Module dfw::types [−][src]
The types in this module make up the structure of the configuration-file(s).
Example
The following is an examplary TOML configuration, which will be parsed into this modules types.
[defaults]
external_network_interfaces = "eth0"
[initialization]
[initialization.v4]
filter = [
"-P INPUT DROP",
]
[container_to_container]
default_policy = "DROP"
[[container_to_container.rules]]
network = "common_network"
src_container = "container_a"
dst_container = "container_b"
action = "ACCEPT"
[container_to_wider_world]
default_policy = "ACCEPT"
[[container_to_container.rules]]
network = "other_network"
src_container = "container_c"
action = "DROP"
[wider_world_to_container]
[[wider_world_to_container.rules]]
network = "common_network"
dst_container = "container_a"
expose_port = [80, 443]
[container_dnat]
[[container_dnat.rules]]
src_network = "common_network"
src_container = "container_a"
dst_network = "other_network"
dst_container = "container_c"
expose_port = { host_port = 8080, container_port = 80, family = "tcp" }
Structs
ContainerDNAT |
The container-DNAT section, defining how containers can communicate with each other over non-common networks. |
ContainerDNATRule |
Definition for a rule to be used in the container-DNAT section. |
ContainerToContainer |
The container-to-container section, defining how containers can communicate amongst each other. |
ContainerToContainerRule |
Definition for a rule to be used in the container-to-container section. |
ContainerToHost |
The container-to-host section, defining how containers can communicate with the host. |
ContainerToHostRule |
Definition for a rule to be used in the container-to-host section. |
ContainerToWiderWorld |
The container-to-wider-world section, defining how containers can communicate with the wider world. |
ContainerToWiderWorldRule |
Definition for a rule to be used in the container-to-wider-world section. |
DFW |
|
Defaults |
The default configuration section, used by DFW for rule processing. |
ExposePort |
Struct to hold a port definition to expose on the host/between containers. |
ExposePortBuilder |
Builder for |
Initialization |
The initialization section allows you to add custom rules to any table in both iptables and ip6tables. |
WiderWorldToContainer |
The wider-world-to-container section, defining how containers can reached from the wider world. |
WiderWorldToContainerRule |
Definition for a rule to be used in the wider-world-to-container section. |