69 lines
2.3 KiB
Go
69 lines
2.3 KiB
Go
package rule
|
|
|
|
import (
|
|
"strconv"
|
|
|
|
"git.kor-elf.net/kor-elf-shield/go-nftables-client/family"
|
|
"git.kor-elf.net/kor-elf-shield/go-nftables-client/internal/command"
|
|
)
|
|
|
|
type API interface {
|
|
// Add adds a new rule.
|
|
//
|
|
// This command is equivalent to:
|
|
// nft add rule (ip|ip6|inet|arp|bridge) {table_name} {chain_name} '{ expr }'
|
|
Add(family family.Type, tableName string, chainName string, expr ...string) error
|
|
|
|
// Insert inserts a new rule.
|
|
// Inserted rules are placed at the beginning of the chain, by default.
|
|
//
|
|
// This command is equivalent to:
|
|
// nft insert rule (ip|ip6|inet|arp|bridge) {table_name} {chain_name} '{ expr }'
|
|
Insert(family family.Type, tableName string, chainName string, expr ...string) error
|
|
|
|
// Replace replaces a rule.
|
|
//
|
|
// This command is equivalent to:
|
|
// nft replace rule (ip|ip6|inet|arp|bridge) {table_name} {chain_name} {handle} '{ expr }'
|
|
Replace(family family.Type, tableName string, chainName string, handle uint64, expr ...string) error
|
|
|
|
// Delete deletes a rule.
|
|
//
|
|
// This command is equivalent to:
|
|
// nft delete rule (ip|ip6|inet|arp|bridge) {table_name} {chain_name} {handle}
|
|
Delete(family family.Type, tableName string, chainName string, handle uint64) error
|
|
}
|
|
|
|
type rule struct {
|
|
command command.NFT
|
|
}
|
|
|
|
func New(command command.NFT) API {
|
|
return &rule{
|
|
command: command,
|
|
}
|
|
}
|
|
|
|
func (r *rule) Add(family family.Type, tableName string, chainName string, expr ...string) error {
|
|
args := []string{"add", "rule", family.String(), tableName, chainName}
|
|
args = append(args, expr...)
|
|
return r.command.Run(args...)
|
|
}
|
|
|
|
func (r *rule) Insert(family family.Type, tableName string, chainName string, expr ...string) error {
|
|
args := []string{"insert", "rule", family.String(), tableName, chainName}
|
|
args = append(args, expr...)
|
|
return r.command.Run(args...)
|
|
}
|
|
|
|
func (r *rule) Replace(family family.Type, tableName string, chainName string, handle uint64, expr ...string) error {
|
|
args := []string{"replace", "rule", family.String(), tableName, chainName, "handle", strconv.Itoa(int(handle))}
|
|
args = append(args, expr...)
|
|
return r.command.Run(args...)
|
|
}
|
|
|
|
func (r *rule) Delete(family family.Type, tableName string, chainName string, handle uint64) error {
|
|
args := []string{"delete", "rule", family.String(), tableName, chainName, "handle", strconv.Itoa(int(handle))}
|
|
return r.command.Run(args...)
|
|
}
|