feat: demo of golang iptables

10 months ago · 87de7ed3ec
4 changed files with 69 additions and 1 deletions
--- a/go.mod
+++ b/go.mod
@ -12,4 +12,7 @@ require (
 	gopkg.in/yaml.v3 v3.0.1
 )

-require golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+require (
+	github.com/coreos/go-iptables v0.7.0 // indirect
+	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+)
--- a/go.sum
+++ b/go.sum
@ -2,6 +2,8 @@ github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8
 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
+github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8=
+github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
--- a/next/main.go
+++ b/next/main.go
@ -0,0 +1,7 @@
+package main
+
+import "XProxy/next/network"
+
+func main() {
+	network.Demo()
+}
--- a/next/network/demo.go
+++ b/next/network/demo.go
@ -0,0 +1,56 @@
+package network
+
+import (
+	"fmt"
+	"github.com/coreos/go-iptables/iptables"
+)
+
+type ipTables struct {
+	v4 *iptables.IPTables
+	v6 *iptables.IPTables
+}
+
+var tables *ipTables
+
+func init() {
+	timeout := iptables.Timeout(8)
+	it4, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv4), timeout)
+	if err != nil {
+		// TODO: panic here
+		fmt.Printf("failed to init iptables -> %v\n", err)
+	}
+	it6, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv6), timeout)
+	if err != nil {
+		fmt.Printf("failed to init ip6tables -> %v\n", err)
+	}
+
+	tables = &ipTables{
+		v4: it4,
+		v6: it6,
+	}
+}
+
+func Demo() {
+	fmt.Println("iptables demo start")
+
+	//it, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv4), iptables.Timeout(5))
+	//it, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv6), iptables.Timeout(5))
+
+	//if err != nil {
+	//	fmt.Println(err)
+	//}
+	//fmt.Println(it)
+
+	fmt.Println(tables.v4)
+	fmt.Println(tables.v6)
+
+	chains, _ := tables.v4.ListChains("filter")
+	fmt.Println(chains)
+
+	rules, _ := tables.v4.List("filter", "DOCKER-ISOLATION-STAGE-2")
+	//fmt.Println(rules)
+	for _, rule := range rules {
+		fmt.Println(rule)
+
+	}
+}