Documentation ¶
Index ¶
- Variables
- func CleanRules(logErrors bool)
- func Deserialize(sysfw *protocol.SysFirewall) ([]byte, error)
- func DisableInterception() error
- func EnableInterception() error
- func ErrChanEmpty() bool
- func ErrorsChan() <-chan string
- func Init(fwType, configPath, monitorInterval string, qNum *int) (err error)
- func IsRunning() bool
- func Reload(fwtype, configPath, monitorInterval string) (err error)
- func ReloadSystemRules()
- func SaveConfiguration(rawConfig []byte) error
- func Serialize() (*protocol.SysFirewall, error)
- func Stop()
- type Firewall
Constants ¶
This section is empty.
Variables ¶
var (
DefaultConfig = "/etc/opensnitchd/system-fw.json"
)
Functions ¶
func Deserialize ¶
func Deserialize(sysfw *protocol.SysFirewall) ([]byte, error)
Deserialize transforms firewall json configuration to protobuf
func DisableInterception ¶
func DisableInterception() error
DisableInterception removes the rules to intercept outbound connections.
func EnableInterception ¶
func EnableInterception() error
EnableInterception removes the rules to intercept outbound connections.
func ErrorsChan ¶
func ErrorsChan() <-chan string
ErrorsChan returns the channel where the errors are sent to.
func Init ¶
Init initializes the firewall and loads firewall rules. We'll try to use the firewall configured in the configuration (iptables/nftables). If iptables is not installed, we can add nftables rules directly to the kernel, without relying on any binaries.
func ReloadSystemRules ¶
func ReloadSystemRules()
ReloadSystemRules deletes existing rules, and add them again
func SaveConfiguration ¶
SaveConfiguration saves configuration string to disk
func Serialize ¶
func Serialize() (*protocol.SysFirewall, error)
Serialize transforms firewall json configuration to protobuf
Types ¶
type Firewall ¶
type Firewall interface { Init(*int, string, string) Stop() Name() string IsRunning() bool SetQueueNum(num *int) SaveConfiguration(rawConfig string) error EnableInterception() DisableInterception(bool) QueueDNSResponses(bool, bool) (error, error) QueueConnections(bool, bool) (error, error) CleanRules(bool) AddSystemRules(bool, bool) DeleteSystemRules(bool, bool, bool) Serialize() (*protocol.SysFirewall, error) Deserialize(sysfw *protocol.SysFirewall) ([]byte, error) ErrorsChan() <-chan string ErrChanEmpty() bool }
Firewall is the interface that all firewalls (iptables, nftables) must implement.