packetfilter

package
v0.19.0-m0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SetNewDriverFn

func SetNewDriverFn(f func() (Driver, error))

Types

type Adapter

type Adapter struct {
	Driver
}

func (*Adapter) PrependUnique

func (a *Adapter) PrependUnique(table TableType, chain string, rules ...*Rule) error

func (*Adapter) UpdateChainRules

func (a *Adapter) UpdateChainRules(table TableType, chain string, rules []*Rule) error

type Chain

type Chain struct {
	Name   string
	Policy ChainPolicy
}

Supported policy values are accept (which is the default) or drop.

type ChainHook

type ChainHook uint32
const (
	ChainHookPrerouting ChainHook = iota
	ChainHookInput
	ChainHookForward
	ChainHookOutput
	ChainHookPostrouting
)

func (ChainHook) String

func (c ChainHook) String() string

type ChainIPHook

type ChainIPHook struct {
	Name     string
	Type     ChainType
	Hook     ChainHook
	Priority ChainPriority
	Policy   ChainPolicy
	JumpRule *Rule
}

type ChainPolicy

type ChainPolicy uint32
const (
	ChainPolicyAccept ChainPolicy = iota
	ChainPolicyDrop
)

func (ChainPolicy) String

func (c ChainPolicy) String() string

type ChainPriority

type ChainPriority uint32
const (
	ChainPriorityFirst ChainPriority = iota
	ChainPriorityLast
)

func (ChainPriority) String

func (c ChainPriority) String() string

type ChainType

type ChainType uint32
const (
	ChainTypeFilter ChainType = iota
	ChainTypeRoute            // mangle
	ChainTypeNAT
)

func (ChainType) String

func (c ChainType) String() string

type Driver

type Driver interface {
	// Chains
	ChainExists(table TableType, chain string) (bool, error)
	CreateIPHookChainIfNotExists(chain *ChainIPHook) error
	CreateChainIfNotExists(table TableType, chain *Chain) error
	DeleteIPHookChain(chain *ChainIPHook) error
	DeleteChain(table TableType, chain string) error
	ClearChain(table TableType, chain string) error

	// rules
	Delete(table TableType, chain string, rule *Rule) error
	AppendUnique(table TableType, chain string, rule *Rule) error
	List(table TableType, chain string) ([]*Rule, error)
	Append(table TableType, chain string, rule *Rule) error
	Insert(table TableType, chain string, pos int, rule *Rule) error

	// named Sets.
	NewNamedSet(set *SetInfo) NamedSet
	DestroySets(nameFilter func(string) bool) error
}

type Interface

type Interface interface {
	Driver
	PrependUnique(table TableType, chain string, rules ...*Rule) error
	UpdateChainRules(table TableType, chain string, rules []*Rule) error
}

func New

func New() (Interface, error)

type MssClampType

type MssClampType uint32
const (
	UndefinedMSS MssClampType = iota
	ToPMTU
	ToValue
)

func (MssClampType) String

func (m MssClampType) String() string

type NamedSet

type NamedSet interface {
	Name() string
	Flush() error
	Destroy() error
	Create(ignoreExistErr bool) error
	AddEntry(entry string, ignoreExistErr bool) error
	DelEntry(entry string) error
	ListEntries() ([]string, error)
}

type Rule

type Rule struct {
	DestCIDR string
	SrcCIDR  string

	SrcSetName  string
	DestSetName string

	SnatCIDR string
	DnatCIDR string

	OutInterface string
	InInterface  string
	TargetChain  string
	MssValue     string

	DPort     string
	MarkValue string
	Action    RuleAction
	Proto     RuleProto
	ClampType MssClampType
}

func (*Rule) String

func (r *Rule) String() string

type RuleAction

type RuleAction uint32
const (
	RuleActionJump RuleAction = iota
	RuleActionAccept
	RuleActionMss
	RuleActionMark
	RuleActionSNAT
	RuleActionDNAT
)

func (RuleAction) String

func (r RuleAction) String() string

type RuleProto

type RuleProto uint32
const (
	RuleProtoUndefined RuleProto = iota
	RuleProtoAll
	RuleProtoTCP
	RuleProtoUDP
	RuleProtoICMP
)

func (RuleProto) String

func (r RuleProto) String() string

type SetFamily

type SetFamily uint32
const (
	// curently only IPV4 sets are supported.
	SetFamilyV4 SetFamily = iota
)

type SetInfo

type SetInfo struct {
	// Name is the set name.
	Name string
	// SetType specifies the named type.
	SetType string
	// nftables named set attached to tables.
	Table TableType
	// SetFamily specifies the protocol family of the IP addresses to be stored in the set.
	// The default is IPv4.
	Family SetFamily
}

named set.

type TableType

type TableType uint32
const (
	TableTypeFilter TableType = iota
	TableTypeRoute            // mangle
	TableTypeNAT
)

func (TableType) String

func (t TableType) String() string

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL