Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FirewallConfig ¶
type FirewallConfig struct {
// Whitelist IPs (permanent, from /etc/nftban/whitelist.conf)
Whitelist *SetData `json:"whitelist"`
// Blacklist IPs (permanent, from /etc/nftban/blacklist.conf)
Blacklist *SetData `json:"blacklist"`
// Feeds contains all external feed data
Feeds map[string]*SetData `json:"feeds"`
// Geoban contains all country-based blocking data
Geoban *SetData `json:"geoban"`
// TCPPorts contains allowed TCP ports
TCPPorts []int `json:"tcp_ports"`
// UDPPorts contains allowed UDP ports
UDPPorts []int `json:"udp_ports"`
// RuntimeBans contains Fail2Ban temp_ban_v4/v6 to preserve
RuntimeBans *SetData `json:"runtime_bans,omitempty"`
// RuntimeWhitelist contains temp_whitelist_v4/v6 to preserve
RuntimeWhitelist *SetData `json:"runtime_whitelist,omitempty"`
}
FirewallConfig represents complete firewall configuration Used by pkg/firewall.Sync() to generate nftables rules
func NewFirewallConfig ¶
func NewFirewallConfig() *FirewallConfig
NewFirewallConfig creates empty firewall configuration
type SetData ¶
type SetData struct {
// IPv4 contains IPv4 addresses and CIDRs
IPv4 []string `json:"ipv4"`
// IPv6 contains IPv6 addresses and CIDRs
IPv6 []string `json:"ipv6"`
// Count is total number of IPs/CIDRs (IPv4 + IPv6)
Count int `json:"count"`
// Source identifies where data came from (e.g., "FIREHOL_ANONYMOUS", "CN")
Source string `json:"source"`
}
SetData represents nftables set data for template rendering Used by pkg/feeds and pkg/geoban to return IP lists
func NewSetData ¶
NewSetData creates empty SetData with given source
Source Files
Click to show internal directories.
Click to hide internal directories.