iptables

package
v0.0.0-...-1c733f7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 19, 2015 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package iptables provides an interface and implementations for running iptables commands.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetIptablesVersionString

func GetIptablesVersionString(exec utilexec.Interface) (string, error)

GetIptablesVersionString runs "iptables --version" to get the version string, then matches for vX.X.X e.g. if "iptables --version" outputs: "iptables v1.3.66" then it would would return "v1.3.66", nil

Types

type Chain

type Chain string
const (
	ChainPostrouting Chain = "POSTROUTING"
	ChainPrerouting  Chain = "PREROUTING"
	ChainOutput      Chain = "OUTPUT"
)

type FlushFlag

type FlushFlag bool

Option flag for Restore

const FlushTables FlushFlag = true
const NoFlushTables FlushFlag = false

type Interface

type Interface interface {
	// EnsureChain checks if the specified chain exists and, if not, creates it.  If the chain existed, return true.
	EnsureChain(table Table, chain Chain) (bool, error)
	// FlushChain clears the specified chain.  If the chain did not exist, return error.
	FlushChain(table Table, chain Chain) error
	// DeleteChain deletes the specified chain.  If the chain did not exist, return error.
	DeleteChain(table Table, chain Chain) error
	// EnsureRule checks if the specified rule is present and, if not, creates it.  If the rule existed, return true.
	EnsureRule(position RulePosition, table Table, chain Chain, args ...string) (bool, error)
	// DeleteRule checks if the specified rule is present and, if so, deletes it.
	DeleteRule(table Table, chain Chain, args ...string) error
	// IsIpv6 returns true if this is managing ipv6 tables
	IsIpv6() bool
	// TODO: (BenTheElder) Unit-Test Save/SaveAll, Restore/RestoreAll
	// Save calls `iptables-save` for table.
	Save(table Table) ([]byte, error)
	// SaveAll calls `iptables-save`.
	SaveAll() ([]byte, error)
	// Restore runs `iptables-restore` passing data through a temporary file.
	// table is the Table to restore
	// data should be formatted like the output of Save()
	// flush sets the presence of the "--noflush" flag. see: FlushFlag
	// counters sets the "--counters" flag. see: RestoreCountersFlag
	Restore(table Table, data []byte, flush FlushFlag, counters RestoreCountersFlag) error
	// RestoreAll is the same as Restore except that no table is specified.
	RestoreAll(data []byte, flush FlushFlag, counters RestoreCountersFlag) error
}

An injectable interface for running iptables commands. Implementations must be goroutine-safe.

func New

func New(exec utilexec.Interface, protocol Protocol) Interface

New returns a new Interface which will exec iptables.

type Protocol

type Protocol byte
const (
	ProtocolIpv4 Protocol = iota + 1
	ProtocolIpv6
)

type RestoreCountersFlag

type RestoreCountersFlag bool

Option flag for Restore

const NoRestoreCounters RestoreCountersFlag = false
const RestoreCounters RestoreCountersFlag = true

type RulePosition

type RulePosition string
const (
	Prepend RulePosition = "-I"
	Append  RulePosition = "-A"
)

type Table

type Table string
const (
	TableNAT Table = "nat"
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL