nftables

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// ForwardPolicyDrop drops packets which try to go through the forwarding chain
	ForwardPolicyDrop = ForwardPolicy("drop")
	// ForwardPolicyAccept accepts packets which try to go through the forwarding chain
	ForwardPolicyAccept = ForwardPolicy("accept")
)

Variables

This section is empty.

Functions

func Render 

func Render(ctx context.Context, cfg *Config) (changed bool, err error)

Renders renders nftables rules according to the given input data and reloads the service if necessary

Types

type Config 

type Config struct {
	Log      *slog.Logger
	Reload   bool
	Validate bool

	Network *network.Network

	EnableDNSProxy bool
	ForwardPolicy  ForwardPolicy
	// contains filtered or unexported fields
}

type ForwardPolicy 

type ForwardPolicy string

ForwardPolicy defines how packets in the forwarding chain are handled, can be either drop or accept. drop will be the standard for firewalls which are not managed by kubernetes resources (CWNPs)

type NftablesData 

type NftablesData struct {
	Comment       string
	SNAT          []snat
	DNSProxyDNAT  dnat
	VPN           bool
	ForwardPolicy string
	FirewallRules *firewallRules
	Input         input
}

NftablesData represents the information required to render nftables configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.