firewall

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 3, 2026 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Action 

type Action string
const (
	ActionAllow  Action = "allow"
	ActionDeny   Action = "deny"
	ActionReject Action = "reject"
	ActionDrop   Action = "drop"
)

type BackendError 

type BackendError struct {
	Backend string
	Err     error
}

BackendError 定义防火墙后端错误

func (*BackendError) Error 

func (e *BackendError) Error() string

type Firewall 

type Firewall interface {
	Name() string
	Status(ctx context.Context) (string, error)
	Enable(ctx context.Context) (string, error)
	Disable(ctx context.Context) (string, error)
	ListRules(ctx context.Context) (string, error)
	AddRule(ctx context.Context, rule Rule) (string, error)
	RemoveRule(ctx context.Context, rule Rule) (string, error)
	Reload(ctx context.Context) (string, error)
}

Firewall 接口定义了防火墙管理的通用操作

func DetectFirewall 

func DetectFirewall(ctx context.Context, exec executor.Executor) (Firewall, error)

DetectFirewall 自动探测系统使用的防火墙后端

func GetFirewallByName 

func GetFirewallByName(name string, exec executor.Executor) (Firewall, error)

GetFirewallByName 根据名称获取防火墙后端

type FirewalldBackend 

type FirewalldBackend struct {
	// contains filtered or unexported fields
}

func NewFirewalldBackend 

func NewFirewalldBackend(exec executor.Executor, zone string) *FirewalldBackend

func (*FirewalldBackend) AddRule 

func (b *FirewalldBackend) AddRule(ctx context.Context, rule Rule) (string, error)

func (*FirewalldBackend) Disable 

func (b *FirewalldBackend) Disable(ctx context.Context) (string, error)

func (*FirewalldBackend) Enable 

func (b *FirewalldBackend) Enable(ctx context.Context) (string, error)

func (*FirewalldBackend) ListRules 

func (b *FirewalldBackend) ListRules(ctx context.Context) (string, error)

func (*FirewalldBackend) Name 

func (b *FirewalldBackend) Name() string

func (*FirewalldBackend) Reload 

func (b *FirewalldBackend) Reload(ctx context.Context) (string, error)

func (*FirewalldBackend) RemoveRule 

func (b *FirewalldBackend) RemoveRule(ctx context.Context, rule Rule) (string, error)

func (*FirewalldBackend) Status 

func (b *FirewalldBackend) Status(ctx context.Context) (string, error)

type IptablesBackend 

type IptablesBackend struct {
	// contains filtered or unexported fields
}

func NewIptablesBackend 

func NewIptablesBackend(exec executor.Executor) *IptablesBackend

func (*IptablesBackend) AddRule 

func (b *IptablesBackend) AddRule(ctx context.Context, rule Rule) (string, error)

func (*IptablesBackend) Disable 

func (b *IptablesBackend) Disable(ctx context.Context) (string, error)

func (*IptablesBackend) Enable 

func (b *IptablesBackend) Enable(ctx context.Context) (string, error)

func (*IptablesBackend) ListRules 

func (b *IptablesBackend) ListRules(ctx context.Context) (string, error)

func (*IptablesBackend) Name 

func (b *IptablesBackend) Name() string

func (*IptablesBackend) Reload 

func (b *IptablesBackend) Reload(ctx context.Context) (string, error)

func (*IptablesBackend) RemoveRule 

func (b *IptablesBackend) RemoveRule(ctx context.Context, rule Rule) (string, error)

func (*IptablesBackend) Status 

func (b *IptablesBackend) Status(ctx context.Context) (string, error)

type NftablesBackend 

type NftablesBackend struct {
	// contains filtered or unexported fields
}

func NewNftablesBackend 

func NewNftablesBackend(exec executor.Executor) *NftablesBackend

func (*NftablesBackend) AddRule 

func (b *NftablesBackend) AddRule(ctx context.Context, rule Rule) (string, error)

func (*NftablesBackend) Disable 

func (b *NftablesBackend) Disable(ctx context.Context) (string, error)

func (*NftablesBackend) Enable 

func (b *NftablesBackend) Enable(ctx context.Context) (string, error)

func (*NftablesBackend) ListRules 

func (b *NftablesBackend) ListRules(ctx context.Context) (string, error)

func (*NftablesBackend) Name 

func (b *NftablesBackend) Name() string

func (*NftablesBackend) Reload 

func (b *NftablesBackend) Reload(ctx context.Context) (string, error)

func (*NftablesBackend) RemoveRule 

func (b *NftablesBackend) RemoveRule(ctx context.Context, rule Rule) (string, error)

func (*NftablesBackend) Status 

func (b *NftablesBackend) Status(ctx context.Context) (string, error)

type Protocol 

type Protocol string
const (
	ProtocolTCP Protocol = "tcp"
	ProtocolUDP Protocol = "udp"
	ProtocolAny Protocol = "any"
)

type Rule 

type Rule struct {
	Port     string   // 例如 "80", "8080:8090"
	Service  string   // 例如 "http", "ssh"
	Protocol Protocol // tcp, udp, any
	Action   Action   // allow, deny, reject, drop
	Source   string   // 源 IP 或 CIDR, 为空表示所有
	Comment  string
}

Rule 定义通用防火墙规则

type UfwBackend 

type UfwBackend struct {
	// contains filtered or unexported fields
}

func NewUfwBackend 

func NewUfwBackend(exec executor.Executor) *UfwBackend

func (*UfwBackend) AddRule 

func (b *UfwBackend) AddRule(ctx context.Context, rule Rule) (string, error)

func (*UfwBackend) Disable 

func (b *UfwBackend) Disable(ctx context.Context) (string, error)

func (*UfwBackend) Enable 

func (b *UfwBackend) Enable(ctx context.Context) (string, error)

func (*UfwBackend) ListRules 

func (b *UfwBackend) ListRules(ctx context.Context) (string, error)

func (*UfwBackend) Name 

func (b *UfwBackend) Name() string

func (*UfwBackend) Reload 

func (b *UfwBackend) Reload(ctx context.Context) (string, error)

func (*UfwBackend) RemoveRule 

func (b *UfwBackend) RemoveRule(ctx context.Context, rule Rule) (string, error)

func (*UfwBackend) Status 

func (b *UfwBackend) Status(ctx context.Context) (string, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.