Categorygithub.com/ti-mo/netfilter
modulepackage
0.5.2
Repository: https://github.com/ti-mo/netfilter.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
9
Dependents
11
Files
578 SLOC

# README

netfilter GoDoc builds.sr.ht status Coverage Status Go Report Card

Package netfilter provides encoding and decoding of Netlink messages into Netfilter attributes. It handles Netfilter-specific nesting of attributes, endianness, and is written around a native Netlink implementation (https://github.com/mdlayher/netlink). It is purely written in Go, without any dependency on Cgo or any C library, kernel headers or userspace tools.

The goal of this package is to be used for implementing the Netfilter family of Netlink protocols. For an example implementation, see https://github.com/ti-mo/conntrack.

Contributing

Contributions are absolutely welcome! Before starting work on large changes, please create an issue first, or join #networking on Gophers Slack to discuss the design.

If you encounter a problem implementing the library, please open a GitHub issue for help.

# Functions

DecodeNetlink returns msg's Netfilter header and an AttributeDecoder that can be used to iteratively decode all Netlink attributes contained in the message.
Dial opens a new Netlink connection to the Netfilter subsystem and returns it wrapped in a Conn structure.
EncodeNetlink generates a netlink.Message based on a given netfilter header h and a pre-filled netlink.AttributeEncoder ae.
MarshalAttributes marshals a nested attribute structure into a byte slice.
MarshalNetlink takes a Netfilter Header and Attributes and returns a netlink.Message.
NewAttributeDecoder instantiates a new netlink.AttributeDecoder configured with a Big Endian byte order.
NewAttributeEncoder instantiates a new netlink.AttributeEncoder configured with a Big Endian byte order.
Uint16Bytes gets the big-endian 2-byte representation of a uint16.
Uint32Bytes gets the big-endian 4-byte representation of a uint32.
Uint64Bytes gets the big-endian 8-byte representation of a uint64.
UnmarshalAttributes unmarshals a byte slice into a list of Attributes.
UnmarshalNetlink unmarshals a netlink.Message into a Netfilter Header and Attributes.

# Constants

NFNLGRP_ACCT_QUOTA.
NFNLGRP_CONNTRACK_DESTROY.
NFNLGRP_CONNTRACK_EXP_DESTROY.
NFNLGRP_CONNTRACK_EXP_NEW.
NFNLGRP_CONNTRACK_EXP_UPDATE.
NFNLGRP_CONNTRACK_NEW.
NFNLGRP_CONNTRACK_UPDATE.
NFNLGRP_NFTABLES.
NFNLGRP_NFTRACE.
NFNLGRP_NONE.
NFNL_SUBSYS_ACCT.
NFNL_SUBSYS_COUNT.
NFNL_SUBSYS_CTHELPER.
NFNL_SUBSYS_CTNETLINK.
NFNL_SUBSYS_CTNETLINK_EXP.
NFNL_SUBSYS_CTNETLINK_TIMEOUT.
NFNL_SUBSYS_IPSET.
NFNL_SUBSYS_NFTABLES.
NFNL_SUBSYS_NFT_COMPAT.
NFNL_SUBSYS_NONE.
NFNL_SUBSYS_OSF.
NFNL_SUBSYS_QUEUE.
NFNL_SUBSYS_ULOG.
NFPROTO_ARP.
NFPROTO_BRIDGE.
NFPROTO_DECNET.
NFPROTO_INET.
NFPROTO_IPV4.
NFPROTO_IPV6.
NFPROTO_NETDEV.
NFPROTO_UNSPEC.

# Variables

GroupsCT is a list of all Conntrack multicast groups.
GroupsCTExp is a list of all Conntrack-expect multicast groups.

# Structs

An Attribute is a copy of a netlink.Attribute that can be nested.
Conn represents a Netlink connection to the Netfilter subsystem.
Header is an abstraction over the Netlink header's Type field and the Netfilter message header, also known as 'nfgenmsg'.

# Type aliases

MessageType denotes the message type specific to the subsystem.
NetlinkGroup represents the multicast groups that can be joined with a Netlink socket.
ProtoFamily represents a protocol family in the Netfilter header (nfgenmsg).
SubsystemID denotes the Netfilter Subsystem ID the message is for.