Categorygithub.com/vishvananda/netlink
modulepackage
1.3.0
Repository: https://github.com/vishvananda/netlink.git
Documentation: pkg.go.dev
Versions
1
Dependencies
20
Dependents
4.8k
Files
17.7k SLOC

# README

netlink - netlink library for go

Build Status GoDoc

The netlink package provides a simple netlink library for go. Netlink is the interface a user-space program in linux uses to communicate with the kernel. It can be used to add and remove interfaces, set ip addresses and routes, and configure ipsec. Netlink communication requires elevated privileges, so in most cases this code needs to be run as root. Since low-level netlink messages are inscrutable at best, the library attempts to provide an api that is loosely modeled on the CLI provided by iproute2. Actions like ip link add will be accomplished via a similarly named function like AddLink(). This library began its life as a fork of the netlink functionality in docker/libcontainer but was heavily rewritten to improve testability, performance, and to add new functionality like ipsec xfrm handling.

Local Build and Test

You can use go get command:

go get github.com/vishvananda/netlink

Testing dependencies:

go get github.com/vishvananda/netns

Testing (requires root):

sudo -E go test github.com/vishvananda/netlink

Examples

Add a new bridge and add eth1 into it:

package main

import (
    "fmt"
    "github.com/vishvananda/netlink"
)

func main() {
    la := netlink.NewLinkAttrs()
    la.Name = "foo"
    mybridge := &netlink.Bridge{LinkAttrs: la}
    err := netlink.LinkAdd(mybridge)
    if err != nil  {
        fmt.Printf("could not add %s: %v\n", la.Name, err)
    }
    eth1, _ := netlink.LinkByName("eth1")
    netlink.LinkSetMaster(eth1, mybridge)
}

Note NewLinkAttrs constructor, it sets default values in structure. For now it sets only TxQLen to -1, so kernel will set default by itself. If you're using simple initialization(LinkAttrs{Name: "foo"}) TxQLen will be set to 0 unless you specify it like LinkAttrs{Name: "foo", TxQLen: 1000}.

Add a new ip address to loopback:

package main

import (
    "github.com/vishvananda/netlink"
)

func main() {
    lo, _ := netlink.LinkByName("lo")
    addr, _ := netlink.ParseAddr("169.254.169.254/32")
    netlink.AddrAdd(lo, addr)
}

Future Work

Many pieces of netlink are not yet fully supported in the high-level interface. Aspects of virtually all of the high-level objects don't exist. Many of the underlying primitives are there, so its a matter of putting the right fields into the high-level objects and making sure that they are serialized and deserialized correctly in the Add and List methods.

There are also a few pieces of low level netlink functionality that still need to be implemented. Routing rules are not in place and some of the more advanced link types. Hopefully there is decent structure and testing in place to make these fairly straightforward to add.

# Packages

Package nl has low level primitives for making Netlink calls.

# Functions

AddrAdd will add an IP address to a link device.
AddrDel will delete an IP address from a link device.
AddrList gets a list of IP addresses in the system.
AddrReplace will replace (or, if not present, add) an IP address on a link device.
AddrSubscribe takes a chan down which notifications will be sent when addresses change.
AddrSubscribeAt works like AddrSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
AddrSubscribeWithOptions work like AddrSubscribe but enable to provide additional options to modify the behavior.
BridgeVlanAdd adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`.
BridgeVlanAddRange adds a new vlan filter entry Equivalent to: `bridge vlan add dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`.
BridgeVlanDel adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`.
BridgeVlanDelRange adds a new vlan filter entry Equivalent to: `bridge vlan del dev DEV vid VID-VIDEND [ pvid ] [ untagged ] [ self ] [ master ]`.
BridgeVlanList gets a map of device id to bridge vlan infos.
ChainAdd will add a chain to the system.
ChainDel will delete a chain from the system.
ChainList gets a list of chains in the system.
ClassAdd will add a class to the system.
ClassChange will change a class in place Equivalent to: `tc class change $class` The parent and handle MUST NOT be changed.
ClassDel will delete a class from the system.
ClassList gets a list of classes in the system.
ClassReplace will replace a class to the system.
ConntrackCreate creates a new conntrack flow in the desired table conntrack -I [table] Create a conntrack or expectation.
ConntrackDeleteFilter deletes entries on the specified table on the base of the filter conntrack -D [table] parameters Delete conntrack or expectation Deprecated: use [ConntrackDeleteFilter] instead.
ConntrackDeleteFilters deletes entries on the specified table matching any of the specified filters conntrack -D [table] parameters Delete conntrack or expectation.
ConntrackTableFlush flushes all the flows of a specified table conntrack -F [table] Flush table The flush operation applies to all the family types.
ConntrackTableList returns the flow list of a table of a specific family conntrack -L [table] [options] List conntrack or expectation table.
ConntrackUpdate updates an existing conntrack flow in the desired table using the handle conntrack -U [table] Update a conntrack.
DevLinkGetPortList provides a pointer to devlink ports and nil error, otherwise returns an error code.
DevlinkGetDeviceByName provides a pointer to devlink device and nil error, otherwise returns an error code.
DevlinkGetDeviceInfoByName returns devlink info for selected device, otherwise returns an error code.
DevlinkGetDeviceInfoByNameAsMap returns devlink info for selected device as a map, otherwise returns an error code.
DevLinkGetDeviceList provides a pointer to devlink devices and nil error, otherwise returns an error code.
DevlinkGetDeviceParamByName returns specific parameter for devlink device Equivalent to: `devlink dev param show <bus>/<device> name <param>`.
DevlinkGetDeviceParams returns parameters for devlink device Equivalent to: `devlink dev param show <bus>/<device>`.
DevlinkGetDeviceResources returns devlink device resources.
DevLinkGetPortByIndex provides a pointer to devlink portand nil error, otherwise returns an error code.
DevLinkPortAdd adds a devlink port and returns a port on success otherwise returns nil port and an error code.
DevLinkPortDel deletes a devlink port and returns success or error code.
DevlinkPortFnSet sets one or more port function attributes specified by the attribute mask.
DevlinkSetDeviceParam set specific parameter for devlink device Equivalent to: `devlink dev param set <bus>/<device> name <param> cmode <cmode> value <value>` cmode argument should contain valid cmode value as uint8, modes are define in nl.DEVLINK_PARAM_CMODE_* constants value argument should have one of the following types: uint8, uint16, uint32, string, bool.
DevLinkSetEswitchMode sets eswitch mode if able to set successfully or returns an error code.
FilterAdd will add a filter to the system.
FilterDel will delete a filter from the system.
FilterList gets a list of filters in the system.
FilterReplace will replace a filter.
GetNetNsIdByFd looks up the network namespace ID for a given fd.
GetNetNsIdByPid looks up the network namespace ID for a given pid (really thread id).
GetSocketTimeout returns the timeout value used by default netlink sockets.
IpsetAdd adds an entry to an existing ipset.
IpsetCreate creates a new ipset.
IpsetDel deletes an entry from an existing ipset.
IpsetDestroy destroys an existing ipset.
IpsetFlush flushes an existing ipset.
IpsetList dumps an specific ipset.
IpsetListAll dumps all ipsets.
IpsetProtocol returns the ipset protocol version from the kernel.
IpsetSwap swaps two ipsets.
IpsetTest tests whether an entry is in a set or not.
IsBitSet check if specific bit is set in the uint64 input value usage example: hasNetClass := IsBitSet(mgmtDev, VIRTIO_ID_NET).
LinkAdd adds a new link device.
LinkAddAltName adds a new alternative name for the link device.
LinkByAlias finds a link by its alias and returns a pointer to the object.
LinkByIndex finds a link by index and returns a pointer to the object.
LinkByName finds a link by name and returns a pointer to the object.
