packetfilter

package

v0.18.0-rc0 Latest Latest Go to latest Published: Jun 4, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/submariner-io/submariner

Documentation ¶

Index ¶

func SetNewDriverFn(f func() (Driver, error))
type Adapter
- func (a *Adapter) PrependUnique(table TableType, chain string, rules ...*Rule) error
- func (a *Adapter) UpdateChainRules(table TableType, chain string, rules []*Rule) error
type Chain
type ChainHook
- func (c ChainHook) String() string
type ChainIPHook
type ChainPolicy
- func (c ChainPolicy) String() string
type ChainPriority
- func (c ChainPriority) String() string
type ChainType
- func (c ChainType) String() string
type Driver
type Interface
- func New() (Interface, error)
type MssClampType
- func (m MssClampType) String() string
type NamedSet
type Rule
- func (r *Rule) String() string
type RuleAction
- func (r RuleAction) String() string
type RuleProto
- func (r RuleProto) String() string
type SetFamily
type SetInfo
type TableType
- func (t TableType) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SetNewDriverFn ¶

func SetNewDriverFn(f func() (Driver, error))

Types ¶

type Adapter ¶

type Adapter struct {
	Driver
}

func (*Adapter) PrependUnique ¶

func (a *Adapter) PrependUnique(table TableType, chain string, rules ...*Rule) error

func (*Adapter) UpdateChainRules ¶

func (a *Adapter) UpdateChainRules(table TableType, chain string, rules []*Rule) error

type Chain ¶

type Chain struct {
	Name   string
	Policy ChainPolicy
}

Supported policy values are accept (which is the default) or drop.

type ChainHook ¶

type ChainHook uint32

const (
	ChainHookPrerouting ChainHook = iota
	ChainHookInput
	ChainHookForward
	ChainHookOutput
	ChainHookPostrouting
)

func (ChainHook) String ¶

func (c ChainHook) String() string

type ChainIPHook ¶

type ChainIPHook struct {
	Name     string
	Type     ChainType
	Hook     ChainHook
	Priority ChainPriority
	Policy   ChainPolicy
	JumpRule *Rule
}

type ChainPolicy ¶

type ChainPolicy uint32

const (
	ChainPolicyAccept ChainPolicy = iota
	ChainPolicyDrop
)

func (ChainPolicy) String ¶

func (c ChainPolicy) String() string

type ChainPriority ¶

type ChainPriority uint32

const (
	ChainPriorityFirst ChainPriority = iota
	ChainPriorityLast
)

func (ChainPriority) String ¶

func (c ChainPriority) String() string

type ChainType ¶

type ChainType uint32

const (
	ChainTypeFilter ChainType = iota
	ChainTypeRoute            // mangle
	ChainTypeNAT
)

func (ChainType) String ¶

func (c ChainType) String() string

type Driver ¶

type Driver interface {
	// Chains
	ChainExists(table TableType, chain string) (bool, error)
	CreateIPHookChainIfNotExists(chain *ChainIPHook) error
	CreateChainIfNotExists(table TableType, chain *Chain) error
	DeleteIPHookChain(chain *ChainIPHook) error
	DeleteChain(table TableType, chain string) error
	ClearChain(table TableType, chain string) error

	// rules
	Delete(table TableType, chain string, rule *Rule) error
	AppendUnique(table TableType, chain string, rule *Rule) error
	List(table TableType, chain string) ([]*Rule, error)
	Append(table TableType, chain string, rule *Rule) error
	Insert(table TableType, chain string, pos int, rule *Rule) error

	// named Sets.
	NewNamedSet(set *SetInfo) NamedSet
	DestroySets(nameFilter func(string) bool) error
}

type Interface ¶

type Interface interface {
	Driver
	PrependUnique(table TableType, chain string, rules ...*Rule) error
	UpdateChainRules(table TableType, chain string, rules []*Rule) error
}

func New ¶

func New() (Interface, error)

type MssClampType ¶

type MssClampType uint32

const (
	UndefinedMSS MssClampType = iota
	ToPMTU
	ToValue
)

func (MssClampType) String ¶

func (m MssClampType) String() string

type NamedSet ¶

type NamedSet interface {
	Name() string
	Flush() error
	Destroy() error
	Create(ignoreExistErr bool) error
	AddEntry(entry string, ignoreExistErr bool) error
	DelEntry(entry string) error
	ListEntries() ([]string, error)
}

type Rule ¶

type Rule struct {
	DestCIDR string
	SrcCIDR  string

	SrcSetName  string
	DestSetName string

	SnatCIDR string
	DnatCIDR string

	OutInterface string
	InInterface  string
	TargetChain  string
	MssValue     string

	DPort     string
	MarkValue string
	Action    RuleAction
	Proto     RuleProto
	ClampType MssClampType
}

func (*Rule) String ¶

func (r *Rule) String() string

type RuleAction ¶

type RuleAction uint32

const (
	RuleActionJump RuleAction = iota
	RuleActionAccept
	RuleActionMss
	RuleActionMark
	RuleActionSNAT
	RuleActionDNAT
)

func (RuleAction) String ¶

func (r RuleAction) String() string

type RuleProto ¶

type RuleProto uint32

const (
	RuleProtoUndefined RuleProto = iota
	RuleProtoAll
	RuleProtoTCP
	RuleProtoUDP
	RuleProtoICMP
)

func (RuleProto) String ¶

func (r RuleProto) String() string

type SetFamily ¶

type SetFamily uint32

const (
	// curently only IPV4 sets are supported.
	SetFamilyV4 SetFamily = iota
)

type SetInfo ¶

type SetInfo struct {
	// Name is the set name.
	Name string
	// SetType specifies the named type.
	SetType string
	// nftables named set attached to tables.
	Table TableType
	// SetFamily specifies the protocol family of the IP addresses to be stored in the set.
	// The default is IPv4.
	Family SetFamily
}

named set.

type TableType ¶

type TableType uint32

const (
	TableTypeFilter TableType = iota
	TableTypeRoute            // mangle
	TableTypeNAT
)

func (TableType) String ¶

func (t TableType) String() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
fake
iptables
nftables

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL