xiaoff
1aef2ba20e
Fix: add NFTA_RULE_COMPAT attribute ( #207 )
...
xt_matches or xt_targets like xt_tcpudp may have specific compat policy and
if not set flush rule will error with EINVAL
according to https://elixir.bootlin.com/linux/v3.13/source/net/netfilter/x_tables.c#L563
Signed-off-by: xiaoff <zhaofeng_0019@163.com>
2022-12-08 09:05:15 +01:00
turekt
535f5eb8da
Fix incorrect netlink acknowledgement handling ( #194 )
...
fixes https://github.com/google/nftables/issues/175
2022-10-02 16:01:48 +02:00
turekt
ec1e802faf
Added dynset exprs support ( #173 )
...
fixes https://github.com/google/nftables/issues/172
- Rearranged `exprFromMsg` function
- Rearranged limit expr marshaling logic
- Added dynamic flag for sets
- Implemented connlimit
- Added missing constants
- Added tests
2022-07-29 18:32:59 +02:00
thediveo
3e042f75d7
refactor: pass table family when un/marshalling expr
2022-05-15 23:12:26 +02:00
TheDiveO
aeea153026
un/marshal Match and Target expressions ( #163 )
2022-05-12 17:33:22 +02:00
TheDiveO
eeaebcf552
add New constructor (with options functions, such as lasting connection)
...
* Close receiver for lasting netlink connections while defaulting to existing temporary netlink connection usage
* add unit test for New lasting connection, Close and correct default connection handling behavior
* refactor tests to use New constructor
* make Conn mutex un-exported (#159 )
fixes issue #157
2022-05-09 13:25:29 +02:00
TheDiveO
85d0f3a0db
add GetRules and deprecate GetRule, update tests ( #160 )
2022-05-08 20:39:12 +02:00
Rafael Campos Las Heras
c4d774fc49
Fix expression parsing for notracking
...
Fix the expression parsing for non data content like `notracking`
expression.
2022-04-07 21:54:05 +02:00
Ben de Graaff
2ba518ec5c
Unmarshal Exthdr and support DestRegister/Flags for reads ( #151 ) ( #152 )
...
* Unmarshal Exthdr and support DestRegister/Flags for reads
Some fields in Exthdr are context-sensitive. Mixing unexpected fields
will result in EOPNOTSUPP.
* Fix order in which Exthdr attributes are written
2022-04-05 21:44:27 +02:00
Michael Stapelberg
19672dc9fe
rule: carry over all table attributes (including family)
...
fixes https://github.com/google/nftables/issues/150
2022-04-02 15:01:06 +02:00
Gustavo Iñiguez Goia
5a9391c12f
Added support for quota expression ( #149 )
2022-03-29 18:00:11 +02:00
turekt
8aa05f01ea
Log prefix expression support ( #146 )
...
Fixes https://github.com/google/nftables/issues/115
Added expr.Log to EXPR_DATA switch
Added test for expr.Log parsing
2022-02-19 20:57:22 +01:00
turekt
a46119e592
Support for rule position 0 ( #143 )
...
Added uint32 Flags to Rule struct to support rules set with position 0
fixes https://github.com/google/nftables/issues/126
2022-01-29 19:26:06 +01:00
pengyuan.dai
523112131a
Add expr.Ct and expr.Range type select in exprsFromMsg ( #120 )
...
fixes #119
2021-05-11 11:11:10 +02:00
Grégoire Delattre
7127d9d224
Add support for rate limiting ( #101 )
2020-03-16 08:58:19 +01:00
Serguei Bezverkhi
1c56a1906f
Add Dynset expression and unit test ( #97 )
...
* Add dynset expression and unit test
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-02-10 11:14:20 +01:00
Alexis PIRES
c4896ab7c6
Add insert/replace ( #86 )
2020-01-01 16:50:27 +01:00
Serguei Bezverkhi
14f3137cde
protect cc.messages from racing ( #75 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-11-14 16:22:42 +01:00
Serguei Bezverkhi
26aec69f06
enable redir and nat decoders ( #73 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-11-08 09:17:41 +01:00
Serguei Bezverkhi
e0f4f3f8f8
Add bitwise decoder logic ( #71 )
2019-11-07 15:38:12 +01:00
Serguei Bezverkhi
5cb71bfba1
rule replace ( #50 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-19 23:35:24 +02:00
Serguei Bezverkhi
0b3d8b56f6
Implementation of UserData struct encode/decode ( #49 )
2019-08-15 08:25:30 +02:00
Serguei Bezverkhi
635111f591
Adding DelRule and unit tests ( #36 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-07-14 14:49:03 +02:00
Serguei Bezverkhi
b62e86457d
Change logic of searching for rule's ID ( #34 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-07-08 22:46:23 +02:00
Serguei Bezverkhi
7c0b8e78d4
Add support for rule's handle, position and id ( #33 )
2019-07-08 18:01:35 +02:00
Ryan Whelan
7bac3e3135
Restructure code base into smaller files ( #15 )
...
* Restrcture code base into smaller files
* Package level doc string
* Move ExprsFromMsg back from expr sub-module
* gofmt
2019-05-03 23:54:09 +02:00