Crate netstack3_filter

Packet filtering framework.

Modules

• testutil
  Testing-related utilities for use by other crates.

Structs

• AddressMatcher
  A matcher for IP addresses.
• ConntrackExternalData
  Data stored in [conntrack::Connection] that is only needed by filtering.
• FilterApi
  The filtering API.
• FilterImpl
  The “production” implementation of packet filtering.
• ForwardedPacket
  An incoming IP packet that is being forwarded.
• Hook
  A particular entry point for packet processing in which filtering routines are installed.
• IpRoutines
  Routines that perform ordinary IP filtering.
• NatRoutines
  Routines that can perform NAT.
• NestedWithInnerIpPacket
  A nested serializer whose inner serializer implements IpPacket.
• PacketMatcher
  Top-level matcher for IP packets.
• PortMatcher
  A matcher for transport-layer port numbers.
• ProofOfEgressCheck
  A witness type to indicate that the egress filtering hook has been run.
• Routine
  A sequence of Rules.
• Routines
  IP version-specific filtering routine state.
• Rule
  A set of criteria (matchers) and a resultant action to take if a given packet matches.
• RxPacket
  An incoming IP packet that has been parsed into its constituent parts for either local delivery or forwarding.
• State
  IP version-specific filtering state.
• TransportProtocolMatcher
  A matcher for transport-layer protocol or port numbers.
• TxPacket
  An outgoing IP packet that has not yet been wrapped into an outer serializer type.
• UninstalledRoutine
  A handle to a Routine that is not installed in a particular hook, and therefore is only run if jumped to from another routine.
• ValidRoutines
  Witness type ensuring that the contained filtering state has been validated.

Enums

• Action
  The action to take on a packet.
• AddressMatcherType
  A matcher for IP addresses.
• IngressVerdict
  The final result of packet processing at the INGRESS hook.
• InterfaceMatcher
  A matcher for network interfaces.
• TransparentProxy
  Transparently intercept the packet and deliver it to a local socket without changing the packet header.
• ValidationError
  Provided filtering state was invalid.
• Verdict
  The final result of packet processing at a given filtering hook.

Traits

• FilterBindingsContext
  Trait aggregating functionality required from bindings.
• FilterBindingsTypes
  Trait defining required types for filtering provided by bindings.
• FilterContext
  A context for mutably accessing all filtering state at once, to allow IPv4 and IPv6 filtering state to be modified atomically.
• FilterHandler
  An implementation of packet filtering logic, providing entry points at various stages of packet processing.
• FilterIpContext
  The IP version-specific execution context for packet filtering.
• FilterIpMetadata
  A trait for interacting with the pieces of packet metadata that are important for filtering.
• InterfaceProperties
  Allows filtering code to match on properties of an interface (ID, name, and device class) without Netstack3 Core (or Bindings, in the case of the device class) having to specifically expose that state.
• IpPacket
  An IP packet that provides header inspection.
• MaybeTransportPacket
  A payload of an IP packet that may be a valid transport layer packet.
• TransportPacketSerializer
  A serializer that may also be a valid transport layer packet.

Type Aliases

• ConntrackConnection
  A connection as tracked by conntrack.