Documentation ¶
Index ¶
- Constants
- func IsIPv6Protocol(protocol Protocol) bool
- func Lock(lockFilePath string, timeout time.Duration) (func() error, error)
- func MakeChainLine(chain string) string
- type Client
- func (c *Client) AppendRule(protocol Protocol, table string, chain string, ruleSpec []string) error
- func (c *Client) ChainExists(protocol Protocol, table string, chain string) (bool, error)
- func (c *Client) DeleteChain(protocol Protocol, table string, chain string) error
- func (c *Client) DeleteRule(protocol Protocol, table string, chain string, ruleSpec []string) error
- func (c *Client) EnsureChain(protocol Protocol, table string, chain string) error
- func (c *Client) InsertRule(protocol Protocol, table string, chain string, ruleSpec []string) error
- func (c *Client) ListRules(table string, chain string) ([]string, error)
- func (c *Client) Restore(data string, flush bool, useIPv6 bool) error
- func (c *Client) Save() ([]byte, error)
- type IPTablesRule
- type IPTablesRuleBuilder
- type Interface
- type Protocol
Constants ¶
View Source
const ( NATTable = "nat" FilterTable = "filter" MangleTable = "mangle" RawTable = "raw" AcceptTarget = "ACCEPT" DropTarget = "DROP" MasqueradeTarget = "MASQUERADE" MarkTarget = "MARK" ReturnTarget = "RETURN" ConnTrackTarget = "CT" NoTrackTarget = "NOTRACK" SNATTarget = "SNAT" DNATTarget = "DNAT" RejectTarget = "REJECT" PreRoutingChain = "PREROUTING" InputChain = "INPUT" ForwardChain = "FORWARD" PostRoutingChain = "POSTROUTING" OutputChain = "OUTPUT" )
View Source
const ( ProtocolTCP = "tcp" ProtocolUDP = "udp" ProtocolSCTP = "sctp" ProtocolICMP = "icmp" ProtocolICMPv6 = "icmp6" )
View Source
const (
XtablesLockFilePath = "/var/run/xtables.lock"
)
Variables ¶
This section is empty.
Functions ¶
func IsIPv6Protocol ¶ added in v1.15.0
func Lock ¶
Lock acquires the provided file lock. It's thread-safe. It will block until the lock is acquired or the timeout is reached.
func MakeChainLine ¶
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func (*Client) AppendRule ¶ added in v1.2.1
AppendRule checks if target rule already exists with the protocol, appends it if not.
func (*Client) ChainExists ¶
ChainExists checks if target chain already exists in a table
func (*Client) DeleteChain ¶
DeleteChain deletes all rules from a chain in a table and then delete the chain.
func (*Client) DeleteRule ¶
DeleteRule checks if target rule already exists, deletes the rule if found.
func (*Client) EnsureChain ¶
EnsureChain checks if target chain already exists, creates it if not.
func (*Client) InsertRule ¶
InsertRule checks if target rule already exists, inserts it at the beginning of the chain if not.
type IPTablesRule ¶ added in v1.15.0
type IPTablesRule interface {
GetRule() string
}
type IPTablesRuleBuilder ¶ added in v1.15.0
type IPTablesRuleBuilder interface { MatchCIDRSrc(cidr string) IPTablesRuleBuilder MatchCIDRDst(cidr string) IPTablesRuleBuilder MatchIPSetSrc(ipset string) IPTablesRuleBuilder MatchIPSetDst(ipset string) IPTablesRuleBuilder MatchTransProtocol(protocol string) IPTablesRuleBuilder MatchDstPort(port *intstr.IntOrString, endPort *int32) IPTablesRuleBuilder MatchSrcPort(port, endPort *int32) IPTablesRuleBuilder MatchICMP(icmpType, icmpCode *int32, ipProtocol Protocol) IPTablesRuleBuilder MatchEstablishedOrRelated() IPTablesRuleBuilder MatchInputInterface(interfaceName string) IPTablesRuleBuilder MatchOutputInterface(interfaceName string) IPTablesRuleBuilder SetTarget(target string) IPTablesRuleBuilder SetComment(comment string) IPTablesRuleBuilder CopyBuilder() IPTablesRuleBuilder Done() IPTablesRule }
func NewRuleBuilder ¶ added in v1.15.0
func NewRuleBuilder(chain string) IPTablesRuleBuilder
type Interface ¶ added in v1.7.3
type Interface interface { EnsureChain(protocol Protocol, table string, chain string) error ChainExists(protocol Protocol, table string, chain string) (bool, error) AppendRule(protocol Protocol, table string, chain string, ruleSpec []string) error InsertRule(protocol Protocol, table string, chain string, ruleSpec []string) error DeleteRule(protocol Protocol, table string, chain string, ruleSpec []string) error DeleteChain(protocol Protocol, table string, chain string) error ListRules(table string, chain string) ([]string, error) Restore(data string, flush bool, useIPv6 bool) error Save() ([]byte, error) }
Click to show internal directories.
Click to hide internal directories.