LCOV - code coverage report
Current view: top level - envoy/network - filter.h (source / functions) Hit Total Coverage
Test: coverage.dat Lines: 15 33 45.5 %
Date: 2024-01-05 06:35:25 Functions: 15 29 51.7 % 

          Line data    Source code
       1             : #pragma once
       2             : 
       3             : #include <memory>
       4             : 
       5             : #include "envoy/buffer/buffer.h"
       6             : #include "envoy/config/extension_config_provider.h"
       7             : #include "envoy/network/listen_socket.h"
       8             : #include "envoy/network/listener_filter_buffer.h"
       9             : #include "envoy/network/transport_socket.h"
      10             : #include "envoy/stream_info/stream_info.h"
      11             : #include "envoy/upstream/host_description.h"
      12             : 
      13             : #include "source/common/protobuf/protobuf.h"
      14             : 
      15             : namespace quic {
      16             : class QuicSocketAddress;
      17             : }
      18             : 
      19             : namespace Envoy {
      20             : 
      21             : namespace Event {
      22             : class Dispatcher;
      23             : }
      24             : 
      25             : namespace Network {
      26             : 
      27             : class Connection;
      28             : class ConnectionSocket;
      29             : class Socket;
      30             : class UdpListener;
      31             : struct UdpRecvData;
      32             : 
      33             : /**
      34             :  * Status codes returned by filters that can cause future filters to not get iterated to.
      35             :  */
      36             : enum class FilterStatus {
      37             :   // Continue to further filters.
      38             :   Continue,
      39             :   // Stop executing further filters.
      40             :   StopIteration
      41             : };
      42             : 
      43             : /**
      44             :  * Callbacks used by individual filter instances to communicate with the filter manager.
      45             :  */
      46             : class NetworkFilterCallbacks {
      47             : public:
      48        2262 :   virtual ~NetworkFilterCallbacks() = default;
      49             : 
      50             :   /**
      51             :    * @return the connection that owns this filter.
      52             :    */
      53             :   virtual Connection& connection() PURE;
      54             : 
      55             :   /**
      56             :    * @return Socket the socket the filter is operating on.
      57             :    */
      58             :   virtual const Socket& socket() PURE;
      59             : };
      60             : 
      61             : /**
      62             :  * Callbacks used by individual write filter instances to communicate with the filter manager.
      63             :  */
      64             : class WriteFilterCallbacks : public virtual NetworkFilterCallbacks {
      65             : public:
      66           1 :   ~WriteFilterCallbacks() override = default;
      67             : 
      68             :   /**
      69             :    * Pass data directly to subsequent filters in the filter chain. This method is used in
      70             :    * advanced cases in which a filter needs full control over how subsequent filters view data.
      71             :    * Using this method allows a filter to buffer data (or not) and then periodically inject data
      72             :    * to subsequent filters, indicating end_stream at an appropriate time.
      73             :    * This can be used to implement rate limiting, periodic data emission, etc.
      74             :    *
      75             :    * When using this callback, filters should generally move passed in buffer and return
      76             :    * FilterStatus::StopIteration from their onWrite() call, since use of this method
      77             :    * indicates that a filter does not wish to participate in a standard write flow
      78             :    * and will perform any necessary buffering and continuation on its own.
      79             :    *
      80             :    * @param data supplies the write data to be propagated directly to further filters in the filter
      81             :    *             chain.
      82             :    * @param end_stream supplies the end_stream status to be propagated directly to further filters
      83             :    *                   in the filter chain.
      84             :    */
      85             :   virtual void injectWriteDataToFilterChain(Buffer::Instance& data, bool end_stream) PURE;
      86             : };
      87             : 
      88             : /**
      89             :  * A write path binary connection filter.
      90             :  */
      91             : class WriteFilter {
      92             : public:
      93          89 :   virtual ~WriteFilter() = default;
      94             : 
      95             :   /**
      96             :    * Called when data is to be written on the connection.
      97             :    * @param data supplies the buffer to be written which may be modified.
      98             :    * @param end_stream supplies whether this is the last byte to write on the connection.
      99             :    * @return status used by the filter manager to manage further filter iteration.
     100             :    */
     101             :   virtual FilterStatus onWrite(Buffer::Instance& data, bool end_stream) PURE;
     102             : 
     103             :   /**
     104             :    * Initializes the write filter callbacks used to interact with the filter manager. It will be
     105             :    * called by the filter manager a single time when the filter is first registered. Thus, any
     106             :    * construction that requires the backing connection should take place in the context of this
     107             :    * function.
     108             :    *
     109             :    * IMPORTANT: No outbound networking or complex processing should be done in this function.
     110             :    *            That should be done in the context of ReadFilter::onNewConnection() if needed.
     111             :    *
     112             :    * @param callbacks supplies the callbacks.
     113             :    */
     114          89 :   virtual void initializeWriteFilterCallbacks(WriteFilterCallbacks&) {}
     115             : };
     116             : 
     117             : using WriteFilterSharedPtr = std::shared_ptr<WriteFilter>;
     118             : 
     119             : /**
     120             :  * Callbacks used by individual read filter instances to communicate with the filter manager.
     121             :  */
     122             : class ReadFilterCallbacks : public virtual NetworkFilterCallbacks {
     123             : public:
     124        2261 :   ~ReadFilterCallbacks() override = default;
     125             : 
     126             :   /**
     127             :    * If a read filter stopped filter iteration, continueReading() can be called to continue the
     128             :    * filter chain. The next filter will be called with all currently available data in the read
     129             :    * buffer (it will also have onNewConnection() called on it if it was not previously called).
     130             :    */
     131             :   virtual void continueReading() PURE;
     132             : 
     133             :   /**
     134             :    * Pass data directly to subsequent filters in the filter chain. This method is used in
     135             :    * advanced cases in which a filter needs full control over how subsequent filters view data,
     136             :    * and does not want to make use of connection-level buffering. Using this method allows
     137             :    * a filter to buffer data (or not) and then periodically inject data to subsequent filters,
     138             :    * indicating end_stream at an appropriate time. This can be used to implement rate limiting,
     139             :    * periodic data emission, etc.
     140             :    *
     141             :    * When using this callback, filters should generally move passed in buffer and return
     142             :    * FilterStatus::StopIteration from their onData() call, since use of this method
     143             :    * indicates that a filter does not wish to participate in standard connection-level
     144             :    * buffering and continuation and will perform any necessary buffering and continuation on its
     145             :    * own.
     146             :    *
     147             :    * This callback is different from continueReading() in that the specified data and end_stream
     148             :    * status will be propagated verbatim to further filters in the filter chain
     149             :    * (while continueReading() propagates connection-level read buffer and end_stream status).
     150             :    *
     151             :    * @param data supplies the read data to be propagated directly to further filters in the filter
     152             :    *             chain.
     153             :    * @param end_stream supplies the end_stream status to be propagated directly to further filters
     154             :    *                   in the filter chain.
     155             :    */
     156             :   virtual void injectReadDataToFilterChain(Buffer::Instance& data, bool end_stream) PURE;
     157             : 
     158             :   /**
     159             :    * Return the currently selected upstream host, if any. This can be used for communication
     160             :    * between multiple network level filters, for example the TCP proxy filter communicating its
     161             :    * selection to another filter for logging.
     162             :    */
     163             :   virtual Upstream::HostDescriptionConstSharedPtr upstreamHost() PURE;
     164             : 
     165             :   /**
     166             :    * Set the currently selected upstream host for the connection.
     167             :    */
     168             :   virtual void upstreamHost(Upstream::HostDescriptionConstSharedPtr host) PURE;
     169             : 
     170             :   /**
     171             :    * Signal to the filter manager to enable secure transport mode in upstream connection.
     172             :    * This is done when upstream connection's transport socket is of startTLS type. At the moment
     173             :    * it is the only transport socket type which can be programmatically converted from non-secure
     174             :    * mode to secure mode.
     175             :    */
     176             :   virtual bool startUpstreamSecureTransport() PURE;
     177             : };
     178             : 
     179             : /**
     180             :  * A read path binary connection filter.
     181             :  */
     182             : class ReadFilter {
     183             : public:
     184        2424 :   virtual ~ReadFilter() = default;
     185             : 
     186             :   /**
     187             :    * Called when data is read on the connection.
     188             :    * @param data supplies the read data which may be modified.
     189             :    * @param end_stream supplies whether this is the last byte on the connection. This will only
     190             :    *        be set if the connection has half-close semantics enabled.
     191             :    * @return status used by the filter manager to manage further filter iteration.
     192             :    */
     193             :   virtual FilterStatus onData(Buffer::Instance& data, bool end_stream) PURE;
     194             : 
     195             :   /**
     196             :    * Called when a connection is first established. Filters should do one time long term processing
     197             :    * that needs to be done when a connection is established. Filter chain iteration can be stopped
     198             :    * if needed.
     199             :    * @return status used by the filter manager to manage further filter iteration.
     200             :    */
     201             :   virtual FilterStatus onNewConnection() PURE;
     202             : 
     203             :   /**
     204             :    * Initializes the read filter callbacks used to interact with the filter manager. It will be
     205             :    * called by the filter manager a single time when the filter is first registered. Thus, any
     206             :    * construction that requires the backing connection should take place in the context of this
     207             :    * function.
     208             :    *
     209             :    * IMPORTANT: No outbound networking or complex processing should be done in this function.
     210             :    *            That should be done in the context of onNewConnection() if needed.
     211             :    *
     212             :    * @param callbacks supplies the callbacks.
     213             :    */
     214             :   virtual void initializeReadFilterCallbacks(ReadFilterCallbacks& callbacks) PURE;
     215             : 
     216             :   /**
     217             :    * Method is called by the filter manager to convert upstream's connection transport socket
     218             :    * from non-secure mode to secure mode. Only terminal filters are aware of upstream connection and
     219             :    * non-terminal filters should not implement startUpstreamSecureTransport.
     220             :    */
     221           0 :   virtual bool startUpstreamSecureTransport() { return false; }
     222             : };
     223             : 
     224             : using ReadFilterSharedPtr = std::shared_ptr<ReadFilter>;
     225             : 
     226             : /**
     227             :  * A combination read and write filter. This allows a single filter instance to cover
     228             :  * both the read and write paths.
     229             :  */
     230             : class Filter : public WriteFilter, public ReadFilter {};
     231             : using FilterSharedPtr = std::shared_ptr<Filter>;
     232             : 
     233             : /**
     234             :  * Interface for adding individual network filters to a manager.
     235             :  */
     236             : class FilterManager {
     237             : public:
     238        3541 :   virtual ~FilterManager() = default;
     239             : 
     240             :   /**
     241             :    * Add a write filter to the connection. Filters are invoked in LIFO order (the last added
     242             :    * filter is called first).
     243             :    */
     244             :   virtual void addWriteFilter(WriteFilterSharedPtr filter) PURE;
     245             : 
     246             :   /**
     247             :    * Add a combination filter to the connection. Equivalent to calling both addWriteFilter()
     248             :    * and addReadFilter() with the same filter instance.
     249             :    */
     250             :   virtual void addFilter(FilterSharedPtr filter) PURE;
     251             : 
     252             :   /**
     253             :    * Add a read filter to the connection. Filters are invoked in FIFO order (the filter added
     254             :    * first is called first).
     255             :    */
     256             :   virtual void addReadFilter(ReadFilterSharedPtr filter) PURE;
     257             : 
     258             :   /**
     259             :    * Remove a read filter from the connection.
     260             :    */
     261             :   virtual void removeReadFilter(ReadFilterSharedPtr filter) PURE;
     262             : 
     263             :   /**
     264             :    * Initialize all of the installed read filters. This effectively calls onNewConnection() on
     265             :    * each of them.
     266             :    * @return true if read filters were initialized successfully, otherwise false.
     267             :    */
     268             :   virtual bool initializeReadFilters() PURE;
     269             : };
     270             : 
     271             : /**
     272             :  * This function is used to wrap the creation of a network filter chain for new connections as
     273             :  * they come in. Filter factories create the lambda at configuration initialization time, and then
     274             :  * they are used at runtime.
     275             :  * @param filter_manager supplies the filter manager for the connection to install filters
     276             :  * to. Typically the function will install a single filter, but it's technically possibly to
     277             :  * install more than one if desired.
     278             :  */
     279             : using FilterFactoryCb = std::function<void(FilterManager& filter_manager)>;
     280             : 
     281             : /**
     282             :  * Callbacks used by individual listener filter instances to communicate with the listener filter
     283             :  * manager.
     284             :  */
     285             : class ListenerFilterCallbacks {
     286             : public:
     287        1510 :   virtual ~ListenerFilterCallbacks() = default;
     288             : 
     289             :   /**
     290             :    * @return ConnectionSocket the socket the filter is operating on.
     291             :    */
     292             :   virtual ConnectionSocket& socket() PURE;
     293             : 
     294             :   /**
     295             :    * @param name the namespace used in the metadata in reverse DNS format, for example:
     296             :    * envoy.test.my_filter.
     297             :    * @param value the struct to set on the namespace. A merge will be performed with new values for
     298             :    * the same key overriding existing.
     299             :    */
     300             :   virtual void setDynamicMetadata(const std::string& name, const ProtobufWkt::Struct& value) PURE;
     301             : 
     302             :   /**
     303             :    * @return const envoy::config::core::v3::Metadata& the dynamic metadata associated with this
     304             :    * connection.
     305             :    */
     306             :   virtual envoy::config::core::v3::Metadata& dynamicMetadata() PURE;
     307             :   virtual const envoy::config::core::v3::Metadata& dynamicMetadata() const PURE;
     308             : 
     309             :   /**
     310             :    * @return Object on which filters can share data on a per-request basis.
     311             :    */
     312             :   virtual StreamInfo::FilterState& filterState() PURE;
     313             : 
     314             :   /**
     315             :    * @return the Dispatcher for issuing events.
     316             :    */
     317             :   virtual Event::Dispatcher& dispatcher() PURE;
     318             : 
     319             :   /**
     320             :    * If a filter returned `FilterStatus::ContinueIteration`, `continueFilterChain(true)`
     321             :    * should be called to continue the filter chain iteration. Or `continueFilterChain(false)`
     322             :    * should be called if the filter returned `FilterStatus::StopIteration` and closed
     323             :    * the socket.
     324             :    * @param success boolean telling whether the filter execution was successful or not.
     325             :    */
     326             :   virtual void continueFilterChain(bool success) PURE;
     327             : };
     328             : 
     329             : /**
     330             :  *  Interface for a listener filter matching with incoming traffic.
     331             :  */
     332             : class ListenerFilterMatcher {
     333             : public:
     334           0 :   virtual ~ListenerFilterMatcher() = default;
     335             :   virtual bool matches(Network::ListenerFilterCallbacks& cb) const PURE;
     336             : };
     337             : using ListenerFilterMatcherPtr = std::unique_ptr<ListenerFilterMatcher>;
     338             : using ListenerFilterMatcherSharedPtr = std::shared_ptr<ListenerFilterMatcher>;
     339             : 
     340             : /**
     341             :  * TCP Listener Filter
     342             :  */
     343             : class ListenerFilter {
     344             : public:
     345         741 :   virtual ~ListenerFilter() = default;
     346             : 
     347             :   /**
     348             :    * Called when a new connection is accepted, but before a Connection is created.
     349             :    * Filter chain iteration can be stopped if need more data from the connection
     350             :    * by returning `FilterStatus::StopIteration`, or continue the filter chain iteration
     351             :    * by returning `FilterStatus::ContinueIteration`. Reject the connection by closing
     352             :    * the socket and returning `FilterStatus::StopIteration`.
     353             :    * @param cb the callbacks the filter instance can use to communicate with the filter chain.
     354             :    * @return status used by the filter manager to manage further filter iteration.
     355             :    */
     356             :   virtual FilterStatus onAccept(ListenerFilterCallbacks& cb) PURE;
     357             : 
     358             :   /**
     359             :    * Called when data is read from the connection. If the filter doesn't get
     360             :    * enough data, filter chain iteration can be stopped if needed by returning
     361             :    * `FilterStatus::StopIteration`. Or continue the filter chain iteration by returning
     362             :    * `FilterStatus::ContinueIteration` if the filter get enough data. Reject the connection
     363             :    * by closing the socket and returning `FilterStatus::StopIteration`.
     364             :    * @param buffer the buffer of data.
     365             :    * @return status used by the filter manager to manage further filter iteration.
     366             :    */
     367             :   virtual FilterStatus onData(Network::ListenerFilterBuffer& buffer) PURE;
     368             : 
     369             :   /**
     370             :    * Return the size of data the filter want to inspect from the connection.
     371             :    * The size can be increased after filter need to inspect more data.
     372             :    * @return maximum number of bytes of the data consumed by the filter. 0 means filter does not
     373             :    * need any data.
     374             :    */
     375             :   virtual size_t maxReadBytes() const PURE;
     376             : };
     377             : 
     378             : using ListenerFilterPtr = std::unique_ptr<ListenerFilter>;
     379             : 
     380             : /**
     381             :  * Interface for filter callbacks and adding listener filters to a manager.
     382             :  */
     383             : class ListenerFilterManager {
     384             : public:
     385        1315 :   virtual ~ListenerFilterManager() = default;
     386             : 
     387             :   /**
     388             :    * Add a filter to the listener. Filters are invoked in FIFO order (the filter added
     389             :    * first is called first).
     390             :    * @param listener_filter_matcher supplies the matcher to decide when filter is enabled.
     391             :    * @param filter supplies the filter being added.
     392             :    */
     393             :   virtual void addAcceptFilter(const ListenerFilterMatcherSharedPtr& listener_filter_matcher,
     394             :                                ListenerFilterPtr&& filter) PURE;
     395             : };
     396             : 
     397             : /**
     398             :  * This function is used to wrap the creation of a listener filter chain for new sockets as they are
     399             :  * created. Filter factories create the lambda at configuration initialization time, and then they
     400             :  * are used at runtime.
     401             :  * @param filter_manager supplies the filter manager for the listener to install filters to.
     402             :  * Typically the function will install a single filter, but it's technically possibly to install
     403             :  * more than one if desired.
     404             :  */
     405             : using ListenerFilterFactoryCb = std::function<void(ListenerFilterManager& filter_manager)>;
     406             : 
     407             : /**
     408             :  * QUIC Listener Filter
     409             :  */
     410             : class QuicListenerFilter {
     411             : public:
     412           0 :   virtual ~QuicListenerFilter() = default;
     413             : 
     414             :   /**
     415             :    * Called when a new connection is accepted, but before a Connection is created.
     416             :    * Filter chain iteration can be terminated if the cb shouldn't be accessed any more
     417             :    * by returning `FilterStatus::StopIteration`, or continue the filter chain iteration
     418             :    * by returning `FilterStatus::ContinueIteration`. Reject the connection by closing
     419             :    * the socket and returning `FilterStatus::StopIteration`. If `FilterStatus::StopIteration` is
     420             :    * returned, following filters' onAccept() will be skipped, but the connection creation is not
     421             :    * going to be paused. If the connection socket is closed upon connection creation, the connection
     422             :    * will be closed immediately.
     423             :    * @param cb the callbacks the filter instance can use to communicate with the filter chain.
     424             :    * @param server_preferred_addresses the server's preferred addresses to be advertised.
     425             :    * @return status used by the filter manager to manage further filter iteration.
     426             :    */
     427             :   virtual FilterStatus onAccept(ListenerFilterCallbacks& cb) PURE;
     428             : 
     429             :   /**
     430             :    * Called before connection creation.
     431             :    * @return false if the given preferred address is incomplatible with this filter and the listener
     432             :    * shouldn't advertise the given preferred address. I.e. onAccept() would have behaved differently
     433             :    * if the connection socket's destination address were the preferred address.
     434             :    */
     435             :   virtual bool isCompatibleWithServerPreferredAddress(
     436             :       const quic::QuicSocketAddress& server_preferred_address) const PURE;
     437             : 
     438             :   /**
     439             :    * Called after the peer has migrated to a different address. Check if the connection
     440             :    * migration is compatible with this listener filter. If not, close the connection and return
     441             :    * `FilterStatus::StopIteration`. An alternative approach is to disable active migration on the
     442             :    * given connection during connection creation. But peer address change is inevitable given NAT
     443             :    * rebinding is more frequent than TCP, and such passive address change is indistinguishable from
     444             :    * active migration. So there is no way to completely disable connection migration. disable client
     445             :    * connection migration.
     446             :    * @param new_address the address the peer has migrated to.
     447             :    * @param connection the connection just migrated.
     448             :    * @return status used by the filter manager to manage further filter iteration.
     449             :    */
     450             :   virtual FilterStatus onPeerAddressChanged(const quic::QuicSocketAddress& new_address,
     451             :                                             Connection& connection) PURE;
     452             : };
     453             : 
     454             : using QuicListenerFilterPtr = std::unique_ptr<QuicListenerFilter>;
     455             : 
     456             : /**
     457             :  * Interface for filter callbacks and adding listener filters to a manager.
     458             :  */
     459             : class QuicListenerFilterManager {
     460             : public:
     461           0 :   virtual ~QuicListenerFilterManager() = default;
     462             : 
     463             :   /**
     464             :    * Add a filter to the listener. Filters are invoked in FIFO order (the filter added
     465             :    * first is called first).
     466             :    * @param listener_filter_matcher supplies the matcher to decide when filter is enabled.
     467             :    * @param filter supplies the filter being added.
     468             :    */
     469             :   virtual void addFilter(const ListenerFilterMatcherSharedPtr& listener_filter_matcher,
     470             :                          QuicListenerFilterPtr&& filter) PURE;
     471             : 
     472             :   virtual bool shouldAdvertiseServerPreferredAddress(
     473             :       const quic::QuicSocketAddress& server_preferred_address) const PURE;
     474             : 
     475             :   virtual void onPeerAddressChanged(const quic::QuicSocketAddress& new_address,
     476             :                                     Connection& connection) PURE;
     477             : };
     478             : 
     479             : /**
     480             :  * This function is used to wrap the creation of a QUIC listener filter chain for new connections.
     481             :  * Filter factories create the lambda at configuration initialization time, and then they are used
     482             :  * at runtime.
     483             :  * @param filter_manager supplies the filter manager for the listener to install filters to.
     484             :  * Typically the function will install a single filter, but it's technically possibly to install
     485             :  * more than one if desired.
     486             :  */
     487             : using QuicListenerFilterFactoryCb = std::function<void(QuicListenerFilterManager& filter_manager)>;
     488             : 
     489             : template <class FactoryCb>
     490             : using FilterConfigProvider = Envoy::Config::ExtensionConfigProvider<FactoryCb>;
     491             : 
     492             : template <class FactoryCb>
     493             : using FilterConfigProviderPtr = std::unique_ptr<FilterConfigProvider<FactoryCb>>;
     494             : 
     495             : using NetworkFilterFactoriesList = std::vector<FilterConfigProviderPtr<FilterFactoryCb>>;
     496             : 
     497             : /**
     498             :  * Interface representing a single filter chain.
     499             :  */
     500             : class FilterChain {
     501             : public:
     502         680 :   virtual ~FilterChain() = default;
     503             : 
     504             :   /**
     505             :    * @return const TransportSocketFactory& a transport socket factory to be used by the new
     506             :    * connection.
     507             :    */
     508             :   virtual const DownstreamTransportSocketFactory& transportSocketFactory() const PURE;
     509             : 
     510             :   /**
     511             :    * @return std::chrono::milliseconds the amount of time to wait for the transport socket to report
     512             :    * that a connection has been established. If the timeout is reached, the connection is closed. 0
     513             :    * specifies a disabled timeout.
     514             :    */
     515             :   virtual std::chrono::milliseconds transportSocketConnectTimeout() const PURE;
     516             : 
     517             :   /**
     518             :    * @return const Filter::NetworkFilterFactoriesList& a list of filter factory providers to be
     519             :    * used by the new connection.
     520             :    */
     521             :   virtual const NetworkFilterFactoriesList& networkFilterFactories() const PURE;
     522             : 
     523             :   /**
     524             :    * @return the name of this filter chain.
     525             :    */
     526             :   virtual absl::string_view name() const PURE;
     527             : };
     528             : 
     529             : using FilterChainSharedPtr = std::shared_ptr<FilterChain>;
     530             : 
     531             : /**
     532             :  * A filter chain that can be drained.
     533             :  */
     534             : class DrainableFilterChain : public FilterChain {
     535             : public:
     536             :   virtual void startDraining() PURE;
     537             : };
     538             : 
     539             : using DrainableFilterChainSharedPtr = std::shared_ptr<DrainableFilterChain>;
     540             : 
     541             : /**
     542             :  * Interface for searching through configured filter chains.
     543             :  */
     544             : class FilterChainManager {
     545             : public:
     546         683 :   virtual ~FilterChainManager() = default;
     547             : 
     548             :   /**
     549             :    * Find filter chain that's matching metadata from the new connection.
     550             :    * @param socket supplies connection metadata that's going to be used for the filter chain lookup.
     551             :    * @param info supplies the dynamic metadata and the filter state populated by the listener
     552             :    * filters.
     553             :    * @return const FilterChain* filter chain to be used by the new connection,
     554             :    *         nullptr if no matching filter chain was found.
     555             :    */
     556             :   virtual const FilterChain* findFilterChain(const ConnectionSocket& socket,
     557             :                                              const StreamInfo::StreamInfo& info) const PURE;
     558             : };
     559             : 
     560             : /**
     561             :  * Callbacks used by individual UDP listener read filter instances to communicate with the filter
     562             :  * manager.
     563             :  */
     564             : class UdpReadFilterCallbacks {
     565             : public:
     566           0 :   virtual ~UdpReadFilterCallbacks() = default;
     567             : 
     568             :   /**
     569             :    * @return the udp listener that owns this read filter.
     570             :    */
     571             :   virtual UdpListener& udpListener() PURE;
     572             : };
     573             : 
     574             : /**
     575             :  * UDP Listener Read Filter
     576             :  */
     577             : class UdpListenerReadFilter {
     578             : public:
     579           0 :   virtual ~UdpListenerReadFilter() = default;
     580             : 
     581             :   /**
     582             :    * Called when a new data packet is received on a UDP listener.
     583             :    * @param data supplies the read data which may be modified.
     584             :    * @return status used by the filter manager to manage further filter iteration.
     585             :    */
     586             :   virtual FilterStatus onData(UdpRecvData& data) PURE;
     587             : 
     588             :   /**
     589             :    * Called when there is an error event in the receive data path.
     590             :    *
     591             :    * @param error_code supplies the received error on the listener.
     592             :    * @return status used by the filter manager to manage further filter iteration.
     593             :    */
     594             :   virtual FilterStatus onReceiveError(Api::IoError::IoErrorCode error_code) PURE;
     595             : 
     596             : protected:
     597             :   /**
     598             :    * @param callbacks supplies the read filter callbacks used to interact with the filter manager.
     599             :    */
     600           0 :   UdpListenerReadFilter(UdpReadFilterCallbacks& callbacks) : read_callbacks_(&callbacks) {}
     601             : 
     602             :   UdpReadFilterCallbacks* read_callbacks_{};
     603             : };
     604             : 
     605             : using UdpListenerReadFilterPtr = std::unique_ptr<UdpListenerReadFilter>;
     606             : 
     607             : /**
     608             :  * Interface for adding UDP listener filters to a manager.
     609             :  */
     610             : class UdpListenerFilterManager {
     611             : public:
     612           0 :   virtual ~UdpListenerFilterManager() = default;
     613             : 
     614             :   /**
     615             :    * Add a read filter to the udp listener. Filters are invoked in FIFO order (the
     616             :    * filter added first is called first).
