netfilter

package
v1.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 18, 2017 License: GPL-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package netfilter provides Go bindings for libnetfilter_queue This library provides access to packets in the IPTables netfilter queue (NFQUEUE). The libnetfilter_queue library is part of the http://netfilter.org/projects/libnetfilter_queue/ project.

Index

Constants

View Source
const (
	//AfInet Address Family Inet
	AfInet = 2

	//NfDrop Net filter verdict
	NfDrop verdictType = 0 // nolint
	//NfAccept Net filter verdict
	NfAccept verdictType = 1 //nolint
	//NfStolen Net filter verdict
	NfStolen verdictType = 2 // nolint
	//NfQueue Net filter verdict
	NfQueue verdictType = 3 // nolint
	//NfRepeat Net filter verdict
	NfRepeat verdictType = 4 // nolint
	//NfStop Net filter verdict
	NfStop verdictType = 5 // nolint

	//NfDefaultPacketSize default packet size
	NfDefaultPacketSize uint32 = 0xffff
)

Variables

This section is empty.

Functions

func SetVerdict

func SetVerdict(v *Verdict, mark int) int

SetVerdict receives the response from the processor, copies the buffers and passes the result to the C code

Types

type NFPacket

type NFPacket struct {
	Buffer      []byte
	Mark        string
	Xbuffer     *C.uchar
	QueueHandle *C.struct_nfq_q_handle
	ID          int
}

NFPacket structure holds the packet

type NFQueue

type NFQueue struct {
	Packets chan *NFPacket
	// contains filtered or unexported fields
}

NFQueue implements the queue and holds all related state information

func NewNFQueue

func NewNFQueue(queueID uint16, maxPacketsInQueue uint32, packetSize uint32) (*NFQueue, error)

NewNFQueue creates and bind to queue specified by queueID.

func (*NFQueue) Close

func (nfq *NFQueue) Close()

Close Unbind and close the queue

type Verdict

type Verdict struct {
	V       verdictType
	Buffer  []byte
	Payload []byte
	Options []byte

	Xbuffer     *C.uchar
	ID          int
	QueueHandle *C.struct_nfq_q_handle
}

Verdict for a packet. Buffer is the original buffer of the packet Payload is any new data that have to be appended to the packet

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL