Documentation
¶
Index ¶
Constants ¶
View Source
const LimitSetNamePrefix = `nging_limit_`
Variables ¶
View Source
var ErrInvalidIPv4 = errors.New(`invalid IPv4 address`)
View Source
var ErrInvalidIPv6 = errors.New(`invalid IPv6 address`)
View Source
var ErrInvalidRuleNumber = errors.New(`invalid rule number`)
View Source
var ErrNatIPOrNatPortRequired = errors.New(`NAT IP 和 NAT 端口 不能同时为空`)
View Source
var ErrUnsupported = errors.New(`unsupported`)
View Source
var ErrUnsupportedChain = fmt.Errorf(`%w chain`, ErrUnsupported)
View Source
var ErrUnsupportedTable = fmt.Errorf(`%w table`, ErrUnsupported)
Functions ¶
This section is empty.
Types ¶
type Driver ¶ added in v1.1.0
type Driver interface {
AddDefault() error
Enabled(on bool) error
Reset() error // 重置(恢复到出厂设置)
Clear() error // 清空本系统创建的所有规则
Import(wfwFile string) error
Export(wfwFile string) error
Insert(rules ...Rule) error
AsWhitelist(table, chain string) error
Append(rules ...Rule) error
Update(rule Rule) error
Delete(rules ...Rule) error
Exists(rule Rule) (bool, error)
Ban(ips []string, expires time.Duration) error
FindPositionByID(table, chain string, id uint) (uint, error)
}
type Rule ¶
type Rule struct {
ID uint `json:"id,omitempty" xml:"id,omitempty"` // 静态规则 ID
CustomID string `json:"customID,omitempty" xml:"customID,omitempty"` // 自定义 ID 字符串, ID 为 0 时有效
Number uint `json:"num,omitempty" xml:"num,omitempty"` // 防火墙的规则编号。iptables 为 position 值;nftables 为 handle 值
Type string `json:"type" xml:"type"` // 表 filter / nat / etc.
Name string `json:"name" xml:"name"` // 名称
Direction string `json:"direction" xml:"direction"` // 链 INPUT / OUTPUT / etc.
Action string `json:"action" xml:"action"` // ACCEPT / DROP / etc.
Protocol string `json:"protocol" xml:"protocol"` // tcp / udp / etc.
// interface 网口
Interface string `json:"interface" xml:"interface"` // 网络入口网络接口
Outerface string `json:"outerface" xml:"outerface"` // 网络出口网络接口
// state
State string `json:"state" xml:"state"`
// IP or Port
RemoteIP string `json:"remoteIP" xml:"remoteIP"`
LocalIP string `json:"localIP" xml:"localIP"`
NatIP string `json:"natIP" xml:"natIP"`
RemotePort string `json:"remotePort" xml:"remotePort"` // 支持指定范围
LocalPort string `json:"localPort" xml:"localPort"` // 支持指定范围
NatPort string `json:"natPort" xml:"natPort"` // 支持指定范围
IPVersion string `json:"ipVersion" xml:"ipVersion"` // 4 or 6
// Limit
ConnLimit string `json:"connLimit" xml:"connLimit"` // 每个IP最大连接数
RateLimit string `json:"rateLimit" xml:"rateLimit"` // 频率限制规则(格式:200/p/s)
RateBurst uint `json:"rateBurst" xml:"rateBurst"` // 频率最大峰值
RateExpires uint `json:"rateExpires" xml:"rateExpires"` // 过期时间(秒)
Extra echo.H `json:"extra,omitempty" xml:"extra,omitempty"`
}
func (*Rule) GenLimitSetName ¶ added in v1.3.11
type Stat ¶ added in v1.3.2
type Stat struct {
Number uint64 `json:"num,omitempty"`
Packets uint64 `json:"pkts"`
Bytes uint64 `json:"bytes"`
Target string `json:"target"`
Protocol string `json:"prot"`
Opt string `json:"opt"`
Input string `json:"in"`
Output string `json:"out"`
Source *net.IPNet `json:"source"`
Destination *net.IPNet `json:"destination"`
Options string `json:"options"`
}
Stat represents a structured statistic entry.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.