-
Notifications
You must be signed in to change notification settings - Fork 0
/
firewall_linux.go
88 lines (73 loc) · 2.12 KB
/
firewall_linux.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
//go:build linux
/*
Nging is a toolbox for webmasters
Copyright (C) 2018-present Wenhui Shen <swh@admpub.com>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package firewall
import (
"github.com/admpub/once"
"github.com/nging-plugins/firewallmanager/application/library/driver"
"github.com/nging-plugins/firewallmanager/application/library/driver/iptables"
"github.com/nging-plugins/firewallmanager/application/library/driver/nftables"
)
func initBackend() {
if nftables.IsSupported() {
backend = `nftables`
} else if iptables.IsSupported() {
backend = `iptables`
}
}
var engineIPv4 driver.Driver
var engonceIPv4 once.Once
var engineIPv6 driver.Driver
var engonceIPv6 once.Once
func initEngineIPv4() {
var err error
if GetBackend() == `nftables` {
engineIPv4, err = nftables.New(driver.ProtocolIPv4)
} else {
engineIPv4, err = iptables.New(driver.ProtocolIPv4, false)
}
if err != nil {
panic(err)
}
}
func EngineIPv4() driver.Driver {
engonceIPv4.Do(initEngineIPv4)
return engineIPv4
}
func initEngineIPv6() {
var err error
if GetBackend() == `nftables` {
engineIPv6, err = nftables.New(driver.ProtocolIPv6)
} else {
engineIPv6, err = iptables.New(driver.ProtocolIPv6, false)
}
if err != nil {
panic(err)
}
}
func EngineIPv6() driver.Driver {
engonceIPv6.Do(initEngineIPv6)
return engineIPv6
}
func Engine(ipVersionNumber string) driver.Driver {
if ipVersionNumber == `6` {
return EngineIPv6()
}
return EngineIPv4()
}
func ResetEngine() {
engonceIPv4.Reset()
engonceIPv6.Reset()
}