nfqueue

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 10, 2020 License: AGPL-3.0 Imports: 11 Imported by: 0

README

Parts of this package (this directory) are forked from the go-nfqueue repo: https://github.com/OneOfOne/go-nfqueue These portions are copyrighted by Ahmed W. The fork commit is (with high certainty): https://github.com/OneOfOne/go-nfqueue/commit/3bdd8bdfd98a1ed51119f9cf7494162484dfbe7c

Documentation

Overview

Package nfqueue provides network interception capabilities on linux via iptables nfqueue.

Index

Constants

View Source
const (
	NFQ_DROP   uint32 = 0 // discarded the packet
	NFQ_ACCEPT uint32 = 1 // the packet passes, continue iterations
	NFQ_STOLEN uint32 = 2 // gone away
	NFQ_QUEUE  uint32 = 3 // inject the packet into a different queue (the target queue number is in the high 16 bits of the verdict)
	NFQ_REPEAT uint32 = 4 // iterate the same cycle once more
	NFQ_STOP   uint32 = 5 // accept, but don't continue iterations
)

NFQ Packet Constants

Variables

View Source
var (
	ErrVerdictSentOrTimedOut = errors.New("the verdict was already sent or timed out")
)

NFQ Errors

Functions

This section is empty.

Types

type NFQueue

type NFQueue struct {
	DefaultVerdict uint32
	Timeout        time.Duration

	Packets chan packet.Packet
	// contains filtered or unexported fields
}

NFQueue holds a Linux NFQ Handle and associated information.

func NewNFQueue

func NewNFQueue(qid uint16) (nfq *NFQueue, err error)

NewNFQueue initializes a new netfilter queue.

func (*NFQueue) Destroy

func (nfq *NFQueue) Destroy()

Destroy closes all the nfqueues.

func (*NFQueue) PacketChannel added in v0.4.18

func (nfq *NFQueue) PacketChannel() <-chan packet.Packet

PacketChannel returns a packet channel

func (*NFQueue) Valid

func (nfq *NFQueue) Valid() bool

Valid returns whether the NFQueue is still valid.

type Packet

type Packet struct {
	packet.Base

	QueueID    uint16
	ID         uint32
	HWProtocol uint16
	Hook       uint8
	Mark       uint32
	// contains filtered or unexported fields
}

Packet represents a packet with a NFQ reference.

func (*Packet) Accept

func (pkt *Packet) Accept() error

Accept implements the packet interface.

func (*Packet) Block

func (pkt *Packet) Block() error

Block implements the packet interface.

func (*Packet) Drop

func (pkt *Packet) Drop() error

Drop implements the packet interface.

func (*Packet) PermanentAccept

func (pkt *Packet) PermanentAccept() error

PermanentAccept implements the packet interface.

func (*Packet) PermanentBlock

func (pkt *Packet) PermanentBlock() error

PermanentBlock implements the packet interface.

func (*Packet) PermanentDrop

func (pkt *Packet) PermanentDrop() error

PermanentDrop implements the packet interface.

func (*Packet) RerouteToNameserver

func (pkt *Packet) RerouteToNameserver() error

RerouteToNameserver implements the packet interface.

func (*Packet) RerouteToTunnel

func (pkt *Packet) RerouteToTunnel() error

RerouteToTunnel implements the packet interface.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL