base/frameworks/netcontrol/plugins/acld.zeek¶
- NetControl¶
Acld plugin for the netcontrol framework.
- Namespace
NetControl
- Imports
base/frameworks/broker, base/frameworks/netcontrol/main.zeek, base/frameworks/netcontrol/plugin.zeek
Summary¶
Types¶
Redefinitions¶
|
Events¶
Events that are sent from us to Broker. |
|
Events that are sent from Broker to us. |
|
Hooks¶
Hook that is called after a rule is converted to an acld rule. |
Functions¶
Instantiates the acld plugin. |
Detailed Interface¶
Types¶
- NetControl::AcldConfig¶
- Type
-
- acld_topic:
string
The acld topic to send events to.
- acld_host:
addr
Broker host to connect to.
- acld_port:
port
Broker port to connect to.
- monitor:
bool
&default
=F
&optional
Do we accept rules for the monitor path? Default false.
- forward:
bool
&default
=T
&optional
Do we accept rules for the forward path? Default true.
- check_pred:
function
(p:NetControl::PluginState
, r:NetControl::Rule
)bool
&optional
Predicate that is called on rule insertion or removal.
- p
Current plugin state.
- r
The rule to be inserted or removed.
- returns
T if the rule can be handled by the current backend, F otherwise.
- acld_topic:
Events¶
- NetControl::acld_add_rule¶
- Type
event
(id:count
, r:NetControl::Rule
, ar:NetControl::AclRule
)
Events that are sent from us to Broker.
- NetControl::acld_remove_rule¶
- Type
event
(id:count
, r:NetControl::Rule
, ar:NetControl::AclRule
)
- NetControl::acld_rule_added¶
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
Events that are sent from Broker to us.
- NetControl::acld_rule_error¶
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
- NetControl::acld_rule_exists¶
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
- NetControl::acld_rule_removed¶
- Type
event
(id:count
, r:NetControl::Rule
, msg:string
)
Hooks¶
- NetControl::acld_rule_policy¶
- Type
hook
(p:NetControl::PluginState
, r:NetControl::Rule
, ar:NetControl::AclRule
) :bool
Hook that is called after a rule is converted to an acld rule. The hook may modify the rule before it is sent to acld. Setting the acld command to F will cause the rule to be rejected by the plugin.
- P
Current plugin state.
- R
The rule to be inserted or removed.
- Ar
The acld rule to be inserted or removed.
Functions¶
- NetControl::create_acld¶
- Type
function
(config:NetControl::AcldConfig
) :NetControl::PluginState
Instantiates the acld plugin.