iptables

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 6, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	NATTable    = "nat"
	FilterTable = "filter"
	MangleTable = "mangle"
	RawTable    = "raw"

	AcceptTarget     = "ACCEPT"
	MasqueradeTarget = "MASQUERADE"
	MarkTarget       = "MARK"
	ConnTrackTarget  = "CT"
	NoTrackTarget    = "NOTRACK"
	SNATTarget       = "SNAT"

	PreRoutingChain  = "PREROUTING"
	ForwardChain     = "FORWARD"
	PostRoutingChain = "POSTROUTING"
	OutputChain      = "OUTPUT"
)
View Source
const (
	XtablesLockFilePath = "/var/run/xtables.lock"
)

Variables

This section is empty.

Functions

func Lock

func Lock(lockFilePath string, timeout time.Duration) (func() error, error)

Lock acquires the provided file lock. It's thread-safe. It will block until the lock is acquired or the timeout is reached.

func MakeChainLine

func MakeChainLine(chain string) string

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

func New

func New(enableIPV4, enableIPV6 bool) (*Client, error)

func (*Client) AppendRule added in v1.2.1

func (c *Client) AppendRule(protocol Protocol, table string, chain string, ruleSpec []string) error

AppendRule checks if target rule already exists with the protocol, appends it if not.

func (*Client) ChainExists

func (c *Client) ChainExists(protocol Protocol, table string, chain string) (bool, error)

ChainExists checks if target chain already exists in a table

func (*Client) DeleteChain

func (c *Client) DeleteChain(protocol Protocol, table string, chain string) error

DeleteChain deletes all rules from a chain in a table and then delete the chain.

func (*Client) DeleteRule

func (c *Client) DeleteRule(protocol Protocol, table string, chain string, ruleSpec []string) error

DeleteRule checks if target rule already exists, deletes the rule if found.

func (*Client) EnsureChain

func (c *Client) EnsureChain(protocol Protocol, table string, chain string) error

EnsureChain checks if target chain already exists, creates it if not.

func (*Client) InsertRule

func (c *Client) InsertRule(protocol Protocol, table string, chain string, ruleSpec []string) error

InsertRule checks if target rule already exists, inserts it if not.

func (*Client) ListRules

func (c *Client) ListRules(table string, chain string) ([]string, error)

ListRules lists all rules from a chain in a table.

func (*Client) Restore

func (c *Client) Restore(data []byte, flush bool, useIPv6 bool) error

Restore calls iptable-restore to restore iptables with the provided content. If flush is true, all previous contents of the respective tables will be flushed. Otherwise only involved chains will be flushed. Restore supports "ip6tables-restore" for IPv6.

func (*Client) Save

func (c *Client) Save() ([]byte, error)

Save calls iptables-saves to dump chains and tables in iptables.

type Protocol

type Protocol byte
const (
	ProtocolDual Protocol = iota
	ProtocolIPv4
	ProtocolIPv6
)

func (Protocol) String added in v1.2.1

func (p Protocol) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL