firewalld

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 30, 2024 License: MIT Imports: 5 Imported by: 0

README

go-firewalld

firewalld go client

Installation

go get gitee.com/weidongkl/go-firewalld

Quickstart

package main

import (
	"gitee.com/weidongkl/go-firewalld"
	"log"
)

func main() {
	client, err := firewalld.NewClient(&firewalld.Options{})
	if err != nil {
		log.Fatalf("NewClient failed: %s", err)
	}
	log.Println("version: ", firewalld.Version())
	zone, _ := client.GetDefaultZone()
	log.Println("default zone: ", zone)
}

For advanced usage, please refer to example

Contributing

  1. Fork the repository.
  2. Create a new branch for your feature.
  3. Commit your changes.
  4. Push the branch.
  5. Create a pull request.

License

This project is licensed under the MIT License.

Contact

For any questions or issues, please contact weidongkx@gmail.com.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	NotSupportPermanentErr = errors.New("this method not supported permanent call")
	UnimplementedErr       = errors.New("this method is not yet implemented")
	NotSupportRuntimeErr   = errors.New("this method not supported Runtime call")
)

Functions

func Version 

func Version() string

Version is the current release version.

Types

type ActivateZone 

type ActivateZone struct {
	Interfaces []string
	Sources    []string
}

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(opt *Options) (*Client, error)

func (*Client) AddForwardPort 

func (c *Client) AddForwardPort(zone, port, protocol, toPort, toAddress string, timeout int) error

AddForwardPort Add the IPv4 forward port into zone. If zone is empty, use default zone. The port can either be a single port number portid or a port range portid-portid. The protocol can either be tcp or udp. The destination address is a simple IP address. If timeout(The timeout configuration does not take effect for permanent configuration) is non-zero, the operation will be active only for the amount of seconds.

func (*Client) AddInterface 

func (c *Client) AddInterface(zone, interFace string) error

AddInterface Bind interface with zone.

func (*Client) AddPort 

func (c *Client) AddPort(zone, port, protocol string, timeout int) error

AddPort when the timeout((The timeout configuration does not take effect for permanent configuration) is set to 0, the timeout is ignored.

func (*Client) AddProtocol 

func (c *Client) AddProtocol(zone, protocol string, timeout int) error

AddProtocol add protocol into zone. The protocol can be any protocol supported by the system. Please have a look at /etc/protocols for supported protocols.

func (*Client) AddRichRule 

func (c *Client) AddRichRule(zone, rule string, timeout int) error

AddRichRule add rule to list of rich-language rules in zone.

func (*Client) AddService 

func (c *Client) AddService(zone, service string, timeout int) error

AddService Add service into zone. If timeout is non-zero, the operation will be active only for the amount of seconds.

func (*Client) AddSource 

func (c *Client) AddSource(zone, source string, timeout int) error

AddSource add source to list of source addresses bound to zone.

func (*Client) AddSourcePort 

func (c *Client) AddSourcePort(zone, port, protocol string, timeout int) error

AddSourcePort add (port, protocol) to list of source ports of zone.

func (*Client) AddZone 

func (c *Client) AddZone(zoneSet ZoneSetting) (err error)

AddZone Add zone with given settings into permanent configuration.

func (*Client) CallMethod 

func (c *Client) CallMethod(method string, args ...interface{}) (*dbus.Call, error)

func (*Client) CallPermanentServiceMethod 

func (c *Client) CallPermanentServiceMethod(svcId int, method string, args ...interface{}) (*dbus.Call, error)

func (*Client) CallPermanentServiceMethod2 

func (c *Client) CallPermanentServiceMethod2(svc string, method string, args ...interface{}) (*dbus.Call, error)

func (*Client) CallPermanentZoneMethod 

func (c *Client) CallPermanentZoneMethod(zoneId int, method string, args ...interface{}) (*dbus.Call, error)

func (*Client) CallPermanentZoneMethod2 

func (c *Client) CallPermanentZoneMethod2(zone string, method string, args ...interface{}) (*dbus.Call, error)

func (*Client) CallRuntimeZoneMethod 

func (c *Client) CallRuntimeZoneMethod(method string, args ...interface{}) (*dbus.Call, error)

func (*Client) CheckPermanentConfig 

func (c *Client) CheckPermanentConfig() (err error)

CheckPermanentConfig Run checks on the permanent configuration. This is most useful if changes were made manually to configuration files.

func (*Client) Close 

func (c *Client) Close() error

func (*Client) GetActiveZones 

func (c *Client) GetActiveZones() (azs map[string]ActivateZone, err error)

GetActiveZones Return dictionary of currently active zones altogether with interfaces and sources used in these zones. Active zones are zones, that have a binding to an interface or source.

func (*Client) GetDefaultZone 

func (c *Client) GetDefaultZone() (defaultZone string, err error)

GetDefaultZone Return default zone.

func (*Client) GetForwardPorts 

func (c *Client) GetForwardPorts(zone string) (fps ForwardPorts, err error)

GetForwardPorts Get list of (port, protocol, toport, toaddr) defined in zone.

func (*Client) GetInterfaces 

func (c *Client) GetInterfaces(zone string) (Interfaces []string, err error)

GetInterfaces Return array of interfaces (s) previously bound with zone.

func (*Client) GetPorts 

func (c *Client) GetPorts(zone string) (ports Ports, err error)

GetPorts Return array of ports (2-tuple of port and protocol) previously enabled in zone

func (*Client) GetProtocols 

func (c *Client) GetProtocols(zone string) (protocols []string, err error)

GetProtocols Return array of protocols (s) previously enabled in zone.

func (*Client) GetRichRules 

func (c *Client) GetRichRules(zone string) (richRules []string, err error)

GetRichRules Get list of rich-language rules in zone.

func (*Client) GetServiceByName 

func (c *Client) GetServiceByName(service string) (path string, err error)

GetServiceByName Return object path (permanent configuration) of service with given name.

func (*Client) GetServiceNames 

func (c *Client) GetServiceNames() (names []string, err error)

GetServiceNames Return list of service names (permanent configuration).

func (*Client) GetServiceSettings 

func (c *Client) GetServiceSettings(svc string) (svcSet ServiceSetting, err error)

GetServiceSettings Return permanent settings of a service.

func (*Client) GetServices 

func (c *Client) GetServices(zone string) (services []string, err error)

GetServices Get list of service names used in zone.

func (*Client) GetSourcePorts 

func (c *Client) GetSourcePorts(zone string) (ports Ports, err error)

GetSourcePorts Get list of (port, protocol) defined in zone.

func (*Client) GetSources 

func (c *Client) GetSources(zone string) (sources []string, err error)

GetSources Get list of source addresses bound to zone.

func (*Client) GetZoneByName 

func (c *Client) GetZoneByName(zone string) (path string, err error)

GetZoneByName Return object path (permanent configuration) of zone with given name.

func (*Client) GetZoneNames 

func (c *Client) GetZoneNames() (names []string, err error)

GetZoneNames Return list of zone names (permanent configuration).

func (*Client) GetZoneOfSource 

func (c *Client) GetZoneOfSource(source string) (zoneName string, err error)

GetZoneOfSource Return name of zone the source is bound to or empty string.

func (*Client) GetZoneSettings 

func (c *Client) GetZoneSettings(zone string) (zs ZoneSetting, err error)

func (*Client) GetZones 

func (c *Client) GetZones() (zones []string, err error)

GetZones Return array of names (s) of predefined zones known to current runtime environment.

func (*Client) ListServices 

func (c *Client) ListServices() (services []string, err error)

ListServices Return array of service names (s)

func (*Client) ListServicesPath 

func (c *Client) ListServicesPath() (servicesPath []string, err error)

ListServicesPath Return array of objects paths (o) of services in permanent configuration.

func (*Client) ListZones 

func (c *Client) ListZones() (zonesPath []string, err error)

ListZones List object paths of zones known to permanent environment.

func (*Client) Reload 

func (c *Client) Reload() (err error)

Reload firewall rules and keep state information. Current permanent configuration will become new runtime configuration, i.e. all runtime only changes done until reload are lost with reload if they have not been also in permanent configuration.

func (*Client) RemoveForwardPort 

func (c *Client) RemoveForwardPort(zone, port, protocol, toPort, toAddress string) error

RemoveForwardPort remove (port, protocol, toport, toaddr) from list of forward ports of zone.

func (*Client) RemovePort 

func (c *Client) RemovePort(zone, port, protocol string) error

RemovePort If zone is empty, use default zone.

func (*Client) RemoveProtocol 

func (c *Client) RemoveProtocol(zone, protocol string) error

RemoveProtocol remove protocol from zone.

func (*Client) RemoveRichRule 

func (c *Client) RemoveRichRule(zone, rule string) error

RemoveRichRule remove rule from list of rich-language rules in zone.

func (*Client) RemoveService 

func (c *Client) RemoveService(zone, service string) error

RemoveService remove service from list of services used in zone.

func (*Client) RemoveSource 

func (c *Client) RemoveSource(zone, source string) error

RemoveSource remove source from list of source addresses bound to zone.

func (*Client) RemoveSourcePort 

func (c *Client) RemoveSourcePort(zone, port, protocol string) error

RemoveSourcePort remove (port, protocol) from list of source ports of zone.

func (*Client) RuntimeToPermanent 

func (c *Client) RuntimeToPermanent() (err error)

RuntimeToPermanent Make runtime settings permanent. Replaces permanent settings with runtime settings for zones, services, icmptypes, direct (deprecated) and policies (lockdown whitelist).

func (*Client) SetDefaultZone 

func (c *Client) SetDefaultZone(zone string) (err error)

SetDefaultZone Set default zone for connections and interfaces where no zone has been selected to zone. Setting the default zone changes the zone for the connections or interfaces, that are using the default zone. This is a runtime and permanent change.

func (*Client) SetForwardPorts 

func (c *Client) SetForwardPorts(zone string, fps ForwardPorts) error

SetForwardPorts Permanently set forward ports of zone

func (*Client) SetPorts 

func (c *Client) SetPorts(zone string, ports Ports) error

SetPorts Permanently set ports of zone

func (*Client) SetProtocols 

func (c *Client) SetProtocols(zone string, protocols []string) error

SetProtocols Permanently set list of protocols used in zone to protocols.

func (*Client) SetRichRules 

func (c *Client) SetRichRules(zone string, rules []string) error

SetRichRules Permanently set list of rich-language rules to rules.

func (*Client) SetServices 

func (c *Client) SetServices(zone string, services []string) error

SetServices Permanently set list of services used in zone to services.

func (*Client) SetSourcePorts 

func (c *Client) SetSourcePorts(zone string, ports Ports) error

SetSourcePorts Permanently set source-ports of zone to list

func (*Client) SetSources 

func (c *Client) SetSources(zone string, sources []string) error

SetSources Permanently set list of source addresses bound to zone to sources.

type ForwardPort 

type ForwardPort struct {
	Port      string
	Protocol  string
	ToPort    string
	ToAddress string
}

type ForwardPorts 

type ForwardPorts []ForwardPort

type Options 

type Options struct {
	//dbusRuntimePath          dbus.ObjectPath
	//dbusRuntimeInterface     string
	//dbusRuntimeZoneInterface string
	//dbusPermanentPath        dbus.ObjectPath
	//dbusPermanentInterface   string
	Zone      string
	Permanent bool
}

Options keeps the settings to set up firewalld connection.

type Port 

type Port struct {
	Port     string
	Protocol string
}

type Ports 

type Ports []Port

type ServiceSetting 

type ServiceSetting struct {
	Version      string
	Name         string
	Description  string
	Ports        Ports
	ModuleNames  []string
	Destinations map[string]string
	Protocols    []string
	SourcePorts  Ports
}

type ServiceSettingMap 

type ServiceSettingMap map[string]interface{}

func (ServiceSettingMap) ToStruct 

func (ssm ServiceSettingMap) ToStruct() (ss ServiceSetting, err error)

type ZoneSetting 

type ZoneSetting struct {
	Version            string
	Name               string
	Description        string
	Unused             bool
	Target             string
	Services           []string
	Ports              Ports
	IcmpBlocks         []string
	Masquerade         bool
	ForwardPorts       ForwardPorts
	Interfaces         []string
	SourceAddresses    []string
	RichRules          []string
	Protocols          []string
	SourcePorts        Ports
	IcmpBlockInversion bool
}

Source Files

View all Source files

Directories

Path Synopsis
examples
001defaultzone command
002servicesetings command
003listservices command
005GetZoneSettings command
006AddPort command
007GetPort command
008AddZone command
009GetServicesSettings command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.