Documentation ¶
Index ¶
- Constants
- func AddCustomTable(table string)
- func AppExists(app string) bool
- func CommentExists(comment string) bool
- func DeleteAllMatchingApp(app string) error
- func DeleteAllMatchingComments(comment string) error
- func DeleteAllMatchingId(id string) error
- func DeleteAllMatchingName(name string) error
- func DeleteByApp(app string) error
- func DeleteByComment(comment string) error
- func DeleteById(id string) error
- func DeleteByName(name string) error
- func EnumerateChains(table string) (chains []string, err error)
- func EnumerateRules(table string, chain string) (rules []string, err error)
- func EnumerateUsedTables() (tables []string, err error)
- func GetInvertPattern(inverted bool) string
- func GetIptablesBinaryPath(ipVer IPVer) (cmd string, err error)
- func GetRuleIndex(table string, chain string, ipVer IPVer) (ruleNum int, err error)
- func IdExists(id string) bool
- func NameExists(name string) bool
- type Action
- type Chain
- type Cmd
- type ConnMarkType
- type Controller
- type CounterValues
- type IPVer
- type ITarget
- type InvertableString
- type Rule
- type RuleLocation
- func FindRuleByApp(app string) (location *RuleLocation, err error)
- func FindRuleByComment(comment string) (location *RuleLocation, err error)
- func FindRuleByCommentWithPrefix(comment string, prefix *string) (location *RuleLocation, err error)
- func FindRuleById(id string) (location *RuleLocation, err error)
- func FindRuleByName(name string) (location *RuleLocation, err error)
- type Table
- type Target
- type TargetBalance
- type TargetClassify
- type TargetConnMark
- type TargetDNat
- type TargetDSCP
- type TargetDSCPClass
- type TargetGoto
- type TargetJump
- type TargetSNat
Constants ¶
const ( TargetAccept string = "ACCEPT" TargetDrop string = "DROP" TargetQueue string = "QUEUE" TargetReturn string = "RETURN" )
These constants are commonly used targets
const ( ChainInput string = "INPUT" ChainOutput string = "OUTPUT" ChainForward string = "FORWARD" ChainPreRouting string = "PREROUTING" ChainPostRouting string = "POSTROUTING" )
These constants are commonly used chains
const ( TableRaw string = "raw" TableFilter string = "filter" TableNat string = "nat" TableMangle string = "mangle" TableSecurity string = "security" )
These constants are the default tables
const ( ConnMarkTypeSet = iota ConnMarkTypeSave ConnMarkTypeRestore )
const ( TargetConnMarkSet string = "--set-mark" TargetConnMarkSave string = "--save-mark" TargetConnMarkRestore string = "--restore-mark" )
const ( TargetDSCPStr string = "--set-dscp" TargetDSCPClassStr string = "--set-dscp-class" )
const (
TargetBalanceStr string = "--to-destination"
)
const (
TargetClassifyStr string = "--set-class"
)
const (
TargetDNatStr string = "--to-destination"
)
const (
TargetGotoStr string = "--goto"
)
const (
TargetJumpStr string = "--jump"
)
const (
TargetSNatStr string = "--to-source"
)
Variables ¶
This section is empty.
Functions ¶
func AddCustomTable ¶
func AddCustomTable(table string)
func CommentExists ¶
func DeleteAllMatchingApp ¶
func DeleteAllMatchingId ¶
func DeleteAllMatchingName ¶
func DeleteByApp ¶
func DeleteByComment ¶
func DeleteById ¶
func DeleteByName ¶
func EnumerateChains ¶
func EnumerateUsedTables ¶
func GetInvertPattern ¶
func GetIptablesBinaryPath ¶
func GetRuleIndex ¶
func NameExists ¶
Types ¶
type Action ¶
type Action string
Action is a type that represents the valid actions for a rule to take
type Cmd ¶
type Cmd string
Cmd represents the commands that are supported by iptables
const ( CmdAppend Cmd = "append" CmdDelete Cmd = "delete" CmdInsert Cmd = "insert" CmdReplace Cmd = "replace" CmdList Cmd = "list" CmdFlush Cmd = "flush" CmdZero Cmd = "zero" CmdNewChain Cmd = "new-chain" CmdDeleteChain Cmd = "delete-chain" CmdPolicy Cmd = "policy" CmdRenameChain Cmd = "rename-chain" )
These constants are the valid values that can be used to represent commands
type ConnMarkType ¶
type ConnMarkType int
type Controller ¶
type Controller struct { }
Controller represents the interface to iptables. It is essentially just a wrapper around exec with some state and helper functions.
type CounterValues ¶
type CounterValues struct { Packets int `json:"packets,omitempty" yaml:"packets" xml:"packets"` Bytes int `json:"bytes,omitempty" yaml:"bytes" xml:"bytes"` }
CounterValues is a helper type that wraps the packet and byte counters used when setting the counter values for a new rule
type InvertableString ¶
type InvertableString struct { Value string `json:"value,omitempty" yaml:"value" xml:"value"` Inverted bool `json:"inverted,omitempty" yaml:"inverted" xml:"inverted"` }
InvertableString is a helper type that wraps a string value with a flag that tells iptables if it should be inverted in the command
type Rule ¶
type Rule struct { Id string `json:"id,omitempty" yaml:"id" xml:"id"` Name string `json:"name,omitempty" yaml:"name" xml:"name"` App string `json:"-" yaml:"-" xml:"-"` Table string `json:"table,omitempty" yaml:"table" xml:"table"` Chain string `json:"chain,omitempty" yaml:"chain" xml:"chain"` Target ITarget `json:"target,omitempty" yaml:"target" xml:"target"` Command Cmd `json:"command,omitempty" yaml:"command" xml:"command"` Protocol InvertableString `json:"protocol,omitempty" yaml:"protocol" xml:"protocol"` Source InvertableString `json:"source,omitempty" yaml:"source" xml:"source"` Destination InvertableString `json:"destination,omitempty" yaml:"destination" xml:"destination"` SourcePort InvertableString `json:"source_port,omitempty" yaml:"source_port" xml:"source_port"` DestinationPort InvertableString `json:"destination_port,omitempty" yaml:"destination_port" xml:"destination_port"` InputInterface InvertableString `json:"input_interface,omitempty" yaml:"input_interface" xml:"input_interface"` OutputInterface InvertableString `json:"output_interface,omitempty" yaml:"output_interface" xml:"output_interface"` Counters CounterValues `json:"counters,omitempty" yaml:"counters" xml:"counters"` ViewOnly bool `json:"view_only,omitempty" yaml:"view_only" xml:"view_only"` RuleNumber int `json:"rule_number,omitempty" yaml:"rule_number" xml:"rule_number"` Debug bool `json:"debug,omitempty" yaml:"debug" xml:"debug"` Valid bool `json:"valid,omitempty" yaml:"valid" xml:"valid"` Applied bool `json:"applied,omitempty" yaml:"applied" xml:"applied"` IpVersion IPVer `json:"ip_version,omitempty" yaml:"ip_version" xml:"ip_version"` }
Rule represents a rule which can be added to or removed from iptables.
type RuleLocation ¶
func FindRuleByApp ¶
func FindRuleByApp(app string) (location *RuleLocation, err error)
func FindRuleByComment ¶
func FindRuleByComment(comment string) (location *RuleLocation, err error)
func FindRuleByCommentWithPrefix ¶
func FindRuleByCommentWithPrefix(comment string, prefix *string) (location *RuleLocation, err error)
func FindRuleById ¶
func FindRuleById(id string) (location *RuleLocation, err error)
func FindRuleByName ¶
func FindRuleByName(name string) (location *RuleLocation, err error)
type TargetBalance ¶
type TargetBalance struct { StartingIpAddress string `json:"starting_ip_address" yaml:"starting_ip_address" xml:"starting_ip_address"` EndingIpAddress string `json:"ending_ip_address" yaml:"ending_ip_address" xml:"ending_ip_address"` }
func (TargetBalance) String ¶
func (t TargetBalance) String() string
func (TargetBalance) Validate ¶
func (t TargetBalance) Validate(rule Rule) error
type TargetClassify ¶
type TargetClassify struct { Major int `json:"major" yaml:"major" xml:"major"` Minor int `json:"minor" yaml:"minor" xml:"minor"` }
func (TargetClassify) String ¶
func (t TargetClassify) String() string
func (TargetClassify) Validate ¶
func (t TargetClassify) Validate(rule Rule) error
type TargetConnMark ¶
type TargetConnMark struct { MarkType ConnMarkType `json:"mark_type" yaml:"mark_type" xml:"mark_type"` Value int `json:"value" yaml:"value" xml:"value"` }
func (TargetConnMark) String ¶
func (t TargetConnMark) String() string
func (TargetConnMark) Validate ¶
func (t TargetConnMark) Validate(rule Rule) error
Returns if the target is valid when applied with the specified rule
type TargetDNat ¶
type TargetDNat struct { DestinationIp string `json:"destination_ip" yaml:"destination_ip" xml:"destination_ip"` DestinationIpRange string `json:"destination_ip_range" yaml:"destination_ip_range" xml:"destination_ip_range"` DestinationPort string `json:"destination_port" yaml:"destination_port" xml:"destination_port"` DestinationPortRange string `json:"destination_port_range" yaml:"destination_port_range" xml:"destination_port_range"` }
func (TargetDNat) String ¶
func (t TargetDNat) String() string
func (TargetDNat) Validate ¶
func (t TargetDNat) Validate(rule Rule) error
Returns if the target is valid when applied with the specified rule
type TargetDSCP ¶
type TargetDSCP struct {
Value int `json:"value" yaml:"value" xml:"value"`
}
func (TargetDSCP) String ¶
func (t TargetDSCP) String() string
func (TargetDSCP) Validate ¶
func (t TargetDSCP) Validate(rule Rule) error
Returns if the target is valid when applied with the specified rule
type TargetDSCPClass ¶
type TargetDSCPClass struct {
Class string `json:"class" yaml:"class" xml:"class"`
}
func (TargetDSCPClass) String ¶
func (t TargetDSCPClass) String() string
func (TargetDSCPClass) Valid ¶
func (t TargetDSCPClass) Valid(rule Rule) bool
Returns if the target is valid when applied with the specified rule
type TargetGoto ¶
type TargetGoto struct {
Value string `json:"value" yaml:"value" xml:"value"`
}
func (TargetGoto) String ¶
func (t TargetGoto) String() string
func (TargetGoto) Validate ¶
func (t TargetGoto) Validate(rule Rule) error
Returns if the target is valid when applied with the specified rule
type TargetJump ¶
type TargetJump struct {
Value string `json:"value" yaml:"value" xml:"value"`
}
func (TargetJump) String ¶
func (t TargetJump) String() string
func (TargetJump) Validate ¶
func (t TargetJump) Validate(rule Rule) error
Returns if the target is valid when applied with the specified rule
type TargetSNat ¶
type TargetSNat struct { SourceIp string `json:"source_ip" yaml:"source_ip" xml:"source_ip"` SourceIpRange string `json:"source_ip_range" yaml:"source_ip_range" xml:"source_ip_range"` SourcePort string `json:"source_port" yaml:"source_port" xml:"source_port"` SourcePortRange string `json:"source_port_range" yaml:"source_port_range" xml:"source_port_range"` }
func (TargetSNat) String ¶
func (t TargetSNat) String() string
func (TargetSNat) Validate ¶
func (t TargetSNat) Validate(rule Rule) error
Returns if the target is valid when applied with the specified rule