address' preferred and valid lifetimes, as well as if the address is deprecated.

AddressProperties contains additional properties that can be configured when adding an address.

ConnTrack tracks all connections created for NAT rules.

DADAborted indicates DAD was aborted.

DADConfigurations holds configurations for duplicate address detection.

DADDupAddrDetected indicates DAD detected a duplicate address.

DADError indicates DAD hit an error.

DADSucceeded indicates DAD completed without finding any duplicate addresses.

DNATTarget modifies the destination port/IP of packets.

DropTarget drops packets.

ErrorTarget logs an error and drops the packet.

GSO contains generic segmentation offload properties.

ICMPRateLimiter is a global rate limiter that controls the generation of ICMP messages generated by the stack.

IPHeaderFilter performs basic IP header matching common to every rule.

IPTables holds all the tables for a netstack.

LinkResolutionResult is the result of a link address resolution attempt.

MasqueradeTarget modifies the source port/IP in the outgoing packets.

MulticastPacketContext is the context in which a multicast packet triggered a multicast forwarding event.

MulticastRoute is a multicast route.

MulticastRouteOutgoingInterface represents an outgoing interface in a multicast route.

NeighborEntry describes a neighboring device in the local network.

NeighborStats holds metrics for the neighbor table.

NetworkEndpointID is the identifier of a network layer protocol endpoint.

NetworkHeaderParams are the header parameters given as input by the transport endpoint to the network.

NetworkPacketInfo holds information about a network layer packet.

NICInfo captures the name and addresses assigned to a NIC.

NICOptions specifies the configuration of a NIC as it is being created.

NICStateFlags holds information about the state of an NIC.

NUDConfigurations is the NUD configurations for the netstack.

NUDState stores states needed for calculating reachable time.

Options contains optional Stack configuration.

A PacketBuffer contains all the data of a network packet.

PacketBufferList is a slice-backed list.

PacketBufferOptions specifies options for PacketBuffer creation.

PacketData represents the data portion of a PacketBuffer.

PacketHeader is a handle object to a header in the underlying packet.

Range represents a contiguous subportion of a PacketBuffer.

RcvBufAutoTuneParams holds state related to TCP receive buffer auto-tuning.

ReachabilityConfirmationFlags describes the flags used within a reachability confirmation (e.g.

ReceiveBufferSizeOption is used by stack.(Stack*).Option/SetOption to get/set the default, min and max receive buffer sizes.

RedirectTarget redirects the packet to this machine by modifying the destination port/IP.

RejectIPv4Target drops packets and sends back an error packet in response to the matched packet.

RejectIPv6Target drops packets and sends back an error packet in response to the matched packet.

ResolvedFieldsResult is the result of a route resolution attempt.

ReturnTarget returns from the current chain.

Route represents a route through the networking stack to a given destination.

RouteInfo contains all of Route's exported fields.

A Rule is a packet processing rule.

SNATTarget modifies the source port/IP in the outgoing packets.

Stack is a networking stack, with all supported protocols, NICs, and route table.

A Table defines a set of chains and hooks into the network stack.

TCPCubicState is used to hold a copy of the internal cubic state when the TCPProbeFunc is invoked.

TCPEndpointID is the unique 4 tuple that identifies a given endpoint.

TCPEndpointState is a copy of the internal state of a TCP endpoint.

TCPEndpointStateInner contains the members of TCPEndpointState used directly (that is, not within another containing struct) within the endpoint's internal implementation.

TCPFastRecoveryState holds a copy of the internal fast recovery state of a TCP endpoint.

TCPRACKState is used to hold a copy of the internal RACK state when the TCPProbeFunc is invoked.

TCPRcvBufState contains information about the state of an endpoint's receive socket buffer.

TCPReceiverState holds a copy of the internal state of the receiver for a given TCP endpoint.

TCPRTTState holds a copy of information about the endpoint's round trip time.

TCPSACKInfo holds TCP SACK related information for a given TCP endpoint.

TCPSenderState holds a copy of the internal state of the sender for a given TCP Endpoint.

TCPSndBufState contains information about the state of an endpoint's send socket buffer.

TransportEndpointID is the identifier of a transport layer protocol endpoint.

TransportEndpointInfo holds useful information about a transport endpoint which can be queried by monitoring tools.

UnicastSourceAndMulticastDestination is a tuple that represents a unicast source address and a multicast destination address.

UserChainTarget marks a rule as the beginning of a user chain.

AddressableEndpoint is an endpoint that supports addressing.

AddressDispatcher is the interface integrators can implement to receive address-related events.

AddressEndpoint is an endpoint representing an address assigned to an AddressableEndpoint.

AssignableAddressEndpoint is a reference counted address endpoint that may be assigned to a NetworkEndpoint.

DADResult is a marker interface for the result of a duplicate address detection process.

DuplicateAddressDetector handles checking if an address is already assigned to some neighboring node on the link.

ForwardingNetworkEndpoint is a network endpoint that may forward packets.

GroupAddressableEndpoint is an endpoint that supports group addressing.

GSOEndpoint provides access to GSO properties.

InjectableLinkEndpoint is a LinkEndpoint where inbound packets are delivered via the Inject method.

IPNetworkEndpointStats is a NetworkEndpointStats that tracks IP-related statistics.

LinkAddressResolver handles link address resolution for a network protocol.

LinkEndpoint is the interface implemented by data link layer protocols (e.g., ethernet, loopback, raw) and used by network layer protocols to send packets out through the implementer's data link endpoint.

LinkResolvableNetworkEndpoint handles link resolution events.

LinkWriter is an interface that supports sending packets via a data-link layer endpoint.

A Matcher is the interface for matching packets.

MulticastForwardingEventDispatcher is the interface that integrators should implement to handle multicast routing events.

MulticastForwardingNetworkEndpoint is a network endpoint that may forward multicast packets.

MulticastForwardingNetworkProtocol is the interface that needs to be implemented by the network protocols that support multicast forwarding.

NDPEndpoint is a network endpoint that supports NDP.

NetworkDispatcher contains the methods used by the network stack to deliver inbound/outbound packets to the appropriate network/packet(if any) endpoints.

NetworkEndpoint is the interface that needs to be implemented by endpoints of network layer protocols (e.g., ipv4, ipv6).

NetworkEndpointStats is the interface implemented by each network endpoint stats struct.

NetworkInterface is a network interface.

NetworkLinkEndpoint is a data-link layer that supports sending network layer packets.

NetworkProtocol is the interface that needs to be implemented by network protocols (e.g., ipv4, ipv6) that want to be part of the networking stack.

NUDDispatcher is the interface integrators of netstack must implement to receive and handle NUD related events.

PacketEndpoint is the interface that needs to be implemented by packet transport protocol endpoints.

QueueingDiscipline provides a queueing strategy for outgoing packets (e.g FIFO, LIFO, Random Early Drop etc).

RawFactory produces endpoints for writing various types of raw packets.

RawTransportEndpoint is the interface that needs to be implemented by raw transport protocol endpoints.

RejectIPv4WithHandler handles rejecting a packet.

RejectIPv6WithHandler handles rejecting a packet.

ResumableEndpoint is an endpoint that needs to be resumed after restore.

A Target is the interface for taking an action for a packet.

TransportDispatcher contains the methods used by the network stack to deliver packets to the appropriate transport endpoint after it has been handled by the network layer.

TransportEndpoint is the interface that needs to be implemented by transport protocol (e.g., tcp, udp) endpoints that can handle packets.

TransportError is a marker interface for errors that may be handled by the transport layer.

TransportProtocol is the interface that needs to be implemented by transport protocols (e.g., tcp, udp) that want to be part of the networking stack.

UniqueID is an abstract generator of unique identifiers.

AddressAssignmentState is an address' assignment state.

AddressConfigType is the method used to add an address.

AddressKind is the kind of an address.

AddressRemovalReason is the reason an address was removed.

DADCheckAddressDisposition enumerates the possible return values from DAD.CheckDuplicateAddress.

DADCompletionHandler is a handler for DAD completion.

GSOType is the type of GSO segments.

A Hook specifies one of the hooks built into the network stack.

LinkEndpointCapabilities is the type associated with the capabilities supported by a link-layer endpoint.

NeighborState defines the state of a NeighborEntry within the Neighbor Unreachability Detection state machine, as per RFC 4861 section 7.3.2 and RFC 7048.

NetworkProtocolFactory instantiates a network protocol.

NICContext is an opaque pointer used to store client-supplied NIC metadata.

PacketLooping specifies where an outbound packet should be sent.

ParseResult indicates the result of a parsing attempt.

PrimaryEndpointBehavior is an enumeration of an AddressEndpoint's primary behavior.

RejectIPv4WithICMPType indicates the type of ICMP error that should be sent.

RejectIPv6WithICMPType indicates the type of ICMP error that should be sent.

A RuleVerdict is what a rule decides should be done with a packet.

SupportedGSO is the type of segmentation offloading supported.

TableID identifies a specific table.

TCPInvalidRateLimitOption is used by stack.(Stack*).Option/SetOption to get/set stack.tcpInvalidRateLimit.

TCPProbeFunc is the expected function type for a TCP probe function to be passed to stack.AddTCPProbe.

TransportErrorKind enumerates error types that are handled by the transport layer.

TransportPacketDisposition is the result from attempting to deliver a packet to the transport layer.

TransportProtocolFactory instantiates a transport protocol.

UnknownDestinationPacketDisposition enumerates the possible return values from HandleUnknownDestinationPacket().