Categorygithub.com/lrh3321/ipset-go
modulepackage
0.0.0-20230425010353-0d9880b1ecac
Repository: https://github.com/lrh3321/ipset-go.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
16
Dependents
1
Files
1.1k SLOC

# README

ipset-go - ipset library for go

GoDoc

The ipset-go package provides a simple ipset library for go. IP sets are a framework inside the Linux kernel, which can be administered by the ipset utility. Depending on the type, an IP set may store IP addresses, networks, (TCP/UDP) port numbers, MAC addresses, interface names or combinations of them in a way, which ensures lightning speed when matching an entry against a set.This library began its life as a fork of the vishvananda/netlink.

Examples

Create a new set and add 10.0.0.1 into it:

package main

import (
	"log"
	"net"

	"github.com/lrh3321/ipset-go"
)

func main() {
	var setname = "hash01"
	// Equivalent to: `ipset create hash01 hash:ip`
	err := ipset.Create(setname, ipset.TypeHashIP, ipset.CreateOptions{})
	if err != nil {
		log.Fatal(err)
	}

	// Equivalent to: `ipset add hash01 10.0.0.1`
	err = ipset.Add(setname, &ipset.Entry{IP: net.IPv4(10, 0, 0, 1).To4()})
	if err != nil {
		log.Fatal(err)
	}

	// List the set.
	set, err := ipset.List(setname)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Printf(`Name: %s
Type: %s
Header: family inet hashsize %d maxelem %d
Size in memory: %d
References: %d
Number of entries: %d
Members:
`,
		set.SetName,
		set.TypeName,
		set.HashSize,
		set.MaxElements,
		set.SizeInMemory,
		set.References,
		set.NumEntries,
	)

	for _, e := range set.Entries {
		fmt.Println(e.IP.String())
	}

	/*
	   Name: test_hash01
	   Type: hash:ip
	   Header: family inet hashsize 1024 maxelem 65536
	   Size in memory: 296
	   References: 0
	   Number of entries: 2
	   Members:
	   10.0.0.1
	   10.0.0.5
	*/
}

Destroy a set:

package main

import (
	"log"
	"net"

	"github.com/lrh3321/ipset-go"
)

func main() {
	var setname = "hash01"
	// Equivalent to: `ipset destroy hash01`
	err := ipset.Destroy(setname)
	if err != nil {
		log.Fatal(err)
	}
}

More code:

# Packages

No description provided by the author

# Functions

Add adds an entry to an existing ipset.
Create creates a new ipset.
Del deletes an entry from an existing ipset.
Destroy destroys an existing ipset.
Flush flushes an existing ipset.
ForceDestroy destroys a ipset return nil if not exist.
No description provided by the author
GetSocketTimeout returns the timeout value used by default netlink sockets.
No description provided by the author
List dumps an specific ipset.
ListAll dumps all ipsets.
NewHandle returns a netlink handle on the current network namespace.
NewHandleAt returns a netlink handle on the network namespace specified by ns.
NewHandleAtFrom works as NewHandle but allows client to specify the new and the origin netns Handle.
Protocol returns the ipset protocol version from the kernel.
Rename rename a set.
SetSocketTimeout configures timeout for default netlink sockets.
Swap swap the content of two sets, or in another words, exchange the name of two sets.
No description provided by the author
No description provided by the author
No description provided by the author

# Constants

ErrBusy Set cannot be destroyed: it is in use by a kernel component.
ErrEntryExist Element cannot be added to the set: it's already added.
ErrEntryNotExist Element cannot be deleted from the set: it's not added.
ErrInvalidCIDR The value of the CIDR parameter of the IP address is invalid.
ErrInvalidComment Comment cannot be used: set was created without comment support.
ErrInvalidCounter Packet/byte counters cannot be used: set was created without counter support.
ErrInvalidFamily Protocol family not supported by the set type.
ErrInvalidIPv4Address An IPv4 address is expected, but not received.
ErrInvalidIPv6Address An IPv6 address is expected, but not received.
ErrInvalidMarkmask The value of the markmask parameter is invalid.
ErrInvalidMessage Kernel error received: message could not be created.
ErrInvalidNetmask The value of the netmask parameter is invalid.
ErrInvalidProtocol Kernel error received: ipset protocol error.
ErrInvalidType Kernel error received: set type not supported.
ErrNewNameAlreadyExist Set cannot be renamed: a set with the new name already exists.
ErrReferenced Set cannot be renamed: it is in use by another system.
ErrSecondSetNotExist Sets cannot be swapped: the second set does not exist.
ErrSetExist Set cannot be created: set with the same name already exists.
ErrSetNotExist The set with the given name does not exist.
ErrSkbInfo Skbinfo mapping cannot be used: set was created without skbinfo support.
ErrTimeout Timeout cannot be used: set was created without timeout support.
ErrTypeMaxSetsReached Kernel error received: maximal number of sets reached, cannot create more.
ErrTypeMismatch The sets cannot be swapped: their type does not match.
FamilyIPV4 represents IPv4 protocol.
FamilyIPV6 represents IPv6 protocol.
No description provided by the author
8: Multiple data containers */.
ADT specific attributes */.
CADT specific attributes */.
9 */.
Reserve empty slots */.
CADT specific attributes */.
ADT specific attributes */.
ADT specific attributes */.
7: Nested attributes */.
Kernel-only */.
ADT specific attributes */.
5: Settype family */.
6: Flags at command level */.
Create-only specific attributes */.
CADT specific attributes */.
ADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
ADT specific attributes */.
ADT specific attributes */.
9: Restore lineno */.
CADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
ADT specific attributes */.
ADT specific attributes */.
CADT specific attributes */.
ADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
CADT specific attributes */.
1: Protocol version */.
10: Minimal supported version number */.
CADT specific attributes */.
CADT specific attributes */.
4: Settype revision */.
type rev min */.
2: Name of the set */.
Setname at rename/swap */.
CADT specific attributes */.
ADT specific attributes */.
ADT specific attributes */.
ADT specific attributes */.
CADT specific attributes */.
3: Typename */.
9: Add an element to a set */.
2: Create a new (empty) set */.
10: Delete an element from a set */.
3: Destroy a (empty) set */.
4: Remove all elements from a set */.
12: Get set header data only */.
7: List sets */.
1: Return protocol version */.
5: Rename a set */.
8: Save sets */.
6: Swap two sets */.
11: Test an element in a set */.
13: Get set type */.
Missing reference set */.
The element is out of the range of the set */.
The range exceeds the size limit of the set type */.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Null-valued element */.
Hash is full */.
Invalid range */.
Range not supported */.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Invalid protocol */.
No description provided by the author
No description provided by the author
Set is full */.
list:set type is not permitted to add */.
No description provided by the author
Protocol missing but must be specified */.
Reference set does not exist */.
No description provided by the author
No description provided by the author
Reference set is not added to the set */.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Type specific error codes */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
Flags at CADT attribute level, upper half of cmdattrs */.
The maximum permissible comment length we will accept over netlink */.
The max length of strings including NUL: set and type identifiers */.
The protocol version */.
ProtocolSCTP represents SCTP protocol.
ProtocolTCP represents TCP protocol.
ProtocolUDP represents UDP protocol.
CADT specific attributes */.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Structs

CreateOptions is the options struct for creating a new ipset.
Entry
Entry is used for adding, updating, retreiving and deleting entries.
Handle is an handle for the netlink requests on a specific network namespace.
Sets is the result of a dump request for a set.

# Type aliases

No description provided by the author
No description provided by the author