forked from ligato/vpp-agent
-
Notifications
You must be signed in to change notification settings - Fork 0
/
iptables_api.go
67 lines (54 loc) · 2.36 KB
/
iptables_api.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
// Copyright (c) 2019 Cisco and/or its affiliates.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at:
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package linuxcalls
// L3Protocol to differentiate between IPv4 and IPv6
type L3Protocol byte
const (
ProtocolIPv4 L3Protocol = iota
ProtocolIPv6
)
// IPTablesAPI interface covers all methods inside linux calls package needed
// to manage linux iptables rules.
type IPTablesAPI interface {
// Init initializes an iptables handler.
Init() error
IPTablesAPIWrite
IPTablesAPIRead
}
// IPTablesAPIWrite interface covers write methods inside linux calls package
// needed to manage linux iptables rules.
type IPTablesAPIWrite interface {
// CreateChain creates an iptables chain in the specified table.
CreateChain(protocol L3Protocol, table, chain string) error
// DeleteChain deletes an iptables chain in the specified table.
DeleteChain(protocol L3Protocol, table, chain string) error
// SetChainDefaultPolicy sets default policy in the specified chain. Should be called only on FILTER tables.
SetChainDefaultPolicy(protocol L3Protocol, table, chain, defaultPolicy string) error
// AppendRule appends a rule into the specified chain.
AppendRule(protocol L3Protocol, table, chain string, rule string) error
// DeleteRule deletes a rule from the specified chain.
DeleteRule(protocol L3Protocol, table, chain string, rule string) error
// protocol deletes all rules within the specified chain.
DeleteAllRules(proto L3Protocol, table, chain string) error
}
// IPTablesAPIRead interface covers read methods inside linux calls package
// needed to manage linux iptables rules.
type IPTablesAPIRead interface {
// ListRules lists all rules within the specified chain.
ListRules(protocol L3Protocol, table, chain string) (rules []string, err error)
}
// NewIPTablesHandler creates new instance of iptables handler.
func NewIPTablesHandler() *IPTablesHandler {
return &IPTablesHandler{}
}