set

package

v0.0.6 Latest Latest Go to latest Published: Jan 5, 2023 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ngrok/firewall_toolkit

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

A library for managing IP and port nftables sets

Index ¶

Constants
func NetipAddrPortToSetData(addrport netip.AddrPort) (SetData, SetData, error)
func NetipAddrPortsToSetData(addrports []netip.AddrPort) ([]SetData, []SetData, error)
type ManagedSet
- func ManagerInit(set Set, f SetUpdateFunc, interval time.Duration, logger logger.Logger) (ManagedSet, error)
- func (s *ManagedSet) GetSet() Set
- func (s *ManagedSet) Start(ctx context.Context) error
type Set
- func New(c *nftables.Conn, table *nftables.Table, name string, ...) (Set, error)
type SetData
type SetUpdateFunc

Constants ¶

View Source

const (
	// https://datatracker.ietf.org/doc/html/rfc5737#section-3
	InitIPv4 = "192.0.2.1"
	// https://datatracker.ietf.org/doc/html/rfc5156#section-2.6
	InitIPv6 = "2001:0db8:85a3:1:1:8a2e:0370:7334"
	InitPort = "1"
)

Constants used temporarily while initialzing a set

Variables ¶

This section is empty.

Functions ¶

func NetipAddrPortToSetData ¶ added in v0.0.5

func NetipAddrPortToSetData(addrport netip.AddrPort) (SetData, SetData, error)

Convert netip.AddrPort to SetData type, returns a address and a port

func NetipAddrPortsToSetData ¶ added in v0.0.5

func NetipAddrPortsToSetData(addrports []netip.AddrPort) ([]SetData, []SetData, error)

Convert a list of netip.AddrPort to SetData type, returns a list of addresses and a list of ports

Types ¶

type ManagedSet ¶

type ManagedSet struct {
	// contains filtered or unexported fields
}

Represents a set managed by the manager goroutine

func ManagerInit ¶ added in v0.0.2

func ManagerInit(set Set, f SetUpdateFunc, interval time.Duration, logger logger.Logger) (ManagedSet, error)

Create a set manager

func (*ManagedSet) GetSet ¶ added in v0.0.6

func (s *ManagedSet) GetSet() Set

Get the set this manager is operating on

func (*ManagedSet) Start ¶

func (s *ManagedSet) Start(ctx context.Context) error

Start the set manager goroutine

type Set ¶

type Set struct {
	// contains filtered or unexported fields
}

Set represents an nftables a set on a given table

func New ¶

func New(c *nftables.Conn, table *nftables.Table, name string, keyType nftables.SetDatatype) (Set, error)

Create a new set on a table with a given key type

func (*Set) ClearAndAddElements ¶

func (s *Set) ClearAndAddElements(c *nftables.Conn, newSetData []SetData) error

Remove all elements from the set and then add a list of elements

func (*Set) GetSet ¶ added in v0.0.6

func (s *Set) GetSet() *nftables.Set

Get the nftables set associated with this Set

func (*Set) UpdateElements ¶

func (s *Set) UpdateElements(c *nftables.Conn, newSetData []SetData) (bool, error)

Compares incoming set elements with existing set elements and adds/removes the differences First return value is true if the set was modified, false if there were no updates

type SetData ¶

type SetData struct {
	Port              int
	PortRangeStart    int
	PortRangeEnd      int
	Address           netip.Addr
	AddressRangeStart netip.Addr
	AddressRangeEnd   netip.Addr
	Prefix            netip.Prefix
}

SetData is a struct that is used to create elements of a given set based on the key type of the set

func AddressRangeStringToSetData ¶

func AddressRangeStringToSetData(startString string, endString string) (SetData, error)

Convert a string address range to the SetData type

func AddressStringToSetData ¶

func AddressStringToSetData(addressString string) (SetData, error)

Convert a string address to the SetData type

func AddressStringsToSetData ¶

func AddressStringsToSetData(addressStrings []string) ([]SetData, error)

Convert a list of string addresses to the SetData type

func NetIPNetToSetData ¶ added in v0.0.5

func NetIPNetToSetData(net *net.IPNet) (SetData, error)

Convert net.IPNet to the SetData type

func NetIPNetsToSetData ¶ added in v0.0.5

func NetIPNetsToSetData(nets []*net.IPNet) ([]SetData, error)

Convert a list of net.IPNet to the SetData type

func NetIPToSetData ¶ added in v0.0.5

func NetIPToSetData(ip net.IP) (SetData, error)

Convert net.IP to the SetData type

func NetIPsToSetData ¶ added in v0.0.5

func NetIPsToSetData(ips []net.IP) ([]SetData, error)

Convert a list of net.IP to the SetData type

func NetipAddrToSetData ¶ added in v0.0.5

func NetipAddrToSetData(ip netip.Addr) (SetData, error)

Convert netip.Addr to SetData type

func NetipAddrsToSetData ¶ added in v0.0.5

func NetipAddrsToSetData(ips []netip.Addr) ([]SetData, error)

Convert a list of netip.Addr to SetData type

func NetipPrefixToSetData ¶ added in v0.0.5

func NetipPrefixToSetData(prefix netip.Prefix) (SetData, error)

Convert netip.Prefix to SetData type

func NetipPrefixesToSetData ¶ added in v0.0.5

func NetipPrefixesToSetData(prefixes []netip.Prefix) ([]SetData, error)

Convert a list of netip.Prefix to SetData type

func PortRangeStringToSetData ¶

func PortRangeStringToSetData(startString string, endString string) (SetData, error)

Convert a string port range to the SetData type

func PortStringToSetData ¶

func PortStringToSetData(portString string) (SetData, error)

Convert a string port to the SetData type

func PortStringsToSetData ¶

func PortStringsToSetData(portStrings []string) ([]SetData, error)

Convert a list string ports to the SetData type

func PrefixStringToSetData ¶

func PrefixStringToSetData(prefixString string) (SetData, error)

Convert a string prefix/CIDR to the SetData type

type SetUpdateFunc ¶

type SetUpdateFunc func() ([]SetData, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL