TheDiveO
85d0f3a0db
add GetRules and deprecate GetRule, update tests ( #160 )
2022-05-08 20:39:12 +02:00
Michael Stapelberg
38a96768db
bump go.mod version to go 1.17
...
fixes https://github.com/google/nftables/issues/158
2022-05-02 17:29:23 +02:00
turekt
76ed01e300
Support for concat set intervals ( #155 )
...
Fixes https://github.com/google/nftables/issues/154
Added support for intervals in concat sets
Added missing constants, Concatenation flag and KeyEnd field to Set type with marshaling support
Added ConcatSetTypeElements function to derive base types from concatenated types
Changed nftDatatypes list to map
Added tests
2022-04-22 17:12:20 +02:00
Rafael Campos Las Heras
950e408d48
Fix range expression unmarshalling
...
Fix the range expression unmarshalling on the `FromData` and `ToData`
Range expression fields.
2022-04-07 21:54:05 +02:00
Rafael Campos Las Heras
d46a80e963
Fix payload unmarshall operation type.
...
When unmarshalling the Payload expression the operation type is not
updated. Apply the same logic for unmarshalling that we apply for
marshalling.
2022-04-07 21:54:05 +02:00
Rafael Campos Las Heras
c4d774fc49
Fix expression parsing for notracking
...
Fix the expression parsing for non data content like `notracking`
expression.
2022-04-07 21:54:05 +02:00
Ben de Graaff
2ba518ec5c
Unmarshal Exthdr and support DestRegister/Flags for reads ( #151 ) ( #152 )
...
* Unmarshal Exthdr and support DestRegister/Flags for reads
Some fields in Exthdr are context-sensitive. Mixing unexpected fields
will result in EOPNOTSUPP.
* Fix order in which Exthdr attributes are written
2022-04-05 21:44:27 +02:00
Michael Stapelberg
19672dc9fe
rule: carry over all table attributes (including family)
...
fixes https://github.com/google/nftables/issues/150
2022-04-02 15:01:06 +02:00
Gustavo Iñiguez Goia
5a9391c12f
Added support for quota expression ( #149 )
2022-03-29 18:00:11 +02:00
turekt
211824995d
Log expression refactor ( #147 )
...
Fixes https://github.com/google/nftables/issues/113
Log expression implementation changed to better support different log options
Added uint16 support to the binaryutil package
Changed old log expression tests that were failing after change
Added a new test to check the implementation for multiple log options
2022-02-21 22:42:39 +01:00
turekt
8aa05f01ea
Log prefix expression support ( #146 )
...
Fixes https://github.com/google/nftables/issues/115
Added expr.Log to EXPR_DATA switch
Added test for expr.Log parsing
2022-02-19 20:57:22 +01:00
Michael Stapelberg
edf9fe8cd0
remove dependency on now-deleted koneu/natend
...
Instead, we just do the unsafe.Pointer() calls directly.
fixes https://github.com/google/nftables/issues/145
2022-02-10 08:29:02 +01:00
turekt
91d3b4571d
Fix for ListChains policy bug ( #144 )
...
Fixes https://github.com/google/nftables/issues/130 | Added a test case for ListChains func
2022-02-06 18:44:06 +01:00
turekt
a46119e592
Support for rule position 0 ( #143 )
...
Added uint32 Flags to Rule struct to support rules set with position 0
fixes https://github.com/google/nftables/issues/126
2022-01-29 19:26:06 +01:00
Matt Layher
6f19c4381e
nftables: fix staticcheck error for Conn.getObj ( #137 )
...
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2021-12-09 23:08:38 +01:00
Matt Layher
611d399a5e
go.mod: use github.com/mdlayher/netlink@v1.4.2 ( #136 )
...
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2021-12-09 23:08:14 +01:00
Tommie Gannert
16a134723a
Tries to fully populate Set.KeyType if it's a simple type.
...
Set.DataType also gets the full type descriptor. No changes in
behavior for concatenated datatypes.
2021-09-16 16:01:15 +02:00
Tommie Gannert
3a4a2bce5f
Fixes masks in set flag parsing.
...
The NFTA_* constants identify attributes. The result is that, right
now, IsMap == Anonymous.
2021-09-16 16:01:15 +02:00
Tommie Gannert
0360b9d10a
Adds all current datatypes for sets.
...
Based on https://git.netfilter.org/nftables/commit/include/datatype.h?id=cca4c856301caa8959ac98aac5811130bc19512c
It makes more sense to point to datatype.h in the comment since the
actual definitions of these types are scattered throughout src/.
uid_t and gid_t sizes are fixed at 4 bytes currently, but that might
of course change. I couldn't find a good way to make this
dynamic. There are a number of Sizeof* constants in x/sys/unix, so
that's probably the right place to add them.
2021-09-16 16:01:15 +02:00
Michael Stapelberg
d553cd2d41
GitHub actions: run on pull requests, too
2021-08-18 09:26:02 +02:00
Michael Stapelberg
a285acebca
README: switch to GitHub actions badge
2021-05-14 17:48:51 +02:00
pengyuan.dai
5573dab9cc
Add CtStateBit constants and related usage test #121 ( #122 )
...
fixes #121
2021-05-14 16:05:40 +02:00
pengyuan.dai
523112131a
Add expr.Ct and expr.Range type select in exprsFromMsg ( #120 )
...
fixes #119
2021-05-11 11:11:10 +02:00
Michael Stapelberg
715e31cb3c
switch from travis to GitHub actions
2020-12-30 15:21:48 +01:00
Paul Greenberg
c25e4f69b4
fix: unmarshaling verdicts with chain information ( #106 )
...
Before this commit: the unmarshaling of a verdict pointing
to a chain fails.
After this commit: the unmarshaling of a rule with a verdict
pointing to a chain succeeds and the information about the
chain gets put in `Verdict.Chain`.
Resolves : #105
Signed-off-by: Paul Greenberg <greenpau@outlook.com>
2020-08-02 19:55:06 +02:00
Grégoire Delattre
7127d9d224
Add support for rate limiting ( #101 )
2020-03-16 08:58:19 +01:00
Alexis PIRES
64aca752d1
Remove Object API ( #100 )
...
Co-authored-by: Alexis PIRES <alexis.pires@atos.net>
2020-03-09 08:43:47 +01:00
Grégoire Delattre
21c5c5c425
Add missing VerdictKind ( #99 )
2020-03-06 11:32:18 +01:00
Zackery Field
9caf4234bf
Report whether set has flag configured ( #98 )
2020-02-27 08:28:57 +01:00
Serguei Bezverkhi
1c56a1906f
Add Dynset expression and unit test ( #97 )
...
* Add dynset expression and unit test
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-02-10 11:14:20 +01:00
Serguei Bezverkhi
9cdc3d048a
Add support for timeouts for set elements and sets ( #96 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-02-05 11:33:52 +01:00
Serguei Bezverkhi
26bcabf490
disable lock when no namespace is needed ( #95 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-01-22 22:39:39 +01:00
Leon Vack
327d5c62cd
function to create concatenated SetDatatypes ( #93 )
...
added function to create concatenated SetDatatypes
2020-01-22 22:37:16 +01:00
Serguei Bezverkhi
88b35b63a9
Add GetSetByName call ( #94 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-01-21 08:39:40 +01:00
Alexis PIRES
fdd795dea1
Add GetObject/GetObjects, ResetObject/ResetObjects ( #92 )
...
GetObj/GetObjReset accidentally returns all objects, GetObject returns only the specified one.
2020-01-21 08:36:27 +01:00
Michael Stapelberg
bf895afbc6
Merge pull request #91 from LogicalOverflow/master
...
GetSets/SetAddElements fixes
2020-01-14 16:49:37 +01:00
Leon Vack
45c777dde0
added a test adding elements to a set in an IPv6 table
2020-01-14 11:07:36 +01:00
Leon Vack
514aa0c301
stored table passed to GetSets as table in all returned sets
2020-01-14 11:06:46 +01:00
Leon Vack
19eb6eac29
fixed extraHeader in SetAddElements
2020-01-14 11:02:28 +01:00
Serguei Bezverkhi
80a905063c
Add set's id to newsetelem message ( #89 )
2020-01-01 17:05:55 +01:00
Alexis PIRES
c4896ab7c6
Add insert/replace ( #86 )
2020-01-01 16:50:27 +01:00
Michael Stapelberg
2228941ec5
remove extra space
2019-12-22 11:45:11 +01:00
Serguei Bezverkhi
1f2240c488
Flush fix ( #85 )
...
Clear messages after netlink return error
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-12-22 11:44:25 +01:00
Michael Stapelberg
7a7d417622
Merge pull request #84 from sbezverk/error_wrap
...
Replace %v with %w to wrap netlink error
2019-12-22 11:43:06 +01:00
Serguei Bezverkhi
a63c55f46a
Update go vet command line
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-12-20 12:00:14 -05:00
Serguei Bezverkhi
c243f4945b
Switching to recent golang version
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-12-20 11:57:27 -05:00
Serguei Bezverkhi
f528bf5cc6
Replace %v with %w to wrap netlink error
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-12-20 11:51:15 -05:00
Serguei Bezverkhi
756cfa14a8
Fix concatenated key set validation ( #83 )
2019-12-18 00:02:00 +01:00
Alexis PIRES
9a6c96795b
Stateless NAT and notrack support ( #82 )
2019-12-17 21:54:26 +01:00
Alexis PIRES
e2e83d0ff5
Add dup expr support ( #81 )
2019-12-13 23:35:06 +01:00