README
¶
go-firewalld
A go bindings for the firewalld dbus API.
Forked
original is here
Install
go get git.sr.ht/~emilyinspace/go-firewalld
Example
The following code is equivalent to
firewall-cmd --add-forward-port=port=2222:proto=tcp:toport=22 --permanent && firewall-cmd --reload
conn, _ := firewalld.New()
defer conn.Close()
conn.Permanent().AddZoneForwardPort("public", &ForwardPort{
Port: "2222",
Protocol: "tcp",
ToPort: "22",
})
conn.Reload()
More examples
Documentation
¶
Index ¶
- Variables
- func DBusSlicesToStructHookFunc() mapstructure.DecodeHookFunc
- func DecodeDBus(input interface{}, output interface{}) error
- type Conn
- func (c *Conn) AddPolicy(policy *Policy) error
- func (c *Conn) AddRuntimeService(name string, timeout int) (err error)
- func (c *Conn) AddZone(zone *Zone) error
- func (c *Conn) AddZoneForwardPort(zone string, port *ForwardPort) error
- func (c *Conn) AddZoneInterface(zone, iface string) error
- func (c *Conn) AddZoneService(zone string, service string) error
- func (c *Conn) AuthorizeAll() error
- func (c *Conn) Close()
- func (c *Conn) DisablePanicMode() error
- func (c *Conn) EnablePanicMode() error
- func (c *Conn) GetDefaultZone() (zone string, err error)
- func (c *Conn) GetICMPTypeNames() (names []string, err error)
- func (c *Conn) GetPolicyByName(name string) (policy *Policy, err error)
- func (c *Conn) GetPolicyNames() (names []string, err error)
- func (c *Conn) GetServiceNames() (names []string, err error)
- func (c *Conn) GetZoneByName(name string) (zone *Zone, err error)
- func (c *Conn) GetZoneForwardPorts(zone string) (ports []*ForwardPort, err error)
- func (c *Conn) GetZoneInterfaces(zone string) (ifaces []string, err error)
- func (c *Conn) GetZoneNames() (names []string, err error)
- func (c *Conn) GetZoneServices(zone string) (services []string, err error)
- func (c *Conn) IsPanicMode() (b bool, err error)
- func (c *Conn) LoadPolicyDefaults(name string) error
- func (c *Conn) LoadZoneDefaults(name string) error
- func (c *Conn) Permanent() *Conn
- func (c *Conn) Reload() error
- func (c *Conn) RemovePolicy(name string) error
- func (c *Conn) RemoveZone(zone string) error
- func (c *Conn) RemoveZoneForwardPort(zone string, port *ForwardPort) error
- func (c *Conn) RemoveZoneInterface(zone, iface string) error
- func (c *Conn) RemoveZoneService(zone string, service string) error
- func (c *Conn) RenamePolicy(name, newName string) error
- func (c *Conn) RenameZone(zone, newName string) error
- func (c *Conn) Reset() error
- func (c *Conn) SetDefaultZone(zone string) error
- func (c *Conn) UpdatePolicy(policy *Policy) error
- func (c *Conn) UpdateZone(zone *Zone) error
- func (c *Conn) Version() (version string, err error)
- type DBusSliceToStruct
- type ForwardPort
- type Policy
- type Port
- type Zone
Constants ¶
This section is empty.
Variables ¶
var NoSupportRuntimeModeErr = errors.New("no support runtime mode")
Functions ¶
func DBusSlicesToStructHookFunc ¶
func DBusSlicesToStructHookFunc() mapstructure.DecodeHookFunc
func DecodeDBus ¶
func DecodeDBus(input interface{}, output interface{}) error
Types ¶
type Conn ¶
type Conn struct {
// contains filtered or unexported fields
}
func (*Conn) AddRuntimeService ¶ added in v0.1.2
Add service to runtime default zone
func (*Conn) AddZoneForwardPort ¶
func (c *Conn) AddZoneForwardPort(zone string, port *ForwardPort) error
func (*Conn) AddZoneInterface ¶
func (*Conn) AuthorizeAll ¶
AuthorizeAll Initiate authorization for the complete firewalld D-Bus interface.
func (*Conn) DisablePanicMode ¶
DisablePanicMode disable panic mode Possible errors: NOT_ENABLED, COMMAND_FAILED
func (*Conn) EnablePanicMode ¶
EnablePanicMode enable panic mode Possible errors: ALREADY_ENABLED, COMMAND_FAILED
func (*Conn) GetDefaultZone ¶
GetDefaultZone get default zone name
func (*Conn) GetICMPTypeNames ¶
GetICMPTypeNames get icmp type name list
func (*Conn) GetPolicyByName ¶
GetPolicyByName get policy by name
func (*Conn) GetPolicyNames ¶
GetPolicyNames get policy name list
func (*Conn) GetServiceNames ¶
func (*Conn) GetZoneForwardPorts ¶
func (c *Conn) GetZoneForwardPorts(zone string) (ports []*ForwardPort, err error)
func (*Conn) GetZoneInterfaces ¶
func (*Conn) GetZoneNames ¶
func (*Conn) GetZoneServices ¶
func (*Conn) IsPanicMode ¶
IsPanicMode Return true if panic mode is enabled, false otherwise. In panic mode all incoming and outgoing packets are dropped.
func (*Conn) LoadPolicyDefaults ¶
LoadPolicyDefaults load default settings for built-in policy. Possible errors: NO_DEFAULTS
func (*Conn) LoadZoneDefaults ¶
LoadZoneDefaults load default settings for built-in zone. Possible errors: NO_DEFAULTS
func (*Conn) Reload ¶
Reload firewall rules and keep state information. Current permanent configuration will become new runtime configuration, i.e. all runtime only changes done until reload are lost with reload if they have not been also in permanent configuration.
func (*Conn) RemovePolicy ¶
RemovePolicy remove policy, only support permanent mode
func (*Conn) RemoveZone ¶
func (*Conn) RemoveZoneForwardPort ¶
func (c *Conn) RemoveZoneForwardPort(zone string, port *ForwardPort) error
func (*Conn) RemoveZoneInterface ¶
func (*Conn) RemoveZoneService ¶
func (*Conn) RenamePolicy ¶
RenamePolicy rename policy name, only support permanent mode Possible errors: BUILTIN_POLICY
func (*Conn) RenameZone ¶
RenameZone rename zone name, only support permanent mode Possible errors: BUILTIN_ZONE
func (*Conn) SetDefaultZone ¶
SetDefaultZone Set default zone for connections and interfaces where no zone has been selected to zone. Setting the default zone changes the zone for the connections or interfaces, that are using the default zone. This is a runtime and permanent change. Possible errors: ZONE_ALREADY_SET, COMMAND_FAILED
func (*Conn) UpdatePolicy ¶
UpdatePolicy update policy settings, there are no target, short and description fields for runtime settings
func (*Conn) UpdateZone ¶
UpdateZone update zone settings, there are no target and description fields for runtime settings
type DBusSliceToStruct ¶
type DBusSliceToStruct interface {
ToStruct([]interface{}) error
}
type ForwardPort ¶
func (*ForwardPort) ToStruct ¶
func (f *ForwardPort) ToStruct(i []interface{}) error
type Policy ¶
type Policy struct {
Name string
Short string `dbus:"short"`
Description string `dbus:"description"`
Target string `dbus:"target,omitempty"`
IngressZones []string `dbus:"ingress_zones"`
EgressZones []string `dbus:"egress_zones"`
Services []string `dbus:"services"`
ICMPBlocks []string `dbus:"icmp_blocks"`
Priority int `dbus:"priority,omitempty"`
Masquerade bool `dbus:"masquerade"`
ForwardPorts []*ForwardPort `dbus:"forward_ports"`
RichRules []string `dbus:"rich_rules"`
Protocols []string `dbus:"protocols"`
Ports []*Port `dbus:"ports"`
SourcePorts []*Port `dbus:"source_ports"`
}
type Zone ¶
type Zone struct {
Name string `dbus:"name,omitempty"`
Description string `dbus:"description"`
Target string `dbus:"target"`
IngressPriority int `dbus:"ingress_priority"`
EgressPriority int `dbus:"egress_priority"`
Services []string `dbus:"services"`
ICMPBlocks []string `dbus:"icmp_blocks"`
ICMPBlockInversion bool `dbus:"icmp_block_inversion"`
Masquerade bool `dbus:"masquerade"`
Forward bool `dbus:"forward"`
ForwardPorts []*ForwardPort `dbus:"forward_ports"`
Interfaces []string `dbus:"interfaces"`
RichRules []string `dbus:"rules_str"`
Protocols []string `dbus:"protocols"`
Ports []*Port `dbus:"ports"`
Sources []string `dbus:"sources"`
SourcePorts []*Port `dbus:"source_ports"`
}
Source Files