Documentation ¶
Index ¶
- Constants
- Variables
- func ExistChain(chain string, table Table) bool
- func Exists(table Table, chain string, rule ...string) bool
- func FirewalldInit() error
- func GetVersion() (major, minor, micro int, err error)
- func OnReloaded(callback func())
- func Passthrough(ipv IPV, args ...string) ([]byte, error)
- func ProgramChain(c *ChainInfo, bridgeName string, hairpinMode, enable bool) error
- func ProgramRule(table Table, chain string, action Action, args []string) error
- func Raw(args ...string) ([]byte, error)
- func RawCombinedOutput(args ...string) error
- func RawCombinedOutputNative(args ...string) error
- func RemoveExistingChain(name string, table Table) error
- type Action
- type ChainError
- type ChainInfo
- func (c *ChainInfo) Forward(action Action, ip net.IP, port int, proto, destAddr string, destPort int, ...) error
- func (c *ChainInfo) Link(action Action, ip1, ip2 net.IP, port int, proto string, bridgeName string) error
- func (c *ChainInfo) Output(action Action, args ...string) error
- func (c *ChainInfo) Prerouting(action Action, args ...string) error
- func (c *ChainInfo) Remove() error
- type Conn
- type IPV
- type Table
Constants ¶
const ( // Append appends the rule at the end of the chain. Append Action = "-A" // Delete deletes the rule from the chain. Delete Action = "-D" // Insert inserts the rule at the top of the chain. Insert Action = "-I" // Nat table is used for nat translation rules. Nat Table = "nat" // Filter table is used for filter rules. Filter Table = "filter" // Mangle table is used for mangling the packet. Mangle Table = "mangle" )
Variables ¶
var ( // ErrIptablesNotFound is returned when the rule is not found. ErrIptablesNotFound = errors.New("Iptables not found") )
Functions ¶
func ExistChain ¶
ExistChain checks if a chain exists
func FirewalldInit ¶
func FirewalldInit() error
FirewalldInit initializes firewalld management code.
func GetVersion ¶
GetVersion reads the iptables version numbers
func Passthrough ¶
Passthrough method simply passes args through to iptables/ip6tables
func ProgramChain ¶
ProgramChain is used to add rules to a chain
func ProgramRule ¶
ProgramRule adds the rule specified by args only if the rule is not already present in the chain. Reciprocally, it removes the rule only if present.
func RawCombinedOutput ¶
RawCombinedOutput inernally calls the Raw function and returns a non nil error if Raw returned a non nil error or a non empty output
func RawCombinedOutputNative ¶
RawCombinedOutputNative behave as RawCombinedOutput with the difference it will always invoke `iptables` binary
func RemoveExistingChain ¶
RemoveExistingChain removes existing chain from the table.
Types ¶
type ChainError ¶
ChainError is returned to represent errors during ip table operation.
func (ChainError) Error ¶
func (e ChainError) Error() string
type ChainInfo ¶
ChainInfo defines the iptables chain.
func (*ChainInfo) Forward ¶
func (c *ChainInfo) Forward(action Action, ip net.IP, port int, proto, destAddr string, destPort int, bridgeName string) error
Forward adds forwarding rule to 'filter' table and corresponding nat rule to 'nat' table.
func (*ChainInfo) Link ¶
func (c *ChainInfo) Link(action Action, ip1, ip2 net.IP, port int, proto string, bridgeName string) error
Link adds reciprocal ACCEPT rule for two supplied IP addresses. Traffic is allowed from ip1 to ip2 and vice-versa
func (*ChainInfo) Prerouting ¶
Prerouting adds linking rule to nat/PREROUTING chain.
type Conn ¶
type Conn struct {
// contains filtered or unexported fields
}
Conn is a connection to firewalld dbus endpoint.