     617             :    * @param filter supplies the filter being added.
     618             :    */
     619             :   virtual void addReadFilter(UdpListenerReadFilterPtr&& filter) PURE;
     620             : };
     621             : 
     622             : using UdpListenerFilterFactoryCb = std::function<void(
     623             :     UdpListenerFilterManager& udp_listener_filter_manager, UdpReadFilterCallbacks& callbacks)>;
     624             : 
     625             : /**
     626             :  * Creates a chain of network filters for a new connection.
     627             :  */
     628             : class FilterChainFactory {
     629             : public:
     630         687 :   virtual ~FilterChainFactory() = default;
     631             : 
     632             :   /**
     633             :    * Called to create the network filter chain.
     634             :    * @param connection supplies the connection to create the chain on.
     635             :    * @param filter_factories supplies a list of filter factories to create the chain from.
     636             :    * @return true if filter chain was created successfully. Otherwise
     637             :    *   false, e.g. filter chain is empty.
     638             :    */
     639             :   virtual bool createNetworkFilterChain(Connection& connection,
     640             :                                         const NetworkFilterFactoriesList& filter_factories) PURE;
     641             : 
     642             :   /**
     643             :    * Called to create the listener filter chain.
     644             :    * @param listener supplies the listener to create the chain on.
     645             :    * @return true if filter chain was created successfully. Otherwise false.
     646             :    */
     647             :   virtual bool createListenerFilterChain(ListenerFilterManager& listener) PURE;
     648             : 
     649             :   /**
     650             :    * Called to create a Udp Listener Filter Chain object
     651             :    *
     652             :    * @param udp_listener supplies the listener to create the chain on.
     653             :    * @param callbacks supplies the callbacks needed to create a filter.
     654             :    */
     655             :   virtual void createUdpListenerFilterChain(UdpListenerFilterManager& udp_listener,
     656             :                                             UdpReadFilterCallbacks& callbacks) PURE;
     657             : 
     658             :   /**
     659             :    * Called to create the QUIC listener filter chain.
     660             :    * @param manager supplies the filter manager to create the chain on.
     661             :    * @return true if filter chain was created successfully. Otherwise false.
     662             :    */
     663             :   virtual bool createQuicListenerFilterChain(QuicListenerFilterManager& manager) PURE;
     664             : };
     665             : 
     666             : /**
     667             :  * Network filter matching context data for unified matchers.
     668             :  */
     669             : class MatchingData {
     670             : public:
     671          40 :   static absl::string_view name() { return "network"; }
     672             : 
     673           0 :   virtual ~MatchingData() = default;
     674             : 
     675             :   virtual const ConnectionSocket& socket() const PURE;
     676             :   virtual const StreamInfo::FilterState& filterState() const PURE;
     677             :   virtual const envoy::config::core::v3::Metadata& dynamicMetadata() const PURE;
     678             : 
     679           0 :   const ConnectionInfoProvider& connectionInfoProvider() const {
     680           0 :     return socket().connectionInfoProvider();
     681           0 :   }
     682             : 
     683           0 :   const Address::Instance& localAddress() const { return *connectionInfoProvider().localAddress(); }
     684             : 
     685           0 :   const Address::Instance& remoteAddress() const {
     686           0 :     return *connectionInfoProvider().remoteAddress();
     687           0 :   }
     688             : 
     689           0 :   Ssl::ConnectionInfoConstSharedPtr ssl() const { return connectionInfoProvider().sslConnection(); }
     690             : };
     691             : 
     692             : /**
     693             :  * UDP listener filter matching context data for unified matchers.
     694             :  */
     695             : class UdpMatchingData {
     696             : public:
     697          10 :   static absl::string_view name() { return "network"; }
     698             : 
     699           0 :   virtual ~UdpMatchingData() = default;
     700             : 
     701             :   virtual const Address::Instance& localAddress() const PURE;
     702             :   virtual const Address::Instance& remoteAddress() const PURE;
     703             : };
     704             : 
     705             : } // namespace Network
     706             : } // namespace Envoy

Generated by: LCOV version 1.15