Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client interface { AppendUnique(table string, chain string, rule ...string) error InsertUnique(table, chain string, pos int, rule ...string) error Delete(table string, chain string, rule ...string) error Exists(table string, chain string, rule ...string) (bool, error) List(table string, chain string) ([]string, error) ClearChain(table string, chain string) error DeleteChain(table string, chain string) error NewChain(table string, chain string) error ListChains(table string) ([]string, error) }
Client represents any type that can administer iptables rules.
type Controller ¶
Controller is able to reconcile a given set of iptables rules.
func New ¶
func New(opts ...ControllerOption) (*Controller, error)
New generates a new iptables rules controller. If no options are given, IPv4 and IPv6 clients will be instantiated using the regular iptables backend.
func (*Controller) CleanUp ¶
func (c *Controller) CleanUp() error
CleanUp will clean up any rules created by the controller.
func (*Controller) Run ¶
func (c *Controller) Run(stop <-chan struct{}) (<-chan error, error)
Run watches for changes to iptables rules and reconciles the rules against the desired state.
func (*Controller) Set ¶
func (c *Controller) Set(rules RuleSet) error
Set idempotently overwrites any iptables rules previously defined for the controller with the given set of rules.
type ControllerOption ¶
type ControllerOption func(h *Controller)
ControllerOption modifies the controller's configuration.
func WithClients ¶
func WithClients(v4, v6 Client) ControllerOption
WithClients adds iptables clients to the controller.
func WithLogger ¶
func WithLogger(logger log.Logger) ControllerOption
WithLogger adds a logger to the controller.
func WithRegisterer ¶
func WithRegisterer(registerer prometheus.Registerer) ControllerOption
func WithResyncPeriod ¶
func WithResyncPeriod(resyncPeriod time.Duration) ControllerOption
WithResyncPeriod modifies how often the controller reconciles.
type Protocol ¶
type Protocol byte
Protocol represents an IP protocol.
func GetProtocol ¶
GetProtocol will return a protocol from the length of an IP address.
type Rule ¶
type Rule interface { Append(Client) error Prepend(Client) error Delete(Client) error Exists(Client) (bool, error) String() string Proto() Protocol }
Rule is an interface for interacting with iptables objects.
func NewIPv4Chain ¶
NewIPv4Chain creates a new iptables chain in the given table.
func NewIPv4Rule ¶
NewIPv4Rule creates a new iptables rule in the given table and chain.
func NewIPv6Chain ¶
NewIPv6Chain creates a new ip6tables chain in the given table.
func NewIPv6Rule ¶
NewIPv6Rule creates a new ip6tables rule in the given table and chain.
type RuleSet ¶
type RuleSet struct {
// contains filtered or unexported fields
}