iptables

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 27, 2024 License: Apache-2.0 Imports: 11 Imported by: 639

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IPFamily added in v0.5.0 

func IPFamily(proto Protocol) option

func Path added in v0.8.0 

func Path(path string) option

func Timeout added in v0.5.0 

func Timeout(timeout int) option

Types

type Error 

type Error struct {
	exec.ExitError
	// contains filtered or unexported fields
}

Adds the output of stderr to exec.ExitError

func (*Error) Error 

func (e *Error) Error() string

func (*Error) ExitStatus 

func (e *Error) ExitStatus() int

func (*Error) IsNotExist added in v0.3.0 

func (e *Error) IsNotExist() bool

IsNotExist returns true if the error is due to the chain or rule not existing

type IPTables 

type IPTables struct {
	// contains filtered or unexported fields
}

func New 

func New(opts ...option) (*IPTables, error)

New creates a new IPTables configured with the options passed as parameters. Supported parameters are: 

IPFamily(Protocol)
Timeout(int)
Path(string)

For backwards compatibility, by default New uses IPv4 and timeout 0. i.e. you can create an IPv6 IPTables using a timeout of 5 seconds passing the IPFamily and Timeout options as follow: 

ip6t := New(IPFamily(ProtocolIPv6), Timeout(5))

func NewWithProtocol added in v0.2.0 

func NewWithProtocol(proto Protocol) (*IPTables, error)

New creates a new IPTables for the given proto. The proto will determine which command is used, either "iptables" or "ip6tables".

func (*IPTables) Append 

func (ipt *IPTables) Append(table, chain string, rulespec ...string) error

Append appends rulespec to specified table/chain

func (*IPTables) AppendUnique 

func (ipt *IPTables) AppendUnique(table, chain string, rulespec ...string) error

AppendUnique acts like Append except that it won't add a duplicate

func (*IPTables) ChainExists added in v0.5.0 

func (ipt *IPTables) ChainExists(table, chain string) (bool, error)

'-S' is fine with non existing rule index as long as the chain exists therefore pass index 1 to reduce overhead for large chains

func (*IPTables) ChangePolicy added in v0.3.0 

func (ipt *IPTables) ChangePolicy(table, chain, target string) error

ChangePolicy changes policy on chain to target

func (*IPTables) ClearAll added in v0.6.0 

func (ipt *IPTables) ClearAll() error

func (*IPTables) ClearAndDeleteChain added in v0.5.0 

func (ipt *IPTables) ClearAndDeleteChain(table, chain string) error

func (*IPTables) ClearChain 

func (ipt *IPTables) ClearChain(table, chain string) error

ClearChain flushed (deletes all rules) in the specified table/chain. If the chain does not exist, a new one will be created

func (*IPTables) Delete 

func (ipt *IPTables) Delete(table, chain string, rulespec ...string) error

Delete removes rulespec in specified table/chain

func (*IPTables) DeleteAll added in v0.6.0 

func (ipt *IPTables) DeleteAll() error

func (*IPTables) DeleteById added in v0.8.0 

func (ipt *IPTables) DeleteById(table, chain string, id int) error

DeleteById deletes the rule with the specified ID in the given table and chain.

func (*IPTables) DeleteChain 

func (ipt *IPTables) DeleteChain(table, chain string) error

DeleteChain deletes the chain in the specified table. The chain must be empty

func (*IPTables) DeleteIfExists added in v0.5.0 

func (ipt *IPTables) DeleteIfExists(table, chain string, rulespec ...string) error

func (*IPTables) Exists 

func (ipt *IPTables) Exists(table, chain string, rulespec ...string) (bool, error)

Exists checks if given rulespec in specified table/chain exists

func (*IPTables) GetIptablesVersion added in v0.4.0 

func (ipt *IPTables) GetIptablesVersion() (int, int, int)

Return version components of the underlying iptables command

func (*IPTables) HasRandomFully added in v0.4.0 

func (ipt *IPTables) HasRandomFully() bool

Check if the underlying iptables command supports the --random-fully flag

func (*IPTables) Insert 

func (ipt *IPTables) Insert(table, chain string, pos int, rulespec ...string) error

Insert inserts rulespec to specified table/chain (in specified pos)

func (*IPTables) InsertUnique added in v0.7.0 

func (ipt *IPTables) InsertUnique(table, chain string, pos int, rulespec ...string) error

InsertUnique acts like Insert except that it won't insert a duplicate (no matter the position in the chain)

func (*IPTables) List 

func (ipt *IPTables) List(table, chain string) ([]string, error)

List rules in specified table/chain

func (*IPTables) ListById added in v0.7.0 

func (ipt *IPTables) ListById(table, chain string, id int) (string, error)

List rules in specified table/chain

func (*IPTables) ListChains added in v0.2.0 

func (ipt *IPTables) ListChains(table string) ([]string, error)

ListChains returns a slice containing the name of each chain in the specified table.

func (*IPTables) ListWithCounters added in v0.2.0 

func (ipt *IPTables) ListWithCounters(table, chain string) ([]string, error)

List rules (with counters) in specified table/chain

func (*IPTables) NewChain 

func (ipt *IPTables) NewChain(table, chain string) error

NewChain creates a new chain in the specified table. If the chain already exists, it will result in an error.

func (*IPTables) ParseStat added in v0.4.2 

func (ipt *IPTables) ParseStat(stat []string) (parsed Stat, err error)

ParseStat parses a single statistic row into a Stat struct. The input should be a string slice that is returned from calling the Stat method.

func (*IPTables) Proto added in v0.2.0 

func (ipt *IPTables) Proto() Protocol

Proto returns the protocol used by this IPTables.

func (*IPTables) RenameChain 

func (ipt *IPTables) RenameChain(table, oldChain, newChain string) error

RenameChain renames the old chain to the new one.

func (*IPTables) Replace added in v0.7.0 

func (ipt *IPTables) Replace(table, chain string, pos int, rulespec ...string) error

Replace replaces rulespec to specified table/chain (in specified pos)

func (*IPTables) Stats added in v0.2.0 

func (ipt *IPTables) Stats(table, chain string) ([][]string, error)

Stats lists rules including the byte and packet counts

func (*IPTables) StructuredStats added in v0.4.2 

func (ipt *IPTables) StructuredStats(table, chain string) ([]Stat, error)

StructuredStats returns statistics as structured data which may be further parsed and marshaled.

type Protocol added in v0.2.0 

type Protocol byte

Protocol to differentiate between IPv4 and IPv6 

const (
	ProtocolIPv4 Protocol = iota
	ProtocolIPv6
)

type Stat added in v0.4.2 

type Stat struct {
	Packets     uint64     `json:"pkts"`
	Bytes       uint64     `json:"bytes"`
	Target      string     `json:"target"`
	Protocol    string     `json:"prot"`
	Opt         string     `json:"opt"`
	Input       string     `json:"in"`
	Output      string     `json:"out"`
	Source      *net.IPNet `json:"source"`
	Destination *net.IPNet `json:"destination"`
	Options     string     `json:"options"`
}

Stat represents a structured statistic entry.

type Unlocker 

type Unlocker interface {
	Unlock() error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.