Jonathan Boulle
591ab2760d
*: refactor iptables invocation
|
9 lat temu | |
|---|---|---|
| iptables | 9 lat temu | |
| .travis.yml | 10 lat temu | |
| LICENSE | 10 lat temu | |
| README.md | 10 lat temu | |
| build | 10 lat temu | |
| build-check | 10 lat temu | |
| test | 10 lat temu |
README.md
go-iptables
Go bindings for iptables utility.
In-kernel netfilter does not have a good userspace API. The tables are manipulated via setsockopt that sets/replaces the entire table. Changes to existing table need to be resolved by userspace code which is difficult and error-prone. Netfilter developers heavily advocate using iptables utlity for programmatic manipulation.
go-iptables wraps invokation of iptables utility with functions to append and delete rules; create, clear and delete chains.