Enum libflow::update::Key [] [src]

pub enum Key {
    Simple(Value),
    FlowTuple {
        ip_proto_raw: u8,
        loc_ip: IpAddr,
        rem_ip: IpAddr,
        loc_port: Option<u16>,
        rem_port: Option<u16>,
    },
    InternalHandle(FlowTags),
}
[]

A key is some bit of data that describes which flow is spoken of.

Variants

[]

The flow can be recognized by a single tag value.

Usually, this is some kind of ID internal to the source of data.

Examples

use libdata::column::Type;
use libflow::update::Key;

#[derive(Clone, Debug, Deserialize, Eq, Ord, PartialEq, PartialOrd, Serialize)]
struct PrivateId(pub String);

impl Type for PrivateId {
    fn name() -> String {
        "my-private-source-id".to_owned()
    }
}

let key = Key::Simple(PrivateId("some-unique-id".to_owned()).into());
[]

The flow can be recognized by the usual tuple ‒ ID addresses, protocol used and a pair of ports.

This is mostly a convenience so we don't have to be able to build multi-value keys out of Values and care about the order, etc.

TODO

What about protocols like ICMP? Don't they have something else in their tuple?

Examples

let tcp_flow = Key::FlowTuple {
    ip_proto_raw: 6,
    loc_ip: "192.0.2.1".parse().unwrap(),
    rem_ip: "192.0.2.2".parse().unwrap(),
    loc_port: Some(7384),
    rem_port: Some(80),
};
let icmpv6_flow = Key::FlowTuple {
    ip_proto_raw: 58,
    loc_ip: "2001:0DB8::1".parse().unwrap(),
    rem_ip: "2001:0DB8::2".parse().unwrap(),
    loc_port: None,
    rem_port: None,
};
[]

This one uses the internal address of the flow as the key.

This one can't be used by data sources, since they never know the internal address. However, it can be used by other parts of the processing to generate an update to already existing.

Unlike other keys, if an update references a flow with unknown InternalHandle key, a new key is not set up, but the update is ignored, assuming this is a race condition and the update is for a flow that already ended. While this should not usually happen (as there's a grace time before the flow is actually deleted), this can't be completely ruled out.

An update that has an InternalHandle key must have only that key and no other, otherwise something somewhere might stop working or panic.

Trait Implementations

impl Clone for Key
[src]

[]

Returns a copy of the value. Read more

[]

Performs copy-assignment from source. Read more

impl Debug for Key
[src]

[]

Formats the value using the given formatter.

impl Eq for Key
[src]

impl Ord for Key
[src]

[]

This method returns an Ordering between self and other. Read more

[]

🔬 This is a nightly-only experimental API. (ord_max_min)

Compares and returns the maximum of two values. Read more

[]

🔬 This is a nightly-only experimental API. (ord_max_min)

Compares and returns the minimum of two values. Read more

impl PartialEq for Key
[src]

[]

This method tests for self and other values to be equal, and is used by ==. Read more

[]

This method tests for !=.

impl PartialOrd for Key
[src]

[]

This method returns an ordering between self and other values if one exists. Read more

[]

This method tests less than (for self and other) and is used by the < operator. Read more

[]

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more

[]

This method tests greater than (for self and other) and is used by the > operator. Read more

[]

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more