package iptables
import "github.com/coreos/go-iptables/iptables"
Index ¶
- func IPFamily(proto Protocol) option
- func Path(path string) option
- func Timeout(timeout int) option
- type Error
- type IPTables
- func New(opts ...option) (*IPTables, error)
- func NewWithProtocol(proto Protocol) (*IPTables, error)
- func (ipt *IPTables) Append(table, chain string, rulespec ...string) error
- func (ipt *IPTables) AppendUnique(table, chain string, rulespec ...string) error
- func (ipt *IPTables) ChainExists(table, chain string) (bool, error)
- func (ipt *IPTables) ChangePolicy(table, chain, target string) error
- func (ipt *IPTables) ClearAll() error
- func (ipt *IPTables) ClearAndDeleteChain(table, chain string) error
- func (ipt *IPTables) ClearChain(table, chain string) error
- func (ipt *IPTables) Delete(table, chain string, rulespec ...string) error
- func (ipt *IPTables) DeleteAll() error
- func (ipt *IPTables) DeleteById(table, chain string, id int) error
- func (ipt *IPTables) DeleteChain(table, chain string) error
- func (ipt *IPTables) DeleteIfExists(table, chain string, rulespec ...string) error
- func (ipt *IPTables) Exists(table, chain string, rulespec ...string) (bool, error)
- func (ipt *IPTables) GetIptablesVersion() (int, int, int)
- func (ipt *IPTables) HasRandomFully() bool
- func (ipt *IPTables) Insert(table, chain string, pos int, rulespec ...string) error
- func (ipt *IPTables) InsertUnique(table, chain string, pos int, rulespec ...string) error
- func (ipt *IPTables) List(table, chain string) ([]string, error)
- func (ipt *IPTables) ListById(table, chain string, id int) (string, error)
- func (ipt *IPTables) ListChains(table string) ([]string, error)
- func (ipt *IPTables) ListWithCounters(table, chain string) ([]string, error)
- func (ipt *IPTables) NewChain(table, chain string) error
- func (ipt *IPTables) ParseStat(stat []string) (parsed Stat, err error)
- func (ipt *IPTables) Proto() Protocol
- func (ipt *IPTables) RenameChain(table, oldChain, newChain string) error
- func (ipt *IPTables) Replace(table, chain string, pos int, rulespec ...string) error
- func (ipt *IPTables) Stats(table, chain string) ([][]string, error)
- func (ipt *IPTables) StructuredStats(table, chain string) ([]Stat, error)
- type Protocol
- type Stat
- type Unlocker
Functions ¶
func IPFamily ¶
func IPFamily(proto Protocol) option
func Path ¶
func Path(path string) option
func Timeout ¶
func Timeout(timeout int) option
Types ¶
type Error ¶
Adds the output of stderr to exec.ExitError
func (*Error) Error ¶
func (*Error) ExitStatus ¶
func (*Error) IsNotExist ¶
IsNotExist returns true if the error is due to the chain or rule not existing
type IPTables ¶
type IPTables struct {
// contains filtered or unexported fields
}
func New ¶
New creates a new IPTables configured with the options passed as parameters. Supported parameters are:
IPFamily(Protocol) Timeout(int) Path(string)
For backwards compatibility, by default New uses IPv4 and timeout 0. i.e. you can create an IPv6 IPTables using a timeout of 5 seconds passing the IPFamily and Timeout options as follow:
ip6t := New(IPFamily(ProtocolIPv6), Timeout(5))
func NewWithProtocol ¶
New creates a new IPTables for the given proto. The proto will determine which command is used, either "iptables" or "ip6tables".
func (*IPTables) Append ¶
Append appends rulespec to specified table/chain
func (*IPTables) AppendUnique ¶
AppendUnique acts like Append except that it won't add a duplicate
func (*IPTables) ChainExists ¶
'-S' is fine with non existing rule index as long as the chain exists therefore pass index 1 to reduce overhead for large chains
func (*IPTables) ChangePolicy ¶
ChangePolicy changes policy on chain to target
func (*IPTables) ClearAll ¶
func (*IPTables) ClearAndDeleteChain ¶
func (*IPTables) ClearChain ¶
ClearChain flushed (deletes all rules) in the specified table/chain. If the chain does not exist, a new one will be created
func (*IPTables) Delete ¶
Delete removes rulespec in specified table/chain
func (*IPTables) DeleteAll ¶
func (*IPTables) DeleteById ¶
DeleteById deletes the rule with the specified ID in the given table and chain.
func (*IPTables) DeleteChain ¶
DeleteChain deletes the chain in the specified table. The chain must be empty
func (*IPTables) DeleteIfExists ¶
func (*IPTables) Exists ¶
Exists checks if given rulespec in specified table/chain exists
func (*IPTables) GetIptablesVersion ¶
Return version components of the underlying iptables command
func (*IPTables) HasRandomFully ¶
Check if the underlying iptables command supports the --random-fully flag
func (*IPTables) Insert ¶
Insert inserts rulespec to specified table/chain (in specified pos)
func (*IPTables) InsertUnique ¶
InsertUnique acts like Insert except that it won't insert a duplicate (no matter the position in the chain)
func (*IPTables) List ¶
List rules in specified table/chain
func (*IPTables) ListById ¶
List rules in specified table/chain
func (*IPTables) ListChains ¶
ListChains returns a slice containing the name of each chain in the specified table.
func (*IPTables) ListWithCounters ¶
List rules (with counters) in specified table/chain
func (*IPTables) NewChain ¶
NewChain creates a new chain in the specified table. If the chain already exists, it will result in an error.
func (*IPTables) ParseStat ¶
ParseStat parses a single statistic row into a Stat struct. The input should be a string slice that is returned from calling the Stat method.
func (*IPTables) Proto ¶
Proto returns the protocol used by this IPTables.
func (*IPTables) RenameChain ¶
RenameChain renames the old chain to the new one.
func (*IPTables) Replace ¶
Replace replaces rulespec to specified table/chain (in specified pos)
func (*IPTables) Stats ¶
Stats lists rules including the byte and packet counts
func (*IPTables) StructuredStats ¶
StructuredStats returns statistics as structured data which may be further parsed and marshaled.
type Protocol ¶
type Protocol byte
Protocol to differentiate between IPv4 and IPv6
type Stat ¶
type Stat struct {
Packets uint64 `json:"pkts"`
Bytes uint64 `json:"bytes"`
Target string `json:"target"`
Protocol string `json:"prot"`
Opt string `json:"opt"`
Input string `json:"in"`
Output string `json:"out"`
Source *net.IPNet `json:"source"`
Destination *net.IPNet `json:"destination"`
Options string `json:"options"`
}
Stat represents a structured statistic entry.
type Unlocker ¶
type Unlocker interface {
Unlock() error
}
Source Files ¶
- Version
- v0.8.0 (latest)
- Published
- Aug 27, 2024
- Platform
- linux/amd64
- Imports
- 11 packages
- Last checked
- 3 months ago –
Tools for package owners.