netstack3_filter

Trait FilterHandler

Source 
pub trait FilterHandler<I: IpExt, BC: FilterBindingsTypes>: IpDeviceAddressIdContext<I, DeviceId: InterfaceProperties<BC::DeviceClass>> {
    // Required methods
    fn ingress_hook<P, M>(
        &mut self,
        bindings_ctx: &mut BC,
        packet: &mut P,
        interface: &Self::DeviceId,
        metadata: &mut M,
    ) -> IngressVerdict<I>
       where P: IpPacket<I>,
             M: FilterIpMetadata<I, Self::WeakAddressId, BC>;
    fn local_ingress_hook<P, M>(
        &mut self,
        bindings_ctx: &mut BC,
        packet: &mut P,
        interface: &Self::DeviceId,
        metadata: &mut M,
    ) -> Verdict
       where P: IpPacket<I>,
             M: FilterIpMetadata<I, Self::WeakAddressId, BC>;
    fn forwarding_hook<P, M>(
        &mut self,
        packet: &mut P,
        in_interface: &Self::DeviceId,
        out_interface: &Self::DeviceId,
        metadata: &mut M,
    ) -> Verdict
       where P: IpPacket<I>,
             M: FilterIpMetadata<I, Self::WeakAddressId, BC>;
    fn local_egress_hook<P, M>(
        &mut self,
        bindings_ctx: &mut BC,
        packet: &mut P,
        interface: &Self::DeviceId,
        metadata: &mut M,
    ) -> Verdict
       where P: IpPacket<I>,
             M: FilterIpMetadata<I, Self::WeakAddressId, BC>;
    fn egress_hook<P, M>(
        &mut self,
        bindings_ctx: &mut BC,
        packet: &mut P,
        interface: &Self::DeviceId,
        metadata: &mut M,
    ) -> (Verdict, ProofOfEgressCheck)
       where P: IpPacket<I>,
             M: FilterIpMetadata<I, Self::WeakAddressId, BC>;
}
Expand description

An implementation of packet filtering logic, providing entry points at various stages of packet processing.

Required Methods§

Source

fn ingress_hook<P, M>( &mut self, bindings_ctx: &mut BC, packet: &mut P, interface: &Self::DeviceId, metadata: &mut M, ) -> IngressVerdict<I>
where P: IpPacket<I>, M: FilterIpMetadata<I, Self::WeakAddressId, BC>,

The ingress hook intercepts incoming traffic before a routing decision has been made.

Source

fn local_ingress_hook<P, M>( &mut self, bindings_ctx: &mut BC, packet: &mut P, interface: &Self::DeviceId, metadata: &mut M, ) -> Verdict
where P: IpPacket<I>, M: FilterIpMetadata<I, Self::WeakAddressId, BC>,

The local ingress hook intercepts incoming traffic that is destined for the local host.

Source

fn forwarding_hook<P, M>( &mut self, packet: &mut P, in_interface: &Self::DeviceId, out_interface: &Self::DeviceId, metadata: &mut M, ) -> Verdict
where P: IpPacket<I>, M: FilterIpMetadata<I, Self::WeakAddressId, BC>,

The forwarding hook intercepts incoming traffic that is destined for another host.

Source

fn local_egress_hook<P, M>( &mut self, bindings_ctx: &mut BC, packet: &mut P, interface: &Self::DeviceId, metadata: &mut M, ) -> Verdict
where P: IpPacket<I>, M: FilterIpMetadata<I, Self::WeakAddressId, BC>,

The local egress hook intercepts locally-generated traffic before a routing decision has been made.

Source

fn egress_hook<P, M>( &mut self, bindings_ctx: &mut BC, packet: &mut P, interface: &Self::DeviceId, metadata: &mut M, ) -> (Verdict, ProofOfEgressCheck)
where P: IpPacket<I>, M: FilterIpMetadata<I, Self::WeakAddressId, BC>,

The egress hook intercepts all outgoing traffic after a routing decision has been made.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§

Source§

impl<I, BC, CC> FilterHandler<I, BC> for FilterImpl<'_, CC>
where I: IpExt, BC: FilterBindingsContext, CC: FilterIpContext<I, BC>,