netguard

package
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Check 

func Check(g Guard, ipStr string) bool

func DialContext 

func DialContext(g Guard, ctx context.Context, network, addr string) (net.Conn, error)

DialContext resolves the address, validates ALL resolved IPs against the guard, then dials the first allowed IP directly (preventing DNS rebinding). Uses net.Dialer Control as defense-in-depth to re-check at syscall level.

func HTTPClient 

func HTTPClient(g Guard) *http.Client

HTTPClient returns an *http.Client using the guarded transport.

func HTTPTransport 

func HTTPTransport(g Guard) *http.Transport

HTTPTransport returns an *http.Transport that uses the guarded DialContext.

Types

type Guard 

type Guard struct {
	// contains filtered or unexported fields
}

func NewAllow 

func NewAllow(cidrs []string) (Guard, error)

func NewBlock 

func NewBlock(cidrs []string) (Guard, error)

func NewSSRFGuard 

func NewSSRFGuard() Guard

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.