The highest tagged major version is v11.

netfilter

package

v1.0.20 Latest Latest Go to latest Published: Aug 2, 2017 License: GPL-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aporeto-inc/trireme-lib

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package netfilter provides Go bindings for libnetfilter_queue This library provides access to packets in the IPTables netfilter queue (NFQUEUE). The libnetfilter_queue library is part of the http://netfilter.org/projects/libnetfilter_queue/ project.

Index ¶

Constants
func SetVerdict(v *Verdict, mark int) int
type NFPacket
type NFQueue
- func NewNFQueue(queueID uint16, maxPacketsInQueue uint32, packetSize uint32) (*NFQueue, error)
- func (nfq *NFQueue) Close()
type Verdict

Constants ¶

View Source

const (
	//AfInet Address Family Inet
	AfInet = 2

	//NfDrop Net filter verdict
	NfDrop verdictType = 0 // nolint
	//NfAccept Net filter verdict
	NfAccept verdictType = 1 //nolint
	//NfStolen Net filter verdict
	NfStolen verdictType = 2 // nolint
	//NfQueue Net filter verdict
	NfQueue verdictType = 3 // nolint
	//NfRepeat Net filter verdict
	NfRepeat verdictType = 4 // nolint
	//NfStop Net filter verdict
	NfStop verdictType = 5 // nolint

	//NfDefaultPacketSize default packet size
	NfDefaultPacketSize uint32 = 0xffff
)

Variables ¶

This section is empty.

Functions ¶

func SetVerdict ¶

func SetVerdict(v *Verdict, mark int) int

SetVerdict receives the response from the processor, copies the buffers and passes the result to the C code

Types ¶

type NFPacket ¶

type NFPacket struct {
	Buffer      []byte
	Mark        string
	Xbuffer     *C.uchar
	QueueHandle *C.struct_nfq_q_handle
	ID          int
}

NFPacket structure holds the packet

type NFQueue ¶

type NFQueue struct {
	Packets chan *NFPacket
	// contains filtered or unexported fields
}

NFQueue implements the queue and holds all related state information

func NewNFQueue ¶

func NewNFQueue(queueID uint16, maxPacketsInQueue uint32, packetSize uint32) (*NFQueue, error)

NewNFQueue creates and bind to queue specified by queueID.

func (*NFQueue) Close ¶

func (nfq *NFQueue) Close()

Close Unbind and close the queue

type Verdict ¶

type Verdict struct {
	V       verdictType
	Buffer  []byte
	Payload []byte
	Options []byte

	Xbuffer     *C.uchar
	ID          int
	QueueHandle *C.struct_nfq_q_handle
}

Verdict for a packet. Buffer is the original buffer of the packet Payload is any new data that have to be appended to the packet

Source Files ¶

View all Source files

netfilter_linux.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL