From 87de7ed3ec5671bf551325fe0d5c7b4fd4547829 Mon Sep 17 00:00:00 2001
From: Dnomd343 <dnomd343@gmail.com>
Date: Sat, 9 Sep 2023 15:05:31 +0800
Subject: [PATCH] feat: demo of golang iptables

---
 go.mod               |  5 +++-
 go.sum               |  2 ++
 next/main.go         |  7 ++++++
 next/network/demo.go | 56 ++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 69 insertions(+), 1 deletion(-)
 create mode 100644 next/main.go
 create mode 100644 next/network/demo.go

diff --git a/go.mod b/go.mod
index 9225b6b..0434181 100644
--- a/go.mod
+++ b/go.mod
@@ -12,4 +12,7 @@ require (
 	gopkg.in/yaml.v3 v3.0.1
 )
 
-require golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+require (
+	github.com/coreos/go-iptables v0.7.0 // indirect
+	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+)
diff --git a/go.sum b/go.sum
index 9ec184f..b1d50ce 100644
--- a/go.sum
+++ b/go.sum
@@ -2,6 +2,8 @@ github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8
 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
+github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8=
+github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
diff --git a/next/main.go b/next/main.go
new file mode 100644
index 0000000..2998374
--- /dev/null
+++ b/next/main.go
@@ -0,0 +1,7 @@
+package main
+
+import "XProxy/next/network"
+
+func main() {
+	network.Demo()
+}
diff --git a/next/network/demo.go b/next/network/demo.go
new file mode 100644
index 0000000..74ca108
--- /dev/null
+++ b/next/network/demo.go
@@ -0,0 +1,56 @@
+package network
+
+import (
+	"fmt"
+	"github.com/coreos/go-iptables/iptables"
+)
+
+type ipTables struct {
+	v4 *iptables.IPTables
+	v6 *iptables.IPTables
+}
+
+var tables *ipTables
+
+func init() {
+	timeout := iptables.Timeout(8)
+	it4, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv4), timeout)
+	if err != nil {
+		// TODO: panic here
+		fmt.Printf("failed to init iptables -> %v\n", err)
+	}
+	it6, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv6), timeout)
+	if err != nil {
+		fmt.Printf("failed to init ip6tables -> %v\n", err)
+	}
+
+	tables = &ipTables{
+		v4: it4,
+		v6: it6,
+	}
+}
+
+func Demo() {
+	fmt.Println("iptables demo start")
+
+	//it, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv4), iptables.Timeout(5))
+	//it, err := iptables.New(iptables.IPFamily(iptables.ProtocolIPv6), iptables.Timeout(5))
+
+	//if err != nil {
+	//	fmt.Println(err)
+	//}
+	//fmt.Println(it)
+
+	fmt.Println(tables.v4)
+	fmt.Println(tables.v6)
+
+	chains, _ := tables.v4.ListChains("filter")
+	fmt.Println(chains)
+
+	rules, _ := tables.v4.List("filter", "DOCKER-ISOLATION-STAGE-2")
+	//fmt.Println(rules)
+	for _, rule := range rules {
+		fmt.Println(rule)
+
+	}
+}