iptables

package

v0.0.0-...-f021cd2 Latest Latest Go to latest Published: Apr 20, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/squat/kilo

Links

Open Source Insights

Documentation ¶

Index ¶

type Client
type Controller
- func New(opts ...ControllerOption) (*Controller, error)
type ControllerOption
type Protocol
- func GetProtocol(ip net.IP) Protocol
type Rule
type RuleSet

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client interface {
	AppendUnique(table string, chain string, rule ...string) error
	InsertUnique(table, chain string, pos int, rule ...string) error
	Delete(table string, chain string, rule ...string) error
	Exists(table string, chain string, rule ...string) (bool, error)
	List(table string, chain string) ([]string, error)
	ClearChain(table string, chain string) error
	DeleteChain(table string, chain string) error
	NewChain(table string, chain string) error
	ListChains(table string) ([]string, error)
}

Client represents any type that can administer iptables rules.

type Controller ¶

type Controller struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Controller is able to reconcile a given set of iptables rules.

func New ¶

func New(opts ...ControllerOption) (*Controller, error)

New generates a new iptables rules controller. If no options are given, IPv4 and IPv6 clients will be instantiated using the regular iptables backend.

func (*Controller) CleanUp ¶

func (c *Controller) CleanUp() error

CleanUp will clean up any rules created by the controller.

func (*Controller) Run ¶

func (c *Controller) Run(stop <-chan struct{}) (<-chan error, error)

Run watches for changes to iptables rules and reconciles the rules against the desired state.

func (*Controller) Set ¶

func (c *Controller) Set(rules RuleSet) error

Set idempotently overwrites any iptables rules previously defined for the controller with the given set of rules.

type ControllerOption ¶

type ControllerOption func(h *Controller)

ControllerOption modifies the controller's configuration.

func WithClients ¶

func WithClients(v4, v6 Client) ControllerOption

WithClients adds iptables clients to the controller.

func WithLogger ¶

func WithLogger(logger log.Logger) ControllerOption

WithLogger adds a logger to the controller.

func WithRegisterer ¶

func WithRegisterer(registerer prometheus.Registerer) ControllerOption

func WithResyncPeriod ¶

func WithResyncPeriod(resyncPeriod time.Duration) ControllerOption

WithResyncPeriod modifies how often the controller reconciles.

type Protocol ¶

type Protocol byte

Protocol represents an IP protocol.

const (
	// ProtocolIPv4 represents the IPv4 protocol.
	ProtocolIPv4 Protocol = iota
	// ProtocolIPv6 represents the IPv6 protocol.
	ProtocolIPv6
)

func GetProtocol ¶

func GetProtocol(ip net.IP) Protocol

GetProtocol will return a protocol from the length of an IP address.

type Rule ¶

type Rule interface {
	Append(Client) error
	Prepend(Client) error
	Delete(Client) error
	Exists(Client) (bool, error)
	String() string
	Proto() Protocol
}

Rule is an interface for interacting with iptables objects.

func NewIPv4Chain ¶

func NewIPv4Chain(table, name string) Rule

NewIPv4Chain creates a new iptables chain in the given table.

func NewIPv4Rule ¶

func NewIPv4Rule(table, chain string, spec ...string) Rule

NewIPv4Rule creates a new iptables rule in the given table and chain.

func NewIPv6Chain ¶

func NewIPv6Chain(table, name string) Rule

NewIPv6Chain creates a new ip6tables chain in the given table.

func NewIPv6Rule ¶

func NewIPv6Rule(table, chain string, spec ...string) Rule

NewIPv6Rule creates a new ip6tables rule in the given table and chain.

func NewRule ¶

func NewRule(proto Protocol, table, chain string, spec ...string) Rule

NewRule creates a new iptables or ip6tables rule in the given table and chain depending on the given protocol.

type RuleSet ¶

type RuleSet struct {
	// contains filtered or unexported fields
}

func (*RuleSet) AddToAppend ¶

func (rs *RuleSet) AddToAppend(rule Rule)

func (*RuleSet) AddToPrepend ¶

func (rs *RuleSet) AddToPrepend(rule Rule)

func (*RuleSet) AppendRuleSet ¶

func (rs *RuleSet) AppendRuleSet(other RuleSet) RuleSet

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL