iptables

package

v0.0.0-...-9bf6a48 Latest Latest Go to latest Published: May 5, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ovn-org/ovn-kubernetes

Links

Open Source Insights

Documentation ¶

Index ¶

func AddRules(rules []Rule, append bool) error
func DelRules(rules []Rule) error
func RestoreRulesFiltered(rules []Rule, filter map[string]map[string]struct{}) error
type Controller
- func NewController() *Controller
type Rule
type RuleArg

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AddRules ¶

func AddRules(rules []Rule, append bool) error

AddRules adds the given rules to iptables.

func DelRules ¶

func DelRules(rules []Rule) error

DelRules deletes the given rules from iptables.

func RestoreRulesFiltered ¶

func RestoreRulesFiltered(rules []Rule, filter map[string]map[string]struct{}) error

RestoreRulesFiltered adds the given rules to iptables. filter is a map[table][chain] of valid tables/chains to use for filtering rules to be added. If no rule exists for the filter, the chain will still be restored as empty.

Types ¶

type Controller ¶

type Controller struct {
	// contains filtered or unexported fields
}

Controller manages iptables for clients

func NewController ¶

func NewController() *Controller

NewController creates a controller to manage chains and rules. Provides functionality to "own" a chain which allows consumers to ensure only the rules submitted to the controller persist and unmanaged rules are removed. If a chain is unowned, then only the rules that are submitted persist.

func (*Controller) DeleteRule ¶

func (c *Controller) DeleteRule(table iptables.Table, chain iptables.Chain, proto iptables.Protocol, ruleArg RuleArg) error

DeleteRule deletes an iptable rule

func (*Controller) EnsureRule ¶

func (c *Controller) EnsureRule(table iptables.Table, chain iptables.Chain, proto iptables.Protocol, ruleArg RuleArg) error

EnsureRule adds an iptable rule that will persist until deleted

func (*Controller) GetChainRuleArgs ¶

func (c *Controller) GetChainRuleArgs(table iptables.Table, chain iptables.Chain, proto iptables.Protocol) ([]RuleArg, error)

func (*Controller) GetIPv4ChainRuleArgs ¶

func (c *Controller) GetIPv4ChainRuleArgs(table iptables.Table, chain iptables.Chain) ([]RuleArg, error)

GetIPv4ChainRuleArgs returns IPv4 RuleArgs

func (*Controller) GetIPv6ChainRuleArgs ¶

func (c *Controller) GetIPv6ChainRuleArgs(table iptables.Table, chain iptables.Chain) ([]RuleArg, error)

GetIPv6ChainRuleArgs returns IPv6 RuleArgs

func (*Controller) OwnChain ¶

func (c *Controller) OwnChain(table iptables.Table, chain iptables.Chain, proto iptables.Protocol) error

OwnChain ensures this chain exists and any rules within it this component exclusively owns. Any rules that we do not manage for this chain will be removed.

func (*Controller) Run ¶

func (c *Controller) Run(stopCh <-chan struct{}, syncPeriod time.Duration)

type Rule ¶

type Rule struct {
	Table    string
	Chain    string
	Args     []string
	Protocol iptables.Protocol
}

Rule represents an iptables rule.

type RuleArg ¶

type RuleArg struct {
	Args []string
}

RuleArg represents a single iptables rule entry

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL