iptables

package

v0.1.0 Latest Latest Go to latest Published: Mar 28, 2024 License: GPL-3.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/GCFactory/Patroni-BGP

Links

Open Source Insights

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

Constants
func GetIPTablesRuleSpecification(rule, specification string) string
type Error
type IPTables
- func New(opts ...Option) (*IPTables, error)
- func NewWithProtocol(proto Protocol) (*IPTables, error)
type Option
type Protocol
type Stat
type Unlocker

Constants ¶

View Source

const (
	TableFilter = "filter"
	ChainInput  = "INPUT"
)

Variables ¶

This section is empty.

Functions ¶

func GetIPTablesRuleSpecification ¶

func GetIPTablesRuleSpecification(rule, specification string) string

Types ¶

type Error ¶

type Error struct {
	exec.ExitError
	// contains filtered or unexported fields
}

Adds the output of stderr to exec.ExitError

func (*Error) Error ¶

func (e *Error) Error() string

func (*Error) ExitStatus ¶

func (e *Error) ExitStatus() int

func (*Error) IsNotExist ¶

func (e *Error) IsNotExist() bool

IsNotExist returns true if the error is due to the chain or rule not existing

type IPTables ¶

type IPTables struct {
	// contains filtered or unexported fields
}

func New ¶

func New(opts ...Option) (*IPTables, error)

New creates a new IPTables configured with the options passed as parameter. For backwards compatibility, by default always uses IPv4 and timeout 0. i.e. you can create an IPv6 IPTables using a timeout of 5 seconds passing the IPFamily and Timeout options as follow:

ip6t := New(IPFamily(ProtocolIPv6), Timeout(5))

func NewWithProtocol ¶

func NewWithProtocol(proto Protocol) (*IPTables, error)

New creates a new IPTables for the given proto. The proto will determine which command is used, either "iptables" or "ip6tables".

func (*IPTables) Append ¶

func (ipt *IPTables) Append(table, chain string, rulespec ...string) error

Append appends rulespec to specified table/chain

func (*IPTables) AppendUnique ¶

func (ipt *IPTables) AppendUnique(table, chain string, rulespec ...string) error

AppendUnique acts like Append except that it won't add a duplicate

func (*IPTables) ChainExists ¶

func (ipt *IPTables) ChainExists(table, chain string) (bool, error)

'-S' is fine with non existing rule index as long as the chain exists therefore pass index 1 to reduce overhead for large chains

func (*IPTables) ChangePolicy ¶

func (ipt *IPTables) ChangePolicy(table, chain, target string) error

ChangePolicy changes policy on chain to target

func (*IPTables) ClearAll ¶

func (ipt *IPTables) ClearAll() error

func (*IPTables) ClearAndDeleteChain ¶

func (ipt *IPTables) ClearAndDeleteChain(table, chain string) error

func (*IPTables) ClearChain ¶

func (ipt *IPTables) ClearChain(table, chain string) error

ClearChain flushed (deletes all rules) in the specified table/chain. If the chain does not exist, a new one will be created

func (*IPTables) Delete ¶

func (ipt *IPTables) Delete(table, chain string, rulespec ...string) error

Delete removes rulespec in specified table/chain

func (*IPTables) DeleteAll ¶

func (ipt *IPTables) DeleteAll() error

func (*IPTables) DeleteChain ¶

func (ipt *IPTables) DeleteChain(table, chain string) error

DeleteChain deletes the chain in the specified table. The chain must be empty

func (*IPTables) DeleteIfExists ¶

func (ipt *IPTables) DeleteIfExists(table, chain string, rulespec ...string) error

func (*IPTables) Exists ¶

func (ipt *IPTables) Exists(table, chain string, rulespec ...string) (bool, error)

Exists checks if given rulespec in specified table/chain exists

func (*IPTables) GetIptablesVersion ¶

func (ipt *IPTables) GetIptablesVersion() (int, int, int)

Return version components of the underlying iptables command

func (*IPTables) HasRandomFully ¶

func (ipt *IPTables) HasRandomFully() bool

Check if the underlying iptables command supports the --random-fully flag

func (*IPTables) Insert ¶

func (ipt *IPTables) Insert(table, chain string, pos int, rulespec ...string) error

Insert inserts rulespec to specified table/chain (in specified pos)

func (*IPTables) InsertUnique ¶

func (ipt *IPTables) InsertUnique(table, chain string, pos int, rulespec ...string) error

InsertUnique acts like Insert except that it won't insert a duplicate (no matter the position in the chain)

func (*IPTables) List ¶

func (ipt *IPTables) List(table, chain string) ([]string, error)

List rules in specified table/chain

func (*IPTables) ListByID ¶

func (ipt *IPTables) ListByID(table, chain string, id int) (string, error)

List rules in specified table/chain

func (*IPTables) ListChains ¶

func (ipt *IPTables) ListChains(table string) ([]string, error)

ListChains returns a slice containing the name of each chain in the specified table.

func (*IPTables) ListWithCounters ¶

func (ipt *IPTables) ListWithCounters(table, chain string) ([]string, error)

List rules (with counters) in specified table/chain

func (*IPTables) NewChain ¶

func (ipt *IPTables) NewChain(table, chain string) error

NewChain creates a new chain in the specified table. If the chain already exists, it will result in an error.

func (*IPTables) ParseStat ¶

func (ipt *IPTables) ParseStat(stat []string) (parsed Stat, err error)

ParseStat parses a single statistic row into a Stat struct. The input should be a string slice that is returned from calling the Stat method.

func (*IPTables) Proto ¶

func (ipt *IPTables) Proto() Protocol

Proto returns the protocol used by this IPTables.

func (*IPTables) RenameChain ¶

func (ipt *IPTables) RenameChain(table, oldChain, newChain string) error

RenameChain renames the old chain to the new one.

func (*IPTables) Stats ¶

func (ipt *IPTables) Stats(table, chain string) ([][]string, error)

Stats lists rules including the byte and packet counts

func (*IPTables) StructuredStats ¶

func (ipt *IPTables) StructuredStats(table, chain string) ([]Stat, error)

StructuredStats returns statistics as structured data which may be further parsed and marshaled.

type Option ¶

type Option func(*IPTables)

func EnableNFTables ¶

func EnableNFTables(enable bool) Option

func IPFamily ¶

func IPFamily(proto Protocol) Option

func Timeout ¶

func Timeout(timeout int) Option

type Protocol ¶

type Protocol byte

Protocol to differentiate between IPv4 and IPv6

const (
	ProtocolIPv4 Protocol = iota
	ProtocolIPv6
)

type Stat ¶

type Stat struct {
	Packets     uint64     `json:"pkts"`
	Bytes       uint64     `json:"bytes"`
	Target      string     `json:"target"`
	Protocol    string     `json:"prot"`
	Opt         string     `json:"opt"`
	Input       string     `json:"in"`
	Output      string     `json:"out"`
	Source      *net.IPNet `json:"source"`
	Destination *net.IPNet `json:"destination"`
	Options     string     `json:"options"`
}

Stat represents a structured statistic entry.

type Unlocker ¶

type Unlocker interface {
	Unlock() error
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL