iptables

package

v1.10.1 Latest Latest Go to latest Published: May 29, 2023 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/antrea-io/antrea

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
func Lock(lockFilePath string, timeout time.Duration) (func() error, error)
func MakeChainLine(chain string) string
type Client
- func New(enableIPV4, enableIPV6 bool) (*Client, error)
type Interface
type Protocol
- func (p Protocol) String() string

Constants ¶

View Source

const (
	NATTable    = "nat"
	FilterTable = "filter"
	MangleTable = "mangle"
	RawTable    = "raw"

	AcceptTarget     = "ACCEPT"
	DROPTarget       = "DROP"
	MasqueradeTarget = "MASQUERADE"
	MarkTarget       = "MARK"
	ReturnTarget     = "RETURN"
	ConnTrackTarget  = "CT"
	NoTrackTarget    = "NOTRACK"
	SNATTarget       = "SNAT"
	DNATTarget       = "DNAT"

	PreRoutingChain  = "PREROUTING"
	ForwardChain     = "FORWARD"
	PostRoutingChain = "POSTROUTING"
	OutputChain      = "OUTPUT"
)

View Source

const (
	XtablesLockFilePath = "/var/run/xtables.lock"
)

Variables ¶

This section is empty.

Functions ¶

func Lock ¶

func Lock(lockFilePath string, timeout time.Duration) (func() error, error)

Lock acquires the provided file lock. It's thread-safe. It will block until the lock is acquired or the timeout is reached.

func MakeChainLine ¶

func MakeChainLine(chain string) string

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

func New ¶

func New(enableIPV4, enableIPV6 bool) (*Client, error)

func (*Client) AppendRule ¶ added in v1.2.1

func (c *Client) AppendRule(protocol Protocol, table string, chain string, ruleSpec []string) error

AppendRule checks if target rule already exists with the protocol, appends it if not.

func (*Client) ChainExists ¶

func (c *Client) ChainExists(protocol Protocol, table string, chain string) (bool, error)

ChainExists checks if target chain already exists in a table

func (*Client) DeleteChain ¶

func (c *Client) DeleteChain(protocol Protocol, table string, chain string) error

DeleteChain deletes all rules from a chain in a table and then delete the chain.

func (*Client) DeleteRule ¶

func (c *Client) DeleteRule(protocol Protocol, table string, chain string, ruleSpec []string) error

DeleteRule checks if target rule already exists, deletes the rule if found.

func (*Client) EnsureChain ¶

func (c *Client) EnsureChain(protocol Protocol, table string, chain string) error

EnsureChain checks if target chain already exists, creates it if not.

func (*Client) InsertRule ¶

func (c *Client) InsertRule(protocol Protocol, table string, chain string, ruleSpec []string) error

InsertRule checks if target rule already exists, inserts it at the beginning of the chain if not.

func (*Client) ListRules ¶

func (c *Client) ListRules(table string, chain string) ([]string, error)

ListRules lists all rules from a chain in a table.

func (*Client) Restore ¶

func (c *Client) Restore(data string, flush bool, useIPv6 bool) error

Restore calls iptable-restore to restore iptables with the provided content. If flush is true, all previous contents of the respective tables will be flushed. Otherwise only involved chains will be flushed. Restore supports "ip6tables-restore" for IPv6.

func (*Client) Save ¶

func (c *Client) Save() ([]byte, error)

Save calls iptables-saves to dump chains and tables in iptables.

type Interface ¶ added in v1.7.3

type Interface interface {
	EnsureChain(protocol Protocol, table string, chain string) error

	ChainExists(protocol Protocol, table string, chain string) (bool, error)

	AppendRule(protocol Protocol, table string, chain string, ruleSpec []string) error

	InsertRule(protocol Protocol, table string, chain string, ruleSpec []string) error

	DeleteRule(protocol Protocol, table string, chain string, ruleSpec []string) error

	DeleteChain(protocol Protocol, table string, chain string) error

	ListRules(table string, chain string) ([]string, error)

	Restore(data string, flush bool, useIPv6 bool) error

	Save() ([]byte, error)
}

type Protocol ¶

type Protocol byte

const (
	ProtocolDual Protocol = iota
	ProtocolIPv4
	ProtocolIPv6
)

func (Protocol) String ¶ added in v1.2.1

func (p Protocol) String() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
testing Package testing is a generated GoMock package.	Package testing is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL