From 87de7ed3ec5671bf551325fe0d5c7b4fd4547829 Mon Sep 17 00:00:00 2001 From: Dnomd343 Date: Sat, 9 Sep 2023 15:05:31 +0800 Subject: [PATCH] feat: demo of golang iptables --- go.mod | 5 +++- go.sum | 2 ++ next/main.go | 7 ++++++ next/network/demo.go | 56 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 next/main.go create mode 100644 next/network/demo.go diff --git a/go.mod b/go.mod index 9225b6b..0434181 100644 --- a/go.mod +++ b/go.mod @@ -12,4 +12,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 ) -require golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect +require ( + github.com/coreos/go-iptables v0.7.0 // indirect + golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect +) diff --git a/go.sum b/go.sum index 9ec184f..b1d50ce 100644 --- a/go.sum +++ b/go.sum @@ -2,6 +2,8 @@ github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs= github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8= +github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= diff --git a/next/main.go b/next/main.go new file mode 100644 index 0000000..2998374 --- /dev/null +++ b/next/main.go @@ -0,0 +1,7 @@ +package main + +import "XProxy/next/network" + +func main() { + network.Demo() +} diff --git a/next/network/demo.go b/next/network/demo.go new file mode 100644 index 0000000..74ca108 --- /dev/null +++ b/next/network/demo.go @@ -0,0 +1,56 @@ +package network + +import ( + "fmt" + "github.com/coreos/go-iptables/iptables" +) + +type ipTables struct { + v4 *iptables.IPTables + v6 *iptables.IPTables +} + +var tables *ipTables + +func init() { + timeout := iptables.Timeout(8) + it4, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv4), timeout) + if err != nil { + // TODO: panic here + fmt.Printf("failed to init iptables -> %v\n", err) + } + it6, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv6), timeout) + if err != nil { + fmt.Printf("failed to init ip6tables -> %v\n", err) + } + + tables = &ipTables{ + v4: it4, + v6: it6, + } +} + +func Demo() { + fmt.Println("iptables demo start") + + //it, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv4), iptables.Timeout(5)) + //it, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv6), iptables.Timeout(5)) + + //if err != nil { + // fmt.Println(err) + //} + //fmt.Println(it) + + fmt.Println(tables.v4) + fmt.Println(tables.v6) + + chains, _ := tables.v4.ListChains("filter") + fmt.Println(chains) + + rules, _ := tables.v4.List("filter", "DOCKER-ISOLATION-STAGE-2") + //fmt.Println(rules) + for _, rule := range rules { + fmt.Println(rule) + + } +}