firewall

package

v0.0.0-...-683b059 Latest Latest Go to latest Published: Apr 23, 2022 License: BSD-3-Clause Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

chromium.googlesource.com/chromiumos/platform/tast-tests

Documentation ¶

Overview ¶

Package firewall wraps basic iptables call to control filtering of incoming/outgoing traffic.

Index ¶

func ExecuteCommand(ctx context.Context, conn *ssh.Conn, ruleOpt ...RuleOption) error
type Chain
type Command
type L4Proto
type RuleOption
type Target

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ExecuteCommand ¶

func ExecuteCommand(ctx context.Context, conn *ssh.Conn, ruleOpt ...RuleOption) error

ExecuteCommand Adds/deletes an iptables rule.

Types ¶

type Chain ¶

type Chain string

Chain with rules

const (
	// InputChain chain for packets meant for delivery to local sockets.
	InputChain Chain = "INPUT"
	// OutputChain chain for locally-generated packets.
	OutputChain Chain = "OUTPUT"
	// ForwardChain chain for packets being routed through the box.
	ForwardChain Chain = "FORWARD"
)

type Command ¶

type Command string

Command is an enum type defining firewall command.

const (
	// CommandAppend add rule.
	CommandAppend Command = "-A"
	// CommandDelete del rule.
	CommandDelete = "-D"
)

type L4Proto ¶

type L4Proto string

L4Proto is an enum type describing layer 4 protocol to filter.

const (
	// L4ProtoTCP Layer 4 protocol: TCP.
	L4ProtoTCP L4Proto = "tcp"
	// L4ProtoUDP Layer 4 protocol: UDP.
	L4ProtoUDP = "udp"
)

type RuleOption ¶

type RuleOption func(*[]string)

RuleOption is used to provide extra options for iptables to filter by.

func OptionAppendRule ¶

func OptionAppendRule(chain Chain) RuleOption

OptionAppendRule appends a new rule to a given chain.

func OptionDPort ¶

func OptionDPort(port int) RuleOption

OptionDPort sets up the destination port option to a single value.

func OptionDPortRange ¶

func OptionDPortRange(portFrom, portTo int) RuleOption

OptionDPortRange sets up the destination port option to a value range.

func OptionDeleteRule ¶

func OptionDeleteRule(chain Chain) RuleOption

OptionDeleteRule deletes a rule from a given chain.

func OptionJumpTarget ¶

func OptionJumpTarget(target Target) RuleOption

OptionJumpTarget sets up the target option to request jump to a new chain.

func OptionProto ¶

func OptionProto(proto L4Proto) RuleOption

OptionProto sets up the Layer4 protocol option.

func OptionWait ¶

func OptionWait(seconds int) RuleOption

OptionWait sets up the wait time for xtables lock.

type Target ¶

type Target string

Target is an enum type defining rule target.

const (
	// TargetAccept accepts packet and stops processing rules.
	TargetAccept Target = "ACCEPT"
	// TargetDrop drops packet silently and stops processing rules.
	TargetDrop Target = "DROP"
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL