Enum fidl_fuchsia_net_filter::Action

source ·
pub enum Action {
    Accept(Empty),
    Drop(Empty),
    Jump(String),
    Return_(Empty),
    TransparentProxy(TransparentProxy_),
    Redirect(Redirect),
    Masquerade(Masquerade),
    // some variants omitted
}
Expand description

The action to take on a packet.

Variants§

§

Accept(Empty)

Accept the packet.

This is a terminal action for the current installed routine, i.e. no further rules will be evaluated for this packet in the installed routine (or any subroutines) in which this rule is installed. Subsequent routines installed on the same hook will still be evaluated.

§

Drop(Empty)

Drop the packet.

This is a terminal action, i.e. no further rules will be evaluated for this packet, even in other routines on the same hook.

§

Jump(String)

Jump from the current routine to the routine identified by the provided name.

The target routine must be in the same namespace as the calling routine, and it cannot be installed on a hook; it must be an uninstalled routine.

§

Return_(Empty)

Stop evaluation of the current routine and return to the calling routine (the routine from which the current routine was jumped), continuing evaluation at the next rule.

If invoked in an installed routine, equivalent to accept, given packets are accepted by default in the absence of any matching rules.

§

TransparentProxy(TransparentProxy_)

Redirect the packet to a local socket without changing the packet header in any way.

This is a terminal action for the current hook, i.e. no further rules will be evaluated for this packet, even in other routines on the same hook. However, note that this does not preclude actions on other hooks from having an effect on this packet; for example, a packet that hits TransparentProxy in INGRESS could still be dropped in LOCAL_INGRESS.

This action is only valid in the INGRESS hook. This action is also only valid in a rule that ensures the presence of a TCP or UDP header by matching on the transport protocol, so that the packet can be properly dispatched.

Also note that transparently proxied packets will only be delivered to sockets with the transparent socket option enabled. If no such socket exists, the packet will be dropped.

This is analogous to the tproxy statement in Netfilter.

§

Redirect(Redirect)

A special case of destination NAT (DNAT) that redirects the packet to the local host.

This is a terminal action for all NAT routines on the current hook. The packet is redirected by rewriting the destination IP address to one owned by the ingress interface (if operating on incoming traffic in INGRESS) or the loopback address (if operating on locally-generated traffic in LOCAL_EGRESS). If this rule is installed on INGRESS and no IP address is assigned to the incoming interface, the packet is dropped.

As with all DNAT actions, this action is only valid in the INGRESS and LOCAL_EGRESS hooks. If a destination port is specified, this action is only valid in a rule that ensures the presence of a TCP or UDP header by matching on the transport protocol, so that the destination port can be rewritten.

This is analogous to the redirect statement in Netfilter.

§

Masquerade(Masquerade)

A special case of source NAT (SNAT) that reassigns the source IP address of the packet to an address that is assigned to the outgoing interface.

This is a terminal action for all NAT routines on the current hook. If no address is assigned to the outgoing interface, the packet will be dropped.

This action is only valid in the EGRESS hook. If a source port range is specified, this action is only valid in a rule that ensures the presence of a TCP or UDP header by matching on the transport protocol, so that the source port can be rewritten.

This is analogous to the masquerade statement in Netfilter.

Implementations§

source§

impl Action

source

pub fn ordinal(&self) -> u64

source

pub fn unknown_variant_for_testing() -> Self

source

pub fn is_unknown(&self) -> bool

Trait Implementations§

source§

impl Clone for Action

source§

fn clone(&self) -> Action

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Action

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<D: ResourceDialect> Decode<Action, D> for Action

source§

fn new_empty() -> Self

Creates a valid instance of Self. The specific value does not matter, since it will be overwritten by decode.
source§

unsafe fn decode( &mut self, decoder: &mut Decoder<'_, D>, offset: usize, depth: Depth, ) -> Result<()>

Decodes an object of type T from the decoder’s buffers into self. Read more
source§

impl<D: ResourceDialect> Encode<Action, D> for &Action

source§

unsafe fn encode( self, encoder: &mut Encoder<'_, D>, offset: usize, _depth: Depth, ) -> Result<()>

Encodes the object into the encoder’s buffers. Any handles stored in the object are swapped for Handle::INVALID. Read more
source§

impl PartialEq for Action

source§

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl TypeMarker for Action

§

type Owned = Action

The owned Rust type which this FIDL type decodes into.
source§

fn inline_align(_context: Context) -> usize

Returns the minimum required alignment of the inline portion of the encoded object. It must be a (nonzero) power of two.
source§

fn inline_size(_context: Context) -> usize

Returns the size of the inline portion of the encoded object, including padding for alignment. Must be a multiple of inline_align.
§

fn encode_is_copy() -> bool

Returns true if the memory layout of Self::Owned matches the FIDL wire format and encoding requires no validation. When true, we can optimize encoding arrays and vectors of Self::Owned to a single memcpy. Read more
§

fn decode_is_copy() -> bool

Returns true if the memory layout of Self::Owned matches the FIDL wire format and decoding requires no validation. When true, we can optimize decoding arrays and vectors of Self::Owned to a single memcpy.
source§

impl ValueTypeMarker for Action

§

type Borrowed<'a> = &'a Action

The Rust type to use for encoding. This is a particular Encode<Self> type cheaply obtainable from &Self::Owned. There are three cases: Read more
source§

fn borrow(value: &<Self as TypeMarker>::Owned) -> Self::Borrowed<'_>

Cheaply converts from &Self::Owned to Self::Borrowed.
source§

impl Persistable for Action

Auto Trait Implementations§

§

impl Freeze for Action

§

impl RefUnwindSafe for Action

§

impl Send for Action

§

impl Sync for Action

§

impl Unpin for Action

§

impl UnwindSafe for Action

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> Body for T
where T: Persistable,

§

type MarkerAtTopLevel = T

The marker type to use when the body is at the top-level.
§

type MarkerInResultUnion = T

The marker type to use when the body is nested in a result union.
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

default unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
§

impl<T, D> Encode<Ambiguous1, D> for T
where D: ResourceDialect,

§

unsafe fn encode( self, _encoder: &mut Encoder<'_, D>, _offset: usize, _depth: Depth, ) -> Result<(), Error>

Encodes the object into the encoder’s buffers. Any handles stored in the object are swapped for Handle::INVALID. Read more
§

impl<T, D> Encode<Ambiguous2, D> for T
where D: ResourceDialect,

§

unsafe fn encode( self, _encoder: &mut Encoder<'_, D>, _offset: usize, _depth: Depth, ) -> Result<(), Error>

Encodes the object into the encoder’s buffers. Any handles stored in the object are swapped for Handle::INVALID. Read more
§

impl<E> ErrorType for E
where E: ValueTypeMarker<Owned = E> + Decode<E, DefaultFuchsiaResourceDialect>,

§

type Marker = E

The marker type.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize = _

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more