few updates

Signed-off-by: adisos <[email protected]>

README.md

@@ -17,7 +17,7 @@ A collection of Golang packages with models for cartesian products and network r
     * `HashSet` - A generic `Set` for storing any Hashable.
     * `MultiMap` - A map for mapping any Hashable key to a set of Hashable values.
     * `ProductLeft` - A `Product` of two sets, implemented using a map where each key-values pair represents the cartesian product of the two sets.
-    * `LeftTripleSet`, RightTripleSet, OuterTripleSet - `TripleSet` implementations.
+    * `LeftTripleSet`, `RightTripleSet`, `OuterTripleSet` - `TripleSet` implementations.
     * `DisjointSum` - A sum type for two tagged sets.
 * **interval** - Interval-related data structures.
     * `Interval` - A simple interval data structure.
@@ -31,11 +31,13 @@ A collection of Golang packages with models for cartesian products and network r
   * `PortSet` - A set of ports. Implemented using an IntervalSet.
   * `ProtocolSet` - Whether the protocol is TCP or UDP. Implemented using IntervalSet.
   * `TCPUDPSet` - `TripleSet[*ProtocolSet, *PortSet, *PortSet]`.
-  * `ICMPSet` - accurately tracking set of ICMP types and code pairs. Implemented using a bitset.
-  * `TransportSet` - either ICMP or TCPUDP set. Implemented as `Disjoint[*TCPUDPSet, *ICMPSet]`.
+  * `RFCICMPSet` - accurately tracking set of ICMP types and code pairs. Implemented using a bitset.
+  * `TypeSet` - ICMP types set. Implemented using an IntervalSet.
+  * `CodeSet` ICMP codes set. Implemented using an IntervalSet.
+  * `ICMPSet` - ICMP types and code pairs, implemented as `Product[*TypeSet, *CodeSet]`.
+  * `TransportSet` - either ICMPSet or TCPUDP set. Implemented as `Disjoint[*TCPUDPSet, *ICMPSet]`.
   * `IPBlock` - A set of IP addresses. Implemented using IntervalSet.
-  * `ConnectionSet` - `TripleSet[*IPBlock, *IPBlock, *TransportSet]`.
-* **connection** - `Set` as Alias for `TransportSet`.
+  * `EndpointsTrafficSet` - `TripleSet[*IPBlock, *IPBlock, *TransportSet]`.
 * **spec** - A collection of structs for defining required connectivity. Automatically generated from a JSON schema (see below).
 
 ## Code generation

pkg/netset/netset.go

@@ -10,5 +10,5 @@ SPDX-License-Identifier: Apache-2.0
 // TCPUDPSet - captures sets of protocols (within TCP,UDP only) and ports (source and destination)
 // ICMPSet - captures sets of type,code values for ICMP protocol
 // TransportSet - captures union of elements from TCPUDPSet, ICMPSet
-// EndpointsTrafficSet - captures a set of traffic attribute for tuples of (source IP range, desination IP range, TransportSet)
+// EndpointsTrafficSet - captures a set of traffic attribute for tuples of (source IP range, destination IP range, TransportSet)
 package netset

pkg/netset/trafficset.go

@@ -20,8 +20,8 @@ type EndpointsTrafficSet struct {
 	props ds.TripleSet[*IPBlock, *IPBlock, *TransportSet]
 }
 
-// NewEndpointsTrafficSet returns an empty EndpointsTrafficSet
-func NewEndpointsTrafficSet() *EndpointsTrafficSet {
+// EmptyEndpointsTrafficSet returns an empty EndpointsTrafficSet
+func EmptyEndpointsTrafficSet() *EndpointsTrafficSet {
 	return &EndpointsTrafficSet{props: ds.NewLeftTripleSet[*IPBlock, *IPBlock, *TransportSet]()}
 }
 
@@ -76,9 +76,9 @@ func (c *EndpointsTrafficSet) IsSubset(other *EndpointsTrafficSet) bool {
 	return c.props.IsSubset(other.props)
 }
 
-// EndpointsTrafficSetFrom returns a new EndpointsTrafficSet object from input src, dst IP-ranges sets ands
+// NewEndpointsTrafficSet returns a new EndpointsTrafficSet object from input src, dst IP-ranges sets ands
 // TransportSet connections
-func EndpointsTrafficSetFrom(src, dst *IPBlock, conn *TransportSet) *EndpointsTrafficSet {
+func NewEndpointsTrafficSet(src, dst *IPBlock, conn *TransportSet) *EndpointsTrafficSet {
 	return &EndpointsTrafficSet{props: ds.CartesianLeftTriple(src, dst, conn)}
 }
 

pkg/netset/trafficset_test.go

@@ -29,17 +29,17 @@ func TestConnectionSetBasicOperations(t *testing.T) {
 	rightHalfCidr1, _ := netset.IPBlockFromCidr("10.240.10.128/25")
 
 	// relevant connection set objects
-	conn1 := netset.EndpointsTrafficSetFrom(cidr1, cidr2, netset.AllTCPSetTransport())           // conns from cidr1 to cidr2 over all TCP
-	conn2 := netset.EndpointsTrafficSetFrom(cidr1, cidr1MinusCidr2, netset.AllTCPSetTransport()) // conns from cidr1 to cidr1MinusCidr2 over all TCP
-	conn3 := netset.EndpointsTrafficSetFrom(cidr1, cidr1, netset.AllTCPSetTransport())           // conns from cidr1 to cidr1 over all TCP
+	conn1 := netset.NewEndpointsTrafficSet(cidr1, cidr2, netset.AllTCPTransport())           // conns from cidr1 to cidr2 over all TCP
+	conn2 := netset.NewEndpointsTrafficSet(cidr1, cidr1MinusCidr2, netset.AllTCPTransport()) // conns from cidr1 to cidr1MinusCidr2 over all TCP
+	conn3 := netset.NewEndpointsTrafficSet(cidr1, cidr1, netset.AllTCPTransport())           // conns from cidr1 to cidr1 over all TCP
 
 	// basic union & Equal test
 	unionConn := conn1.Union(conn2)
 	require.True(t, unionConn.Equal(conn3)) // union of dest dimension (src and conn dimensions are common)
 	require.True(t, conn3.Equal(unionConn))
 
 	// basic subtract & Equal test
-	conn4 := netset.EndpointsTrafficSetFrom(cidr1, cidr1MinusCidr2, netset.AllTransportSet())
+	conn4 := netset.NewEndpointsTrafficSet(cidr1, cidr1MinusCidr2, netset.AllTransports())
 	subtractionRes := conn3.Subtract(conn4) // removes all connections over (src1, dst2) from conn3
 	require.True(t, subtractionRes.Equal(conn1))
 	require.True(t, conn1.Equal(subtractionRes))
@@ -52,38 +52,38 @@ func TestConnectionSetBasicOperations(t *testing.T) {
 
 	// basic IsEmpty test
 	require.False(t, conn1.IsEmpty())
-	require.True(t, netset.NewEndpointsTrafficSet().IsEmpty())
+	require.True(t, netset.EmptyEndpointsTrafficSet().IsEmpty())
 
 	// demonstrate split in allowed connections for dest dimension, to be reflected in partitions
-	conn5 := netset.EndpointsTrafficSetFrom(cidr1, subsetOfCidr1MinusCidr2, netset.AllICMPTransport())
+	conn5 := netset.NewEndpointsTrafficSet(cidr1, subsetOfCidr1MinusCidr2, netset.AllICMPTransport())
 	conn5UnionConn2 := conn5.Union(conn2) // for certain dest- icmp+tcp, and for remaining dest- only tcp [common src for both]
 	require.Equal(t, 2, len(conn5UnionConn2.Partitions()))
 
 	// other operations on other objects, to get equiv object of conn5UnionConn2:
-	tcpAndICMP := netset.AllTCPSetTransport().Union(netset.AllICMPTransport())
-	conn6 := netset.EndpointsTrafficSetFrom(cidr1, cidr1MinusCidr2, tcpAndICMP)
+	tcpAndICMP := netset.AllTCPTransport().Union(netset.AllICMPTransport())
+	conn6 := netset.NewEndpointsTrafficSet(cidr1, cidr1MinusCidr2, tcpAndICMP)
 	deltaCidrs := cidr1MinusCidr2.Subtract(subsetOfCidr1MinusCidr2)
-	conn7 := netset.EndpointsTrafficSetFrom(cidr1, deltaCidrs, netset.AllICMPTransport())
+	conn7 := netset.NewEndpointsTrafficSet(cidr1, deltaCidrs, netset.AllICMPTransport())
 	conn8 := conn6.Subtract(conn7)
 	require.True(t, conn8.Equal(conn5UnionConn2))
 
 	// add udp to tcpAndICMP => check it is All()
-	conn9 := netset.EndpointsTrafficSetFrom(cidr1, cidr1MinusCidr2, netset.AllUDPSetTransport())
-	conn10 := netset.EndpointsTrafficSetFrom(cidr1, cidr1MinusCidr2, netset.AllTransportSet())
+	conn9 := netset.NewEndpointsTrafficSet(cidr1, cidr1MinusCidr2, netset.AllUDPTransport())
+	conn10 := netset.NewEndpointsTrafficSet(cidr1, cidr1MinusCidr2, netset.AllTransports())
 	conn9UnionConn6 := conn9.Union(conn6)
 	require.True(t, conn10.Equal(conn9UnionConn6))
 
 	// demonstrate split in allowed connections for src dimensions, to be reflected in partitions
 	// starting from conn8
 	udp53 := netset.NewUDPTransport(netp.MinPort, netp.MaxPort, 53, 53)
-	conn11 := netset.EndpointsTrafficSetFrom(leftHalfCidr1, subsetOfCidr1MinusCidr2, udp53)
+	conn11 := netset.NewEndpointsTrafficSet(leftHalfCidr1, subsetOfCidr1MinusCidr2, udp53)
 	conn12 := conn11.Union(conn8)
 
 	// another way to produce obj equiv to conn12 :
-	conn13 := netset.EndpointsTrafficSetFrom(leftHalfCidr1, subsetOfCidr1MinusCidr2, tcpAndICMP.Union(udp53))
-	conn14 := netset.EndpointsTrafficSetFrom(leftHalfCidr1, cidr1MinusCidr2, netset.AllTCPSetTransport())
-	conn15 := netset.EndpointsTrafficSetFrom(rightHalfCidr1, subsetOfCidr1MinusCidr2, tcpAndICMP)
-	conn16 := netset.EndpointsTrafficSetFrom(rightHalfCidr1, cidr1MinusCidr2, netset.AllTCPSetTransport())
+	conn13 := netset.NewEndpointsTrafficSet(leftHalfCidr1, subsetOfCidr1MinusCidr2, tcpAndICMP.Union(udp53))
+	conn14 := netset.NewEndpointsTrafficSet(leftHalfCidr1, cidr1MinusCidr2, netset.AllTCPTransport())
+	conn15 := netset.NewEndpointsTrafficSet(rightHalfCidr1, subsetOfCidr1MinusCidr2, tcpAndICMP)
+	conn16 := netset.NewEndpointsTrafficSet(rightHalfCidr1, cidr1MinusCidr2, netset.AllTCPTransport())
 	conn17 := (conn13.Union(conn14)).Union(conn15.Union(conn16))
 	require.True(t, conn12.Equal(conn17))
 

pkg/netset/transportset.go

@@ -14,8 +14,6 @@ import (
 	"github.com/np-guard/models/pkg/netp"
 )
 
-// type connection.Set is an alias for netset.TransportSet
-
 // TransportSet captures connection-sets for protocols from {TCP, UDP, ICMP}
 type TransportSet struct {
 	set *ds.Disjoint[*TCPUDPSet, *ICMPSet]
@@ -52,13 +50,13 @@ func AllICMPTransport() *TransportSet {
 	return AllOrNothingTransport(false, true)
 }
 
-// AllTCPSetTransport returns a set of connections containing the TCP protocol with all its possible ports
-func AllTCPSetTransport() *TransportSet {
+// AllTCPTransport returns a set of connections containing the TCP protocol with all its possible ports
+func AllTCPTransport() *TransportSet {
 	return AllTCPorUDPTransport(netp.ProtocolStringTCP)
 }
 
-// AllUDPSetTransport returns a set of connections containing the UDP protocol with all its possible ports
-func AllUDPSetTransport() *TransportSet {
+// AllUDPTransport returns a set of connections containing the UDP protocol with all its possible ports
+func AllUDPTransport() *TransportSet {
 	return AllTCPorUDPTransport(netp.ProtocolStringUDP)
 }
 
@@ -78,11 +76,11 @@ func AllOrNothingTransport(allTcpudp, allIcmp bool) *TransportSet {
 	return &TransportSet{ds.NewDisjoint(tcpudp, icmp)}
 }
 
-func AllTransportSet() *TransportSet {
+func AllTransports() *TransportSet {
 	return AllOrNothingTransport(true, true)
 }
 
-func EmptyTransportSet() *TransportSet {
+func NoTransports() *TransportSet {
 	return AllOrNothingTransport(false, false)
 }
 
@@ -115,7 +113,7 @@ func (t *TransportSet) IsEmpty() bool {
 }
 
 func (t *TransportSet) IsAll() bool {
-	return t.Equal(AllTransportSet())
+	return t.Equal(AllTransports())
 }
 
 func (t *TransportSet) Size() int {

pkg/netset/transportset_test.go

@@ -19,7 +19,7 @@ import (
 const ICMPValue = netp.DestinationUnreachable
 
 func TestAllConnectionsTransportSet(t *testing.T) {
-	c := netset.AllTransportSet()
+	c := netset.AllTransports()
 	// String
 	require.Equal(t, netset.AllConnections, c.String())
 	// IsAll
@@ -69,7 +69,7 @@ func TestBasicSetTCPTransportSet(t *testing.T) {
 	fmt.Println(e)
 	require.Equal(t, "TCP", e.String())
 
-	c := netset.AllTransportSet().Subtract(e)
+	c := netset.AllTransports().Subtract(e)
 	fmt.Println(c)
 	require.Equal(t, "ICMP,UDP", c.String())
 
@@ -81,7 +81,7 @@ func TestBasicSet2TransportSet(t *testing.T) {
 	except1 := netset.NewICMPTransport(ICMPValue, ICMPValue, 5, 5)
 	except2 := netset.NewTCPorUDPTransport(netp.ProtocolStringTCP, 1, 65535, 1, 65535)
 
-	d := netset.AllTransportSet().Subtract(except1).Subtract(except2)
+	d := netset.AllTransports().Subtract(except1).Subtract(except2)
 	fmt.Println(d) // ICMP type: 0-2,4-254 | ICMP type: 3 code: 0-4,6-255;UDP
 
 	require.Equal(t, 2, len(d.ICMPSet().Partitions()))
@@ -102,6 +102,6 @@ func TestBasicSet2TransportSet(t *testing.T) {
 
 func TestBasicSet3TransportSet(t *testing.T) {
 	c := netset.NewICMPTransport(ICMPValue, ICMPValue, 5, 5)
-	d := netset.AllTransportSet().Subtract(c).Union(netset.NewICMPTransport(ICMPValue, ICMPValue, 5, 5))
+	d := netset.AllTransports().Subtract(c).Union(netset.NewICMPTransport(ICMPValue, ICMPValue, 5, 5))
 	require.Equal(t, netset.AllConnections, d.String())
 }