Top 4.8% dependent repos on proxy.golang.org
proxy.golang.org : github.com/thediveo/nufftables
Package nufftables is a thin wrapper around Google's nftables to ease reasoning over the current state of tables, chains, rules, and expressions. If you just want to setup and remove netfilter chains and rules, then google/nftables should be sufficient most of the time. nufftables' information model is basically that of netfilter and Google's nftables information model in particular, but with the hierarchy added in explicitly. To simplify “fishing” for expressions in rules, nufftables defines a set of convenience functions: OfType finds and returns the expression of the exact type, such as *expr.Payload or *expr.Cmp, as well as the remaining expressions after the match. OfTypeFunc finds and returns the expression of the exact type, additionally satisfying the constraints of the passed “approver” function. OfTypeTransformed finds the expression of the exact type, and if accepted by the constraint-and-transformer function specified, returns the transformed value. PrefixedOfTypeFunc find a matching twin expressions and then returns the transformation of the trailing twin. A typical use case might be matching on the sequence of an *expr.Payload network header load, immediately followed by an *expr.Cmp destination IP address compare, transforming the trailing match to return just the concrete IP address checked for. Often times, certain expressions can be optional: OptionalOfType, OptionalOfTypeFunc, OptionalPrefixedOfTypeFunc, OptionalOfTypeTransformed and OptionalPrefixedOfTypeTransformed return the original expressions instead of nil in case no match exists. This way, the optional expression matches can be neatly chained into the overall expression parsing and matching, without breaking the flow. For instance, returns the first expr.Cmp expression, if any, that is compares with a given IPv4 address for equality (expr.CmpOpEq). The (optional) search returns either the remaining expressions after a match, or the original slice of expressions in case of no match. In contrast, either returns the first match of an expr.Match expression together with the remaining expressions, or simply a nil match with nil expressions. These basic building blocks allow to assemble a DSL for netfilter table expression reasoning, and to finally build high-level functions on top of this all. Please see the github.com/thediveo/nufftables/dsl and github.com/thediveo/nufftables/portfinder packages for more details.
Registry
-
Source
- Documentation
- JSON
purl: pkg:golang/github.com/thediveo/nufftables
License: Apache-2.0
Latest release: 10 months ago
First release: over 2 years ago
Namespace: github.com/thediveo
Dependent packages: 1
Dependent repositories: 1
Stars: 0 on GitHub
Forks: 0 on GitHub
See more repository details: repos.ecosyste.ms
Last synced: 29 days ago