base/frameworks/netcontrol/plugins/acld.zeek
- NetControl
Acld plugin for the netcontrol framework.
- Namespace
NetControl
- Imports
base/frameworks/broker, base/frameworks/netcontrol/main.zeek, base/frameworks/netcontrol/plugin.zeek
Summary
Types
Redefinitions
|
Events
Events that are sent from us to Broker. |
|
Events that are sent from Broker to us. |
|
Hooks
Hook that is called after a rule is converted to an acld rule. |
Functions
Instantiates the acld plugin. |
Detailed Interface
Types
- NetControl::AcldConfig
- Type
-
- acld_topic:
string
The acld topic to send events to.
- acld_host:
addr
Broker host to connect to.
- acld_port:
port
Broker port to connect to.
- monitor:
bool
&default
=F
&optional
Do we accept rules for the monitor path? Default false.
- forward:
bool
&default
=T
&optional
Do we accept rules for the forward path? Default true.
- check_pred:
function
(p:NetControl::PluginState
, r:NetControl::Rule
)bool
&optional
Predicate that is called on rule insertion or removal.
- param p
Current plugin state.
- param r
The rule to be inserted or removed.
- returns
T if the rule can be handled by the current backend, F otherwise.
- acld_topic:
Events
- NetControl::acld_add_rule
- Type
event
(id:count
, r:NetControl::Rule
, ar:NetControl::AclRule
)
Events that are sent from us to Broker.
- NetControl::acld_remove_rule
- Type
event
(id:count
, r:NetControl::Rule
, ar:NetControl::AclRule
)
- NetControl::acld_rule_added
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
Events that are sent from Broker to us.
- NetControl::acld_rule_error
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
- NetControl::acld_rule_exists
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
- NetControl::acld_rule_removed
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
Hooks
- NetControl::acld_rule_policy
- Type
hook
(p:NetControl::PluginState
, r:NetControl::Rule
, ar:NetControl::AclRule
) :bool
Hook that is called after a rule is converted to an acld rule. The hook may modify the rule before it is sent to acld. Setting the acld command to F will cause the rule to be rejected by the plugin.
- Parameters
p – Current plugin state.
r – The rule to be inserted or removed.
ar – The acld rule to be inserted or removed.
Functions
- NetControl::create_acld
- Type
function
(config:NetControl::AcldConfig
) :NetControl::PluginState
Instantiates the acld plugin.