LinkDel deletes link device.
LinkDelAltName delete an alternative name for the link device.
LinkSetBondSlave removes specified slave from bond link via ioctl interface.
LinkDeserialize deserializes a raw message received from netlink into a link object.
LinkList gets a list of link devices.
LinkSetAlias sets the alias of the link device.
LinkSetAllmulticastOff disables the reception of all hardware multicast packets for the link device.
LinkSetAllmulticastOn enables the reception of all hardware multicast packets for the link device.
LinkSetBondSlave add slave to bond link via ioctl interface.
LinkSetBondSlaveActive sets specified slave to ACTIVE in an `active-backup` bond link via ioctl interface.
LinkSetBondSlaveQueueId modify bond slave queue-id.
LinkSetBRSlaveGroupFwdMask set the group_fwd_mask of a bridge slave interface.
LinkSetDown disables link device.
LinkSetGROIPv4MaxSize sets the IPv4 GRO maximum size of the link device.
LinkSetGROMaxSize sets the IPv6 GRO maximum size of the link device.
LinkSetGroup sets the link group id which can be used to perform mass actions with iproute2 as well use it as a reference in nft filters.
LinkSetGSOIPv4MaxSize sets the IPv4 GSO maximum size of the link device.
LinkSetGSOMaxSegs sets the GSO maximum segment count of the link device.
LinkSetGSOMaxSize sets the IPv6 GSO maximum size of the link device.
LinkSetHardwareAddr sets the hardware address of the link device.
LinkSetMacvlanMode sets the mode of a macvlan or macvtap link device.
LinkSetMaster sets the master of the link device.
LinkSetMasterByIndex sets the master of the link device.
LinkSetMTU sets the mtu of the link device.
LinkSetAllmulticastOff disables the reception of multicast packets for the link device.
LinkSetMulticastOn enables the reception of multicast packets for the link device.
LinkSetName sets the name of the link device.
LinkSetNoMaster removes the master of the link device.
LinkSetNsFd puts the device into a new network namespace.
LinkSetNsPid puts the device into a new network namespace.
LinkSetTxQLen sets the transaction queue length for the link.
LinkSetUp enables the link device.
LinkSetVfHardwareAddr sets the hardware address of a vf for the link.
LinkSetVfNodeGUID sets the node GUID of a vf for the link.
LinkSetVfPortGUID sets the port GUID of a vf for the link.
LinkSetVfRate sets the min and max tx rate of a vf for the link.
LinkSetVfSpoofchk enables/disables spoof check on a vf for the link.
LinkSetVfState enables/disables virtual link state on a vf.
LinkSetVfTrust enables/disables trust state on a vf for the link.
LinkSetVfTxRate sets the tx rate of a vf for the link.
LinkSetVfVlan sets the vlan of a vf for the link.
LinkSetVfVlanQos sets the vlan and qos priority of a vf for the link.
LinkSetVfVlanQosProto sets the vlan, qos and protocol of a vf for the link.
LinkSetXdpFd adds a bpf function to the driver.
LinkSetXdpFdWithFlags adds a bpf function to the driver with the given options.
LinkSubscribe takes a chan down which notifications will be sent when links change.
LinkSubscribeAt works like LinkSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
LinkSubscribeWithOptions work like LinkSubscribe but enable to provide additional options to modify the behavior.
NeighAdd will add an IP to MAC mapping to the ARP table Equivalent to: `ip neigh add ....`.
NeighAppend will append an entry to FDB Equivalent to: `bridge fdb append...`.
NeighDel will delete an IP address from a link device.
NeighList returns a list of IP-MAC mappings in the system (ARP table).
NeighListExecute returns a list of neighbour entries filtered by link, ip family, flag and state.
NeighProxyList returns a list of neighbor proxies in the system.
NeighSet will add or replace an IP to MAC mapping to the ARP table Equivalent to: `ip neigh replace....`.
NeighSubscribe takes a chan down which notifications will be sent when neighbors are added or deleted.
NeighSubscribeAt works like NeighSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
NeighSubscribeWithOptions work like NeighSubscribe but enable to provide additional options to modify the behavior.
NewClassStatistics Construct a ClassStatistics struct which fields are all initialized by 0.
NewHandle returns a netlink handle on the current network namespace.
NewHandleAt returns a netlink handle on the network namespace specified by ns.
NewHandleAtFrom works as NewHandle but allows client to specify the new and the origin netns Handle.
NewHfscClass returns a new HFSC struct with the set parameters.
NewHtbClass NOTE: function is in here because it uses other linux functions.
NewIPNet generates an IPNet from an ip address using a netmask of 32 or 128.
NewLinkAttrs returns LinkAttrs structure filled with default values.
NOTE function is here because it uses other linux functions.
NewRule return empty rules.
NewRulePortRange creates rule sport/dport range.
NewRuleUIDRange creates rule uid range.
ParseAddr parses the string representation of an address in the form $ip/$netmask $label.
ParseIPNet parses a string in ip/net format and returns a net.IPNet.
QdiscAdd will add a qdisc to the system.
QdiscChange will change a qdisc in place Equivalent to: `tc qdisc change $qdisc` The parent and handle MUST NOT be changed.
QdiscDel will delete a qdisc from the system.
QdiscList gets a list of qdiscs in the system.
QdiscReplace will replace a qdisc to the system.
RdmaLinkAdd adds an rdma link for the specified type to the network device.
RdmaLinkByName finds a link by name and returns a pointer to the object if found and nil error, otherwise returns error code.
RdmaLinkDel deletes an rdma link Similar to: rdma link delete NAME REF: https://man7.org/linux/man-pages/man8/rdma-link.8.html.
RdmaLinkList gets a list of RDMA link devices.
RdmaLinkSetName sets the name of the rdma link device.
RdmaLinkSetNsFd puts the RDMA device into a new network namespace.
RdmaSystemGetNetnsMode gets the net namespace mode for RDMA subsystem Returns mode string and error status as nil on success or returns error otherwise.
RdmaSystemSetNetnsMode sets the net namespace mode for RDMA subsystem Returns nil on success or appropriate error code.
RouteAdd will add a route to the system.
RouteAddEcmp will add a route to the system.
RouteAppend will append a route to the system.
RouteChange will change an existing route in the system.
RouteDel will delete a route from the system.
RouteGet gets a route to a specific destination from the host system.
RouteGetWithOptions gets a route to a specific destination from the host system.
RouteList gets a list of routes in the system.
RouteListFiltered gets a list of routes in the system filtered with specified rules.
RouteListFilteredIter passes each route that matches the filter to the given iterator func.
RouteReplace will add a route to the system.
RouteSubscribe takes a chan down which notifications will be sent when routes are added or deleted.
RouteSubscribeAt works like RouteSubscribe plus it allows the caller to choose the network namespace in which to subscribe (ns).
RouteSubscribeWithOptions work like RouteSubscribe but enable to provide additional options to modify the behavior.
RuleAdd adds a rule to the system.
RuleDel deletes a rule from the system.
RuleList lists rules in the system.
RuleListFiltered gets a list of rules in the system filtered by the specified rule template `filter`.
SetBits set provided bits in the uint64 input value usage example: features := SetBits(0, VIRTIO_NET_F_MTU, VIRTIO_NET_F_CTRL_MAC_ADDR).
SetNetNSIdByFd sets the ID of the network namespace for a given fd.
SetNetNSIdByPid sets the ID of the network namespace for a given pid (really thread id).
SetSocketTimeout configures timeout for default netlink sockets.
SocketDestroy kills the Socket identified by its local and remote addresses.
SocketDiagTCP requests INET_DIAG_INFO for TCP protocol for specified family type and return related socket.
SocketDiagTCPInfo requests INET_DIAG_INFO for TCP protocol for specified family type and return with extension TCP info.
SocketDiagUDP requests INET_DIAG_INFO for UDP protocol for specified family type and return related socket.
SocketDiagUDPInfo requests INET_DIAG_INFO for UDP protocol for specified family type and return with extension info.
SocketDiagXDP requests XDP_DIAG_INFO for XDP family sockets.
SocketGet returns the Socket identified by its local and remote addresses.
XDPSocketGet returns the XDP socket identified by its inode number and/or socket cookie.
StringToBondLacpRate returns bond lacp arte, or unknown is the s is invalid.
StringToBondMode returns bond mode, or unknown is the s is invalid.
StringToBondXmitHashPolicy returns bond lacp arte, or unknown is the s is invalid.
StringToVlanProtocol returns vlan protocol, or unknown is the s is invalid.
UnixSocketDiag requests UNIX_DIAG_INFO for unix sockets.
UnixSocketDiagInfo requests UNIX_DIAG_INFO for unix sockets and return with extension info.
VDPADelDev removes VDPA device Equivalent to: `vdpa dev del <name>`.
VDPAGetDevByName returns VDPA device selected by name Equivalent to: `vdpa dev show <name>`.
VDPAGetDevConfigByName returns VDPA device configuration selected by name Equivalent to: `vdpa dev config show <name>`.
VDPAGetDevConfigList returns list of VDPA devices configurations Equivalent to: `vdpa dev config show`.
VDPAGetDevList returns list of VDPA devices Equivalent to: `vdpa dev show`.
VDPAGetDevVStats returns vstats for VDPA device Equivalent to: `vdpa dev vstats show <name> qidx <queueIndex>`.
VDPAGetMGMTDevByBusAndName returns mgmt devices selected by bus and name Equivalent to: `vdpa mgmtdev show <bus>/<name>`.
VDPAGetMGMTDevList returns list of mgmt devices Equivalent to: `vdpa mgmtdev show`.
VDPANewDev adds new VDPA device Equivalent to: `vdpa dev add name <name> mgmtdev <mgmtBus>/mgmtName [params]`.
VethPeerIndex get veth peer index.
XfrmPolicyAdd will add an xfrm policy to the system.
XfrmPolicyDel will delete an xfrm policy from the system.
XfrmPolicyFlush will flush the policies on the system.
XfrmPolicyGet gets a the policy described by the index or selector, if found.
XfrmPolicyList gets a list of xfrm policies in the system.
XfrmPolicyUpdate will update an xfrm policy to the system.
XfrmStateAdd will add an xfrm state to the system.
XfrmStateAllocSpi will allocate an xfrm state in the system.
XfrmStateDel will delete an xfrm state from the system.
XfrmStateFlush will flush the xfrm state on the system.
XfrmStateGet gets the xfrm state described by the ID, if found.
XfrmStateList gets a list of xfrm states in the system.
XfrmStateUpdate will update an xfrm state to the system.

# Constants

Flag mask for bond options.
Possible BondAdSelect value.
Possible BondAdSelect value.
Flag mask for bond options.
Possible BondAdSelect value.
Flag mask for bond options.
Possible BondArpAllTargets value.
Possible BondArpAllTargets value.
Flag mask for bond options.
Flag mask for bond options.
Possible BondArpValidate value.
Possible BondArpValidate value.
Possible BondArpValidate value.
Flag mask for bond options.
Possible BondArpValidate value.
Flag mask for bond options.
Possible BondFailOverMac value.
Possible BondFailOverMac value.
Flag mask for bond options.
Possible BondFailOverMac value.
Possible BondLacpRate value.
Flag mask for bond options.
Possible BondLacpRate value.
Possible BondLacpRate value.
Flag mask for bond options.
Flag mask for bond options.
Flag mask for bond options.
Possible BondMode.
Possible BondMode.
Possible BondMode.
Possible BondMode.
Possible BondMode.
Possible BondMode.
Possible BondMode.
Flag mask for bond options.
Possible BondMode.
Flag mask for bond options.
Flag mask for bond options.
Flag mask for bond options.
Possible BondPrimaryReselect value.
Possible BondPrimaryReselect value.
Possible BondPrimaryReselect value.
Flag mask for bond options.
Flag mask for bond options.
Flag mask for bond options.
Flag mask for bond options.
Possible BondXmitHashPolicy value.
Possible BondXmitHashPolicy value.
Possible BondXmitHashPolicy value.
Possible BondXmitHashPolicy value.
Possible BondXmitHashPolicy value.
Flag mask for bond options.
Possible BondXmitHashPolicy value.
Possible BondXmitHashPolicy value.
BondLinkBack link is going back.
BondLinkDown link has been down for too long time.
BondLinkFail link has just gone down.
BondLinkUp link is up and running.
BondStateActive Link is active.
BondStateBackup Link is backup.
ConntrackExpectTable Conntrack expect table https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK_EXP 2.
--label label1,label2 Labels used in entry.
deprecated use instead ConntrackReplyAnyIP.
deprecated use instead ConntrackReplyDstIP.
deprecated use instead ConntrackReplySrcIP.
-orig-dst ip Destination address from original direction.
--orig-port-dst port Destination port in original direction.
-orig-src ip Source address from original direction.
--orig-port-src port Source port in original direction.
Match source or destination reply IP.
--reply-dst ip Reply Destination IP.
--reply-src ip Reply Source IP.
ConntrackTable Conntrack table https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink.h -> #define NFNL_SUBSYS_CTNETLINK 1.
--label label1,label2 Labels not used in entry.
ETH_SS_FEATURES are device feature names.
ETH_SS_PRIV_FLAGS are driver private flag names.
ETH_SS_RSS_HASH_FUNCS is RSS hush function names.
ETH_SS_STATS statistic names, for use with %ETHTOOL_GSTATS.
ETH_SS_TEST is self-test result names, for use with %ETHTOOL_TEST.
ETHTOOL_GSSET_INFO gets string set info.
ETHTOOL_GSTATS gets NIC-specific statistics.
ETHTOOL_GSTRINGS gets specified string set.
Family type definitions.
Family type definitions.
Family type definitions.
Family type definitions.
ideally golang.org/x/sys/unix would define IfReq but it only has IFNAMSIZ, hence this minimalistic implementation.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
INET_DIAG constatns.
allow remote endpoint on the local node.
don't add encapsulation limit if one isn't present in inner packet.
being used for Mobile IPv6.
copy DSCP from the outer packet.
copy the flowlabel from the inner packet.
copy fwmark from inner packet.
copy the traffic class field from the inner packet.
These can be replaced by the values from sys/unix when it is next released.
These can be replaced by the values from sys/unix when it is next released.
These can be replaced by the values from sys/unix when it is next released.
Neighbor Flags.
Extended Neighbor Flags.
Neighbor Flags.
Neighbor Flags.
Neighbor Flags.
Neighbor Flags.
Neighbor Flags.
Neighbor Flags.
Neighbor Flags.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Neighbor Cache Entry States.
Not up but pending an external event.
Down.
Down due to state of lower layer.
Some component is missing.
In some test mode.
Status can't be determined.
Up, ready to send packets.
SIOCETHTOOL is Ethtool interface.
ideally golang.org/x/sys/unix would define IfReq but it only has IFNAMSIZ, hence this minimalistic implementation.
Constants used in TcU32Sel.Flags.
Constants used in TcU32Sel.Flags.
Constants used in TcU32Sel.Flags.
Constants used in TcU32Sel.Flags.
mirror packet to EGRESS */.
packet redirect to EGRESS*/.
mirror packet to INGRESS */.
packet redirect to INGRESS*/.
set tunnel key.
unset tunnel key.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
TCP States.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
According to linux/include/uapi/linux/unix_diag.h.
If clear - device has the platform DMA (e.g.
Can the device handle any descriptor layout?.
Inorder feature indicates that all buffers are used by the device in the same order in which they have been made available.
Legacy name for VIRTIO_F_ACCESS_PLATFORM (for compatibility with old userspace).
This feature indicates that the driver uses the data provided by the device as a virtqueue identifier in available buffer notifications.
This feature indicates that the driver passes extra data (besides identifying the virtqueue) in its device notifications.
Do we get callbacks when the ring is completely used, even if we've suppressed them?.
This feature indicates that memory accesses by the driver and the device are ordered in a way described by the platform.
This feature indicates support for the packed virtqueue layout.
This feature indicates that the driver can reset a queue individually.
Does the device support Single Root I/O Virtualization?.
v1.0 compliant.
9p virtio console.
virtio audio policy.
virtio balloon.
virtio block.
virtio bluetooth.
Virtio caif.
virtio can.
virtio clock/timer.
virtio console.
virtio crypto.
virtio dmabuf.
virtio filesystem.
virtio gpio.
virtio GPU.
virtio i2c adapter.
virtio input.
virtio ioMemory.
virtio IOMMU.
virtio mac80211-hwsim.
virtio WLAN MAC.
virtio mem.
virtio memory balloon.
virtio net.
virtio nitro secure module.
virtio parameter server.
virtio pmem.
virtio pstore device.
virtio rng.
virtio rpmb.
virtio remote processor messaging.
virtio remoteproc serial link.
virtio SCMI.
virtio scsi.
virtio signal distribution device.
virtio sound.
virtio video decoder.
virtio video encoder.
virtio vsock transport.
virtio watchdog.
Host handles pkts w/ partial csum.
Dynamic offload configuration.
Set MAC address.
Control channel RX mode support.
Extra RX mode control support.
Control channel VLAN filtering.
Control channel available.
Host handles pkts any GSO type.
Guest can announce device on the* network.
Guest handles pkts w/ partial csum.
Guest can handle TSO[6] w/ ECN in.
Guest provides the exact hdr_len value.
Guest can handle TSOv4 in.
Guest can handle TSOv6 in.
Guest can handle UFO in.
Guest can handle USOv4 in.
Guest can handle USOv6 in.
Supports hash report.
Host can handle TSO[6] w/ ECN in.
Host can handle TSOv4 in.
Host can handle TSOv6 in.
Host can handle UFO in.
Host can handle USO in.
Host has given MAC address.
Device supports Receive Flow Steering.
Host can merge receive buffers.
Initial MTU advice.
Device supports notifications coalescing.
extended coalescing info.
Supports RSS RX steering.
Device set linkspeed and duplex.
Act as standby for another device with the same MAC.
virtio_net_config.status available.
Device supports virtqueue notification coalescing.
Announcement is needed.
Link is up.
transitional virtio 9p console.
transitional virtio balloon.
transitional virtio block.
transitional virtio console.
transitional virtio net.
transitional virtio rng.
transitional virtio SCSI.
VlanProtocol possible values.
VlanProtocol possible values.
VlanProtocol possible values.
when using XDP_SHOW_INFO.
when using XDP_SHOW_MEMINFO.
XDP diag element constants.
when using XDP_SHOW_RING_CFG.
when using XDP_SHOW_STATS.
when using XDP_SHOW_RING_CFG.
when using XDP_SHOW_INFO.
when using XDP_SHOW_UMEM.
when using XDP_SHOW_UMEM.
when using XDP_SHOW_UMEM.
XDP diagnosis show flag constants to request particular information elements.
XDP diagnosis show flag constants to request particular information elements.
XDP diagnosis show flag constants to request particular information elements.
XDP diagnosis show flag constants to request particular information elements.
XDP diagnosis show flag constants to request particular information elements.

# Variables

ErrAttrBodyTruncated is returned when a netlink attribute's body is truncated.
ErrAttrHeaderTruncated is returned when a netlink attribute's header is truncated.
ErrNotImplemented is returned when a requested feature is not implemented.

# Structs

Addr represents an IP address from netlink.
AddrSubscribeOptions contains a set of options to use with AddrSubscribeWithOptions.
Bond representation.
BondAdInfo represents ad info for bond.
Bridge links are simple linux bridges.
Chain contains the attributes of a Chain.
ClassAttrs represents a netlink class.
ClassStatistics representation based on generic networking statistics for netlink.
Clsact is a qdisc for adding filters.
Device links cannot be created via netlink.
DevlinkDevAttrs represents device attributes.
DevlinkDevEswitchAttr represents device's eswitch attributes.
DevlinkDevice represents device and its attributes.
DevlinkDeviceInfo represents devlink info.
DevlinkParam represents parameter of the device.
DevlinkParamValue contains values of the parameter Data field contains specific type which can be casted by unsing info from the DevlinkParam.Type field.
DevlinkPort represents port and its attributes.
DevlinkPortFn represents port function and its attributes.
DevlinkPortFnSetAttrs represents attributes to set.
DevlinkResource represents a device resource.
DevlinkResources represents all devlink resources of a devlink device.
Dummy links are dummy ethernet devices.
FilterAttrs represents a netlink filter.
Fq is a classless packet scheduler meant to be mostly used for locally generated traffic.
FQ_Codel (Fair Queuing Controlled Delay) is queuing discipline that combines Fair Queuing with the CoDel AQM scheme.
GenericClass classes represent types that are not currently understood by this netlink library.
GenericFilter filters represent types that are not currently understood by this netlink library.
GenericLink links represent types that are not currently understood by this netlink library.
GenericQdisc qdiscs represent types that are not currently understood by this netlink library.
Geneve devices must specify RemoteIP and ID (VNI) on create https://github.com/torvalds/linux/blob/47ec5303d73ea344e84f46660fff693c57641386/drivers/net/geneve.c#L1209-L1223.
GnetStatsBasic Ref: struct gnet_stats_basic { ..
GnetStatsQueue Ref: struct gnet_stats_queue { ..
GnetStatsRateEst Ref: struct gnet_stats_rate_est { ..
GnetStatsRateEst64 Ref: struct gnet_stats_rate_est64 { ..
Gretap devices must specify LocalIP and RemoteIP on create.
Handle is an handle for the netlink requests on a specific network namespace.
HfscClass is a representation of the HFSC class.
Htb is a classful qdisc that rate limits based on tokens.
HtbClass represents an Htb class.
HtbClassAttrs stores the attributes of HTB class.
Ifb links are advanced dummy devices for packet filtering.
Ifreq is a struct for ioctl ethernet manipulation syscalls.
IfreqSlave is a struct for ioctl bond manipulation syscalls.
Ingress is a qdisc for adding ingress filters.
IP6tnlEncap definition.
IpsetCreateOptions is the options struct for creating a new ipset.
IPSetEntry is used for adding, updating, retreiving and deleting entries.
IPSetResult is the result of a dump request for a set.
The full conntrack flow structure is very complicated and can be found in the file: http://git.netfilter.org/libnetfilter_conntrack/tree/include/internal/object.h For the time being, the structure below allows to parse and extract the base information of a flow.
IPVtap - IPVtap is a virtual interfaces based on ipvlan.
LinkAttrs represents data shared by most link types.
LinkNotFoundError wraps the various not found errors when getting/reading links.
Ref: struct rtnl_link_stats {...} */.
Ref: struct rtnl_link_stats64 {...} */.
LinkSubscribeOptions contains a set of options to use with LinkSubscribeWithOptions.
LinkUpdate is used to pass information back from LinkSubscribe().
Macvlan links have ParentIndex set in their Attrs().
Macvtap - macvtap is a virtual interfaces based on macvlan.
MatchAll filters match all packets.
According to https://man7.org/linux/man-pages/man7/sock_diag.7.html.
Ndmsg is for adding, removing or receiving information about a neighbor table entry.
Neigh represents a link layer neighbor from netlink.
NeighSubscribeOptions contains a set of options to use with NeighSubscribeWithOptions.
NeighUpdate is sent when a neighbor changes - type is RTM_NEWNEIGH or RTM_DELNEIGH.
PfifoFast is the default qdisc created by the kernel if one has not been defined for the interface.
Prio is a basic qdisc that works just like PfifoFast.
Protinfo represents bridge flags from netlink.
ProtoInfoDCCP only supports the protocol name.
ProtoInfoSCTP only supports the protocol name.
ProtoInfoTCP corresponds to the `tcp` struct of the __nfct_protoinfo union.
QdiscAttrs represents a netlink qdisc.
Link represents a rdma device from netlink.
LinkAttrs represents data shared by most link types.
Route represents a netlink route.
RouteGetOptions contains a set of options to use with RouteGetWithOptions.
RouteSubscribeOptions contains a set of options to use with RouteSubscribeWithOptions.
NlFlags is only non-zero for RTM_NEWROUTE, the following flags can be set: - unix.NLM_F_REPLACE - Replace existing matching config object with this request - unix.NLM_F_EXCL - Don't replace the config object if it already exists - unix.NLM_F_CREATE - Create config object if it doesn't already exist - unix.NLM_F_APPEND - Add to the end of the object list.
Rule represents a netlink rule.
RulePortRange represents rule sport/dport range.
RuleUIDRange represents rule uid range.
SEG6 definitions.
SEG6LocalEncap definitions.
ServiceCurve is a nondecreasing function of some time unit, returning the amount of service (an allowed or allocated amount of bandwidth) at some specific point in time.
Socket represents a netlink socket.
SocketID identifies a single socket.
Tbf is a classless qdisc that rate limits based on tokens.
Tuntap links created via /dev/tun/tap, but can be destroyed via netlink.
U32 filters on many packet related properties.
UnixSocket represents a netlink unix socket.
VDPADev contains info about VDPA device.
VDPADevConfig contains configuration of the VDPA device.
VDPADevConfigNet conatins status and net config for the VDPA device.
VDPADevConfigNetCfg contains net config for the VDPA device.
VDPADevConfigNetStatus contains info about net status.
VDPADevVStats conatins vStats for the VDPA device.
VDPADevVStatsVendor conatins name and value for vendor specific vstat option.
VDPAMGMTDev conatins info about VDPA management device.
VDPANewDevParams contains parameters for new VDPA device use SetBits to configure requried features for the device example: VDPANewDevParams{Features: SetBits(0, VIRTIO_NET_F_MTU, VIRTIO_NET_F_CTRL_MAC_ADDR)}.
Veth devices must specify PeerName on create.
VfInfo represents configuration of virtual function.
Vlan links have ParentIndex set in their Attrs().
Wireguard represent links of type "wireguard", see https://www.wireguard.com/.
https://elixir.bootlin.com/linux/v6.2/source/include/uapi/linux/xdp_diag.h#L21.
XDPDiagStats contains ring statistics for an XDP socket.
XDPDiagUmem describes the umem attached to an XDP socket.
XDPSocket represents an XDP socket (and the common diagnosis part in particular).
Virtual XFRM Interfaces Named "xfrmi" to prevent confusion with XFRM objects.
XfrmMark represents the mark associated to the state or policy.
XfrmPolicy represents an ipsec policy.
XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec policy.
XfrmReplayState represents the sequence number states for "legacy" anti-replay mode.
XfrmState represents the state of an ipsec policy.
XfrmStateAlgo represents the algorithm to use for the ipsec encryption.
XfrmStateEncap represents the encapsulation to use for the ipsec encryption.
XfrmStateLimits represents the configured limits for the state.
XfrmStateStats represents the current number of bytes/packets processed by this State, the State's installation and first use time and the replay window counters.

# Interfaces

Action represents an action in any supported filter.
Class interfaces for all classes.
Link represents a link device from netlink.
LinkSlave represents a slave device.
ProtoInfo wraps an L4-protocol structure - roughly corresponds to the __nfct_protoinfo union found in libnetfilter_conntrack/include/internal/object.h.

# Type aliases

BondAdSelect type.
BondArpAllTargets type.
BondArpValidate type.
BondFailOverMac type.
BondLacpRate type.
BondMode type.
BondPrimaryReselect type.
BondSlaveMiiStatus represents the values of the IFLA_BOND_SLAVE_MII_STATUS bond slave attribute, which contains the status of MII link monitoring.
BondSlaveState represents the values of the IFLA_BOND_SLAVE_STATE bond slave attribute, which contains the state of the bond slave.
BondXmitHashPolicy type.
Filter types.
ConntrackTableType Conntrack table for the netlink operation.
Dir is an enum representing an ipsec template direction.
EncapType is an enum representing the optional packet encapsulation.
InetFamily Family type.
from https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/ip6_tunnel.h#L12.
LinkOperState represents the values of the IFLA_OPERSTATE link attribute, which contains the RFC2863 state of the interface.
Mode is an enum representing an ipsec transport.
PolicyAction is an enum representing an ipsec policy action.
Proto is an enum representing an ipsec protocol.
Protocol describe what was the originator of the route.
Scope is an enum representing a route scope.
TcU32Key contained of Sel in the U32 filters.
Sel of the U32 filters that contains multiple TcU32Key.
from https://elixir.bootlin.com/linux/v5.15.4/source/include/uapi/linux/if_tunnel.h#L91.
from https://elixir.bootlin.com/linux/v5.15.4/source/include/uapi/linux/if_tunnel.h#L84.
VlanProtocol type.