Module dfw::types[−][src]

The types in this module make up the structure of the configuration-file(s).

Example

The following is an examplary TOML configuration, which will be parsed into this modules types.

[defaults]
external_network_interfaces = "eth0"

[initialization]
[initialization.v4]
filter = [
    "-P INPUT DROP",
]

[container_to_container]
default_policy = "DROP"

[[container_to_container.rules]]
network = "common_network"
src_container = "container_a"
dst_container = "container_b"
action = "ACCEPT"

[container_to_wider_world]
default_policy = "ACCEPT"

[[container_to_container.rules]]
network = "other_network"
src_container = "container_c"
action = "DROP"

[wider_world_to_container]

[[wider_world_to_container.rules]]
network = "common_network"
dst_container = "container_a"
expose_port = [80, 443]

[container_dnat]

[[container_dnat.rules]]
src_network = "common_network"
src_container = "container_a"
dst_network = "other_network"
dst_container = "container_c"
expose_port = { host_port = 8080, container_port = 80, family = "tcp" }

Structs

ContainerDNAT	The container-DNAT section, defining how containers can communicate with each other over non-common networks.
ContainerDNATRule	Definition for a rule to be used in the container-DNAT section.
ContainerToContainer	The container-to-container section, defining how containers can communicate amongst each other.
ContainerToContainerRule	Definition for a rule to be used in the container-to-container section.
ContainerToHost	The container-to-host section, defining how containers can communicate with the host.
ContainerToHostRule	Definition for a rule to be used in the container-to-host section.
ContainerToWiderWorld	The container-to-wider-world section, defining how containers can communicate with the wider world.
ContainerToWiderWorldRule	Definition for a rule to be used in the container-to-wider-world section.
DFW	`DFW` is the parent type defining the complete configuration used by DFW to build up the firewall rules.
Defaults	The default configuration section, used by DFW for rule processing.
ExposePort	Struct to hold a port definition to expose on the host/between containers.
ExposePortBuilder	Builder for `ExposePort`.
Initialization	The initialization section allows you to add custom rules to any table in both iptables and ip6tables.
WiderWorldToContainer	The wider-world-to-container section, defining how containers can reached from the wider world.
WiderWorldToContainerRule	Definition for a rule to be used in the wider-world-to-container section.