uspfilter

package
v0.26.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 28, 2024 License: BSD-3-Clause Imports: 9 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type IFaceMapper

type IFaceMapper interface {
	SetFilter(iface.PacketFilter) error
	Address() iface.WGAddress
}

IFaceMapper defines subset methods of interface required for manager

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

Manager userspace firewall manager

func Create

func Create(iface IFaceMapper) (*Manager, error)

Create userspace firewall manager constructor

func CreateWithNativeFirewall added in v0.24.4

func CreateWithNativeFirewall(iface IFaceMapper, nativeFirewall firewall.Manager) (*Manager, error)

func (*Manager) AddFiltering

func (m *Manager) AddFiltering(
	ip net.IP,
	proto firewall.Protocol,
	sPort *firewall.Port,
	dPort *firewall.Port,
	direction firewall.RuleDirection,
	action firewall.Action,
	ipsetName string,
	comment string,
) ([]firewall.Rule, error)

AddFiltering rule to the firewall

If comment argument is empty firewall manager should set rule ID as comment for the rule

func (*Manager) AddUDPPacketHook added in v0.21.2

func (m *Manager) AddUDPPacketHook(
	in bool, ip net.IP, dPort uint16, hook func([]byte) bool,
) string

AddUDPPacketHook calls hook when UDP packet from given direction matched

Hook function returns flag which indicates should be the matched package dropped or not

func (*Manager) AllowNetbird added in v0.23.0

func (m *Manager) AllowNetbird() error

AllowNetbird allows netbird interface traffic

func (*Manager) DeleteRule

func (m *Manager) DeleteRule(rule firewall.Rule) error

DeleteRule from the firewall by rule definition

func (*Manager) DropIncoming

func (m *Manager) DropIncoming(packetData []byte) bool

DropIncoming filter incoming packets

func (*Manager) DropOutgoing

func (m *Manager) DropOutgoing(packetData []byte) bool

DropOutgoing filter outgoing packets

func (*Manager) Flush added in v0.21.9

func (m *Manager) Flush() error

Flush doesn't need to be implemented for this manager

func (*Manager) InsertRoutingRules added in v0.24.4

func (m *Manager) InsertRoutingRules(pair firewall.RouterPair) error

func (*Manager) IsServerRouteSupported added in v0.24.4

func (m *Manager) IsServerRouteSupported() bool

func (*Manager) RemovePacketHook added in v0.21.2

func (m *Manager) RemovePacketHook(hookID string) error

RemovePacketHook removes packet hook by given ID

func (*Manager) RemoveRoutingRules added in v0.24.4

func (m *Manager) RemoveRoutingRules(pair firewall.RouterPair) error

RemoveRoutingRules removes a routing firewall rule

func (*Manager) Reset

func (m *Manager) Reset() error

Reset firewall to the default state

func (*Manager) SetNetwork

func (m *Manager) SetNetwork(network *net.IPNet)

SetNetwork of the wireguard interface to which filtering applied

type Rule

type Rule struct {
	// contains filtered or unexported fields
}

Rule to handle management of rules

func (*Rule) GetRuleID

func (r *Rule) GetRuleID() string

GetRuleID returns the rule id

type RuleSet added in v0.21.9

type RuleSet map[string]Rule

RuleSet is a set of rules grouped by a string key

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL