iptables

package
v1.1.3-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 19, 2015 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package iptables provides an interface and implementations for running iptables commands.

Index

Constants

View Source 
const MinCheckVersion = "1.4.11"

Versions of iptables less than this do not support the -C / --check flag (test whether a rule exists).

View Source 
const MinWait2Version = "1.4.22"
View Source 
const MinWaitVersion = "1.4.20"

Minimum iptables versions supporting the -w and -w2 flags

Variables

This section is empty.

Functions

func GetIptablesVersionString added in v1.1.0 

func GetIptablesVersionString(exec utilexec.Interface) (string, error)

GetIptablesVersionString runs "iptables --version" to get the version string in the form "X.X.X"

Types

type Chain 

type Chain string
const (
	ChainPostrouting Chain = "POSTROUTING"
	ChainPrerouting  Chain = "PREROUTING"
	ChainOutput      Chain = "OUTPUT"
)

type FlushFlag added in v1.1.0 

type FlushFlag bool

Option flag for Restore 

const FlushTables FlushFlag = true
const NoFlushTables FlushFlag = false

type Interface 

type Interface interface {
	// EnsureChain checks if the specified chain exists and, if not, creates it.  If the chain existed, return true.
	EnsureChain(table Table, chain Chain) (bool, error)
	// FlushChain clears the specified chain.  If the chain did not exist, return error.
	FlushChain(table Table, chain Chain) error
	// DeleteChain deletes the specified chain.  If the chain did not exist, return error.
	DeleteChain(table Table, chain Chain) error
	// EnsureRule checks if the specified rule is present and, if not, creates it.  If the rule existed, return true.
	EnsureRule(position RulePosition, table Table, chain Chain, args ...string) (bool, error)
	// DeleteRule checks if the specified rule is present and, if so, deletes it.
	DeleteRule(table Table, chain Chain, args ...string) error
	// IsIpv6 returns true if this is managing ipv6 tables
	IsIpv6() bool
	// TODO: (BenTheElder) Unit-Test Save/SaveAll, Restore/RestoreAll
	// Save calls `iptables-save` for table.
	Save(table Table) ([]byte, error)
	// SaveAll calls `iptables-save`.
	SaveAll() ([]byte, error)
	// Restore runs `iptables-restore` passing data through a temporary file.
	// table is the Table to restore
	// data should be formatted like the output of Save()
	// flush sets the presence of the "--noflush" flag. see: FlushFlag
	// counters sets the "--counters" flag. see: RestoreCountersFlag
	Restore(table Table, data []byte, flush FlushFlag, counters RestoreCountersFlag) error
	// RestoreAll is the same as Restore except that no table is specified.
	RestoreAll(data []byte, flush FlushFlag, counters RestoreCountersFlag) error
	// AddReloadFunc adds a function to call on iptables reload
	AddReloadFunc(reloadFunc func())
	// Destroy cleans up resources used by the Interface
	Destroy()
}

An injectable interface for running iptables commands. Implementations must be goroutine-safe.

func New 

func New(exec utilexec.Interface, dbus utildbus.Interface, protocol Protocol) Interface

New returns a new Interface which will exec iptables.

type Protocol added in v0.5.1 

type Protocol byte
const (
	ProtocolIpv4 Protocol = iota + 1
	ProtocolIpv6
)

type RestoreCountersFlag added in v1.1.0 

type RestoreCountersFlag bool

Option flag for Restore 

const NoRestoreCounters RestoreCountersFlag = false
const RestoreCounters RestoreCountersFlag = true

type RulePosition added in v0.18.0 

type RulePosition string
const (
	Prepend RulePosition = "-I"
	Append  RulePosition = "-A"
)

type Table 

type Table string
const (
	TableNAT Table = "nat"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