2021-06-18 17:55:01 +03:00
|
|
|
package aghnet
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net"
|
|
|
|
)
|
|
|
|
|
|
|
|
// IpsetManager is the ipset manager interface.
|
|
|
|
//
|
|
|
|
// TODO(a.garipov): Perhaps generalize this into some kind of a NetFilter type,
|
|
|
|
// since ipset is exclusive to Linux?
|
|
|
|
type IpsetManager interface {
|
|
|
|
Add(host string, ip4s, ip6s []net.IP) (n int, err error)
|
|
|
|
Close() (err error)
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewIpsetManager returns a new ipset. IPv4 addresses are added to an ipset
|
|
|
|
// with an ipv4 family; IPv6 addresses, to an ipv6 ipset. ipset must exist.
|
|
|
|
//
|
|
|
|
// The syntax of the ipsetConf is:
|
|
|
|
//
|
2022-09-07 18:03:18 +03:00
|
|
|
// DOMAIN[,DOMAIN].../IPSET_NAME[,IPSET_NAME]...
|
2021-06-18 17:55:01 +03:00
|
|
|
//
|
2021-12-27 20:54:00 +03:00
|
|
|
// If ipsetConf is empty, msg and err are nil. The error is of type
|
|
|
|
// *aghos.UnsupportedError if the OS is not supported.
|
2021-06-18 17:55:01 +03:00
|
|
|
func NewIpsetManager(ipsetConf []string) (mgr IpsetManager, err error) {
|
2021-12-27 20:54:00 +03:00
|
|
|
if len(ipsetConf) == 0 {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
2021-06-18 17:55:01 +03:00
|
|
|
return newIpsetMgr(ipsetConf)
|
|
|
|
}
|