Documentation ¶
Index ¶
- type IFaceMapper
- type Manager
- func (m *Manager) AddFiltering(ip net.IP, proto fw.Protocol, sPort *fw.Port, dPort *fw.Port, ...) (fw.Rule, error)
- func (m *Manager) AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func([]byte) bool) string
- func (m *Manager) AllowNetbird() error
- func (m *Manager) DeleteRule(rule fw.Rule) error
- func (m *Manager) DropIncoming(packetData []byte) bool
- func (m *Manager) DropOutgoing(packetData []byte) bool
- func (m *Manager) Flush() error
- func (m *Manager) RemovePacketHook(hookID string) error
- func (m *Manager) Reset() error
- func (m *Manager) SetNetwork(network *net.IPNet)
- func (m *Manager) SetResetHook(hook func() error)
- type Rule
- type RuleSet
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IFaceMapper ¶
type IFaceMapper interface { SetFilter(iface.PacketFilter) error Address() iface.WGAddress }
IFaceMapper defines subset methods of interface required for manager
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager userspace firewall manager
func Create ¶
func Create(iface IFaceMapper) (*Manager, error)
Create userspace firewall manager constructor
func (*Manager) AddFiltering ¶
func (m *Manager) AddFiltering( ip net.IP, proto fw.Protocol, sPort *fw.Port, dPort *fw.Port, direction fw.RuleDirection, action fw.Action, ipsetName string, comment string, ) (fw.Rule, error)
AddFiltering rule to the firewall
If comment argument is empty firewall manager should set rule ID as comment for the rule
func (*Manager) AddUDPPacketHook ¶ added in v0.21.2
func (m *Manager) AddUDPPacketHook( in bool, ip net.IP, dPort uint16, hook func([]byte) bool, ) string
AddUDPPacketHook calls hook when UDP packet from given direction matched
Hook function returns flag which indicates should be the matched package dropped or not
func (*Manager) AllowNetbird ¶ added in v0.23.0
AllowNetbird allows netbird interface traffic
func (*Manager) DeleteRule ¶
DeleteRule from the firewall by rule definition
func (*Manager) DropIncoming ¶
DropIncoming filter incoming packets
func (*Manager) DropOutgoing ¶
DropOutgoing filter outgoing packets
func (*Manager) RemovePacketHook ¶ added in v0.21.2
RemovePacketHook removes packet hook by given ID
func (*Manager) SetNetwork ¶
SetNetwork of the wireguard interface to which filtering applied
func (*Manager) SetResetHook ¶ added in v0.23.0
SetResetHook which will be executed in the end of Reset method