nfqueue

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 4, 2019 License: MIT Imports: 10 Imported by: 36

README

go-nfqueue GoDoc

This is go-nfqueue and it is written in golang. It provides a C-binding free API to the netfilter based queue subsystem of the Linux kernel.

For documentation and more examples please take a look at GoDoc

Documentation

Overview

Package go-nfqueue provides an API to interact with the nfqueue subsystem of the netfilter family from the linux kernel.

Index

Constants

View Source 
const (
	AttrPacketID = iota
	AttrHook
	AttrHwProtocol
	AttrIfIndexInDev
	AttrIfIndexOutDev
	AttrIfIndexPhysInDev
	AttrIfIndexPhysOutDev
	AttrPayload
	AttrCapLen
	AttrTimestamp
	AttrHwAddr
	AttrMark
	AttrUID
	AttrGID
	AttrL2HDR
	AttrCt
	AttrCtInfo
	AttrSkbInfo
	AttrExp
	AttrSecCtx
	AttrVlanProto
	AttrVlanTCI
)

Various identifier,that can be the key of Msg map

View Source 
const (
	NfQaCfgFlagFailOpen  = (1 << iota)
	NfQaCfgFlagConntrack = (1 << iota)
	NfQaCfgFlagGSO       = (1 << iota)
	NfQaCfgFlagUidGid    = (1 << iota)
	NfQaCfgFlagSecCx     = (1 << iota)
)

Various configuration flags

View Source 
const (
	NfQnlCopyNone = iota
	NfQnlCopyMeta
	NfQnlCopyPacket
)

copy modes

View Source 
const (
	NfDrop = iota
	NfAccept
	NfStolen
	NfQeueue
	NfRepeat
)

Verdicts

Variables

View Source 
var (
	ErrRecvMsg        = errors.New("Received error message")
	ErrUnexpMsg       = errors.New("Received unexpected message from kernel")
	ErrInvFlag        = errors.New("Invalid Flag")
	ErrNotLinux       = errors.New("Not implemented for OS other than linux")
	ErrInvalidVerdict = errors.New("Invalid verdict")
)

Various errors

Functions

This section is empty.

Types

type Config 

type Config struct {
	// Network namespace the Nfqueue needs to operate in. If set to 0 (default),
	// no network namespace will be entered.
	NetNS int

	// Queue this Nfqueue socket will be assigned to
	NfQueue uint16
	// Maximum number of packages within the Nfqueue.
	MaxQueueLen uint32

	// Only used in combination with NfQnlCopyPacket.
	MaxPacketLen uint32

	// Specifies how the kernel handles a packet in the nfqueue queue.
	Copymode uint8

	// Optional flags and mask for this Nfqueue socket.
	Flags     uint32
	FlagsMask uint32

	// Interface to log internals.
	Logger *log.Logger
}

Config contains options for a Conn.

type HookFunc 

type HookFunc func(m Msg) int

HookFunc is a function, that receives events from a Netlinkgroup To stop receiving messages on this HookFunc, return something different than 0

type Msg 

type Msg map[int]interface{}

Msg contains all the information of a connection

type Nfqueue 

type Nfqueue struct{}

Nfqueue is not implemented for OS other than linux

func Open 

func Open(_ *Config) (*Nfqueue, error)

Open is not implemented for OS other than Linux

func (*Nfqueue) Close 

func (nfq *Nfqueue) Close() error

Close is not implemented for OS other than Linux

func (*Nfqueue) Register 

func (nfe *Nfqueue) Register(_ context.Context, _ HookFunc) error

Register is not implemented for OS other than Linux

func (*Nfqueue) SetVerdict 

func (nfq *Nfqueue) SetVerdict(_ uint32, _ int) error

SetVerdict is not implemented for OS other than Linux

func (*Nfqueue) SetVerdictBatch 

func (nfq *Nfqueue) SetVerdictBatch(_ uint32, _ int) error

SetVerdictBatch is not implemented for OS other than Linux

func (*Nfqueue) SetVerdictWithMark 

func (nfqueue *Nfqueue) SetVerdictWithMark(_ uint32, _, _ int) error

SetVerdictWithMark is not implemented for OS other than Linux

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.