nfqueue

package

v0.5.1 Latest Latest Go to latest Published: Aug 10, 2020 License: AGPL-3.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/safing/portmaster

Links

Open Source Insights

README ¶

Parts of this package (this directory) are forked from the go-nfqueue repo: https://github.com/OneOfOne/go-nfqueue These portions are copyrighted by Ahmed W. The fork commit is (with high certainty): https://github.com/OneOfOne/go-nfqueue/commit/3bdd8bdfd98a1ed51119f9cf7494162484dfbe7c

Documentation ¶

Overview ¶

Package nfqueue provides network interception capabilities on linux via iptables nfqueue.

Index ¶

Constants
Variables
type NFQueue
- func NewNFQueue(qid uint16) (nfq *NFQueue, err error)
type Packet

Constants ¶

View Source

const (
	NFQ_DROP   uint32 = 0 // discarded the packet
	NFQ_ACCEPT uint32 = 1 // the packet passes, continue iterations
	NFQ_STOLEN uint32 = 2 // gone away
	NFQ_QUEUE  uint32 = 3 // inject the packet into a different queue (the target queue number is in the high 16 bits of the verdict)
	NFQ_REPEAT uint32 = 4 // iterate the same cycle once more
	NFQ_STOP   uint32 = 5 // accept, but don't continue iterations
)

NFQ Packet Constants

Variables ¶

View Source

var (
	ErrVerdictSentOrTimedOut = errors.New("the verdict was already sent or timed out")
)

NFQ Errors

Functions ¶

This section is empty.

Types ¶

type NFQueue ¶

type NFQueue struct {
	DefaultVerdict uint32
	Timeout        time.Duration

	Packets chan packet.Packet
	// contains filtered or unexported fields
}

NFQueue holds a Linux NFQ Handle and associated information.

func NewNFQueue ¶

func NewNFQueue(qid uint16) (nfq *NFQueue, err error)

NewNFQueue initializes a new netfilter queue.

func (*NFQueue) Destroy ¶

func (nfq *NFQueue) Destroy()

Destroy closes all the nfqueues.

func (*NFQueue) PacketChannel ¶ added in v0.4.18

func (nfq *NFQueue) PacketChannel() <-chan packet.Packet

PacketChannel returns a packet channel

func (*NFQueue) Valid ¶

func (nfq *NFQueue) Valid() bool

Valid returns whether the NFQueue is still valid.

type Packet ¶

type Packet struct {
	packet.Base

	QueueID    uint16
	ID         uint32
	HWProtocol uint16
	Hook       uint8
	Mark       uint32
	// contains filtered or unexported fields
}

Packet represents a packet with a NFQ reference.

func (*Packet) Accept ¶

func (pkt *Packet) Accept() error

Accept implements the packet interface.

func (*Packet) Block ¶

func (pkt *Packet) Block() error

Block implements the packet interface.

func (*Packet) Drop ¶

func (pkt *Packet) Drop() error

Drop implements the packet interface.

func (*Packet) PermanentAccept ¶

func (pkt *Packet) PermanentAccept() error

PermanentAccept implements the packet interface.

func (*Packet) PermanentBlock ¶

func (pkt *Packet) PermanentBlock() error

PermanentBlock implements the packet interface.

func (*Packet) PermanentDrop ¶

func (pkt *Packet) PermanentDrop() error

PermanentDrop implements the packet interface.

func (*Packet) RerouteToNameserver ¶

func (pkt *Packet) RerouteToNameserver() error

RerouteToNameserver implements the packet interface.

func (*Packet) RerouteToTunnel ¶

func (pkt *Packet) RerouteToTunnel() error

RerouteToTunnel implements the packet interface.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL