go.ligato.io/vpp-agent/v3@v3.5.0/plugins/linux/iptablesplugin/linuxcalls/iptables_api.go

go.ligato.io/vpp-agent/v3@v3.5.0/plugins/linux/iptablesplugin/linuxcalls/iptables_api.go (about)

     1  // Copyright (c) 2019 Cisco and/or its affiliates.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at:
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package linuxcalls
    16  
    17  // L3Protocol to differentiate between IPv4 and IPv6
    18  type L3Protocol byte
    19  
    20  const (
    21  	ProtocolIPv4 L3Protocol = iota
    22  	ProtocolIPv6
    23  )
    24  
    25  // IPTablesAPI interface covers all methods inside linux calls package needed
    26  // to manage linux iptables rules.
    27  type IPTablesAPI interface {
    28  	// Init initializes an iptables handler.
    29  	Init(config *HandlerConfig) error
    30  
    31  	IPTablesAPIWrite
    32  	IPTablesAPIRead
    33  }
    34  
    35  // IPTablesAPIWrite interface covers write methods inside linux calls package
    36  // needed to manage linux iptables rules.
    37  type IPTablesAPIWrite interface {
    38  	// CreateChain creates an iptables chain in the specified table.
    39  	CreateChain(protocol L3Protocol, table, chain string) error
    40  
    41  	// DeleteChain deletes an iptables chain in the specified table.
    42  	DeleteChain(protocol L3Protocol, table, chain string) error
    43  
    44  	// SetChainDefaultPolicy sets default policy in the specified chain. Should be called only on FILTER tables.
    45  	SetChainDefaultPolicy(protocol L3Protocol, table, chain, defaultPolicy string) error
    46  
    47  	// AppendRule appends a rule into the specified chain.
    48  	AppendRule(protocol L3Protocol, table, chain string, rule string) error
    49  
    50  	// AppendRules appends rules into the specified chain.
    51  	AppendRules(protocol L3Protocol, table, chain string, rules ...string) error
    52  
    53  	// DeleteRule deletes a rule from the specified chain.
    54  	DeleteRule(protocol L3Protocol, table, chain string, rule string) error
    55  
    56  	// DeleteAllRules deletes all rules within the specified chain.
    57  	DeleteAllRules(protocol L3Protocol, table, chain string) error
    58  }
    59  
    60  // IPTablesAPIRead interface covers read methods inside linux calls package
    61  // needed to manage linux iptables rules.
    62  type IPTablesAPIRead interface {
    63  	// ListRules lists all rules within the specified chain.
    64  	ListRules(protocol L3Protocol, table, chain string) (rules []string, err error)
    65  }
    66  
    67  // HandlerConfig holds the IPTablesHandler related configuration.
    68  type HandlerConfig struct {
    69  	MinRuleCountForPerfRuleAddition int `json:"min-rule-count-for-performance-rule-addition"`
    70  }
    71  
    72  // NewIPTablesHandler creates new instance of iptables handler.
    73  func NewIPTablesHandler() *IPTablesHandler {
    74  	return &IPTablesHandler{}
    75  }