iptables

package
v1.8.7-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 21, 2017 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package iptables provides an interface and implementations for running iptables commands.

Index

Constants

View Source 
const LockfilePath16x = "/run/xtables.lock"
View Source 
const MinCheckVersion = "1.4.11"

Versions of iptables less than this do not support the -C / --check flag (test whether a rule exists).

View Source 
const MinWait2Version = "1.4.22"
View Source 
const MinWaitVersion = "1.4.20"

Minimum iptables versions supporting the -w and -w2 flags

Variables

This section is empty.

Functions

func GetChainLines added in v1.3.0 

func GetChainLines(table Table, save []byte) map[Chain]string

GetChainLines parses a table's iptables-save data to find chains in the table. It returns a map of iptables.Chain to string where the string is the chain line from the save (with counters etc).

func IsNotFoundError added in v1.2.0 

func IsNotFoundError(err error) bool

IsNotFoundError returns true if the error indicates "not found". It parses the error string looking for known values, which is imperfect but works in practice.

func MakeChainLine added in v1.3.0 

func MakeChainLine(chain Chain) string

MakeChainLine return an iptables-save/restore formatted chain line given a Chain

func ReadLine added in v1.3.0 

func ReadLine(readIndex int, byteArray []byte) (string, int)

Types

type Chain 

type Chain string
const (
	ChainPostrouting Chain = "POSTROUTING"
	ChainPrerouting  Chain = "PREROUTING"
	ChainOutput      Chain = "OUTPUT"
	ChainInput       Chain = "INPUT"
	ChainForward     Chain = "FORWARD"
)

type FlushFlag added in v1.1.0 

type FlushFlag bool

Option flag for Flush 

const FlushTables FlushFlag = true
const NoFlushTables FlushFlag = false

type Interface 

type Interface interface {
	// GetVersion returns the "X.Y.Z" version string for iptables.
	GetVersion() (string, error)
	// EnsureChain checks if the specified chain exists and, if not, creates it.  If the chain existed, return true.
	EnsureChain(table Table, chain Chain) (bool, error)
	// FlushChain clears the specified chain.  If the chain did not exist, return error.
	FlushChain(table Table, chain Chain) error
	// DeleteChain deletes the specified chain.  If the chain did not exist, return error.
	DeleteChain(table Table, chain Chain) error
	// EnsureRule checks if the specified rule is present and, if not, creates it.  If the rule existed, return true.
	EnsureRule(position RulePosition, table Table, chain Chain, args ...string) (bool, error)
	// DeleteRule checks if the specified rule is present and, if so, deletes it.
	DeleteRule(table Table, chain Chain, args ...string) error
	// IsIpv6 returns true if this is managing ipv6 tables
	IsIpv6() bool
	// SaveInto calls `iptables-save` for table and stores result in a given buffer.
	SaveInto(table Table, buffer *bytes.Buffer) error
	// Restore runs `iptables-restore` passing data through []byte.
	// table is the Table to restore
	// data should be formatted like the output of SaveInto()
	// flush sets the presence of the "--noflush" flag. see: FlushFlag
	// counters sets the "--counters" flag. see: RestoreCountersFlag
	Restore(table Table, data []byte, flush FlushFlag, counters RestoreCountersFlag) error
	// RestoreAll is the same as Restore except that no table is specified.
	RestoreAll(data []byte, flush FlushFlag, counters RestoreCountersFlag) error
	// AddReloadFunc adds a function to call on iptables reload
	AddReloadFunc(reloadFunc func())
	// Destroy cleans up resources used by the Interface
	Destroy()
}

An injectable interface for running iptables commands. Implementations must be goroutine-safe.

func New 

func New(exec utilexec.Interface, dbus utildbus.Interface, protocol Protocol) Interface

New returns a new Interface which will exec iptables.

type Protocol added in v0.5.1 

type Protocol byte
const (
	ProtocolIpv4 Protocol = iota + 1
	ProtocolIpv6
)

type RestoreCountersFlag added in v1.1.0 

type RestoreCountersFlag bool

Option flag for Restore 

const NoRestoreCounters RestoreCountersFlag = false
const RestoreCounters RestoreCountersFlag = true

type RulePosition added in v0.18.0 

type RulePosition string
const (
	Prepend RulePosition = "-I"
	Append  RulePosition = "-A"
)

type Table 

type Table string
const (
	TableNAT    Table = "nat"
	TableFilter Table = "filter"
)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