Documentation
¶
Overview ¶
A library for managing nftables rules
Index ¶
- type ManagedRules
- type RuleData
- type RuleTarget
- func (r *RuleTarget) Add(c *nftables.Conn, ruleData RuleData) (bool, error)
- func (r *RuleTarget) Delete(c *nftables.Conn, ruleData RuleData) (bool, error)
- func (r *RuleTarget) Exists(c *nftables.Conn, ruleData RuleData) (bool, error)
- func (r *RuleTarget) Update(c *nftables.Conn, rules []RuleData) (bool, error)
- type RulesUpdateFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ManagedRules ¶
type ManagedRules struct {
Conn *nftables.Conn
RuleTarget RuleTarget
// contains filtered or unexported fields
}
Represents a table/chain ruleset managed by the manager goroutine
func ManagerInit ¶
func ManagerInit(c *nftables.Conn, ruleTarget RuleTarget, f RulesUpdateFunc, interval time.Duration, logger logger.Logger) (ManagedRules, error)
Create a rule manager
type RuleData ¶
type RuleData struct {
Expressions []expr.Any
// we use rule user data to store the ID
// we do this so we can give each rule a specific id across hosts and etc
// handles are less deterministic without setting them explicitly and lack context (only ints)
ID []byte
}
RuleData is a struct that is used to create rules in a given table and chain
type RuleTarget ¶ added in v0.0.3
RuleTarget represents a location to manipulate nftables rules
func NewRuleTarget ¶ added in v0.0.3
func NewRuleTarget(table *nftables.Table, chain *nftables.Chain) RuleTarget
Create a new location to manipulate nftables rules
func (*RuleTarget) Add ¶ added in v0.0.3
Add a rule with a given ID to a specific table and chain, returns true if the rule was added
func (*RuleTarget) Delete ¶ added in v0.0.3
Delete a rule with a given ID from a specific table and chain, returns true if the rule was deleted
type RulesUpdateFunc ¶
Source Files
Click to show internal directories.
Click to hide internal directories.