README
¶
This package is copied from k8s.io/kubernetes/pkg/util/iptables and added more funcs after.
Documentation
¶
Index ¶
Constants ¶
View Source
const LockfilePath16x = "/run/xtables.lock"
View Source
const MinCheckVersion = "1.4.11"
Versions of iptables less than this do not support the -C / --check flag (test whether a rule exists).
View Source
const WaitMinVersion = "1.4.20"
Minimum iptables versions supporting the -w and -w<seconds> flags
View Source
const WaitSecondsMinVersion = "1.4.22"
View Source
const WaitSecondsValue = "5"
View Source
const WaitString = "-w"
Variables ¶
This section is empty.
Functions ¶
func GetChainLines ¶
#lizard forgives GetChainLines parses a table's iptables-save data to find chains in the table. It returns a map of iptables.Chain to string where the string is the chain line from the save (with counters etc).
func MakeChainLine ¶
MakeChainLine return an iptables-save/restore formatted chain line given a Chain
Types ¶
type Interface ¶
type Interface interface {
// GetVersion returns the "X.Y.Z" version string for iptables.
GetVersion() (string, error)
// EnsureChain checks if the specified chain exists and, if not, creates it. If the chain existed, return true.
EnsureChain(table Table, chain Chain) (bool, error)
// FlushChain clears the specified chain. If the chain did not exist, return error.
FlushChain(table Table, chain Chain) error
// DeleteChain deletes the specified chain. If the chain did not exist, return error.
DeleteChain(table Table, chain Chain) error
// EnsureRule checks if the specified rule is present and, if not, creates it. If the rule existed, return true.
EnsureRule(position RulePosition, table Table, chain Chain, args ...string) (bool, error)
// DeleteRule checks if the specified rule is present and, if so, deletes it.
DeleteRule(table Table, chain Chain, args ...string) error
// ListRule list rules in a chain
ListRule(table Table, chain Chain, args ...string) ([]string, error)
// IsIpv6 returns true if this is managing ipv6 tables
IsIpv6() bool
// SaveInto calls `iptables-save` for table and stores result in a given buffer.
SaveInto(table Table, buffer *bytes.Buffer) error
// EnsurePolicy set default rule for chain
EnsurePolicy(table Table, chain Chain, policy string) error
// Restore runs `iptables-restore` passing data through []byte.
// table is the Table to restore
// data should be formatted like the output of SaveInto()
// flush sets the presence of the "--noflush" flag. see: FlushFlag
// counters sets the "--counters" flag. see: RestoreCountersFlag
Restore(table Table, data []byte, flush FlushFlag, counters RestoreCountersFlag) error
// RestoreAll is the same as Restore except that no table is specified.
RestoreAll(data []byte, flush FlushFlag, counters RestoreCountersFlag) error
}
An injectable interface for running iptables commands. Implementations must be goroutine-safe.
type RestoreCountersFlag ¶
type RestoreCountersFlag bool
Option flag for Restore
const NoRestoreCounters RestoreCountersFlag = false
const RestoreCounters RestoreCountersFlag = true
type RulePosition ¶
type RulePosition string
const ( Prepend RulePosition = "-I" Append RulePosition = "-A" )
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.