diff options
Diffstat (limited to 'pkg/tcpip/iptables')
-rw-r--r-- | pkg/tcpip/iptables/types.go | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/pkg/tcpip/iptables/types.go b/pkg/tcpip/iptables/types.go index 9f6906100..4b2a9c294 100644 --- a/pkg/tcpip/iptables/types.go +++ b/pkg/tcpip/iptables/types.go @@ -151,6 +151,9 @@ func (table *Table) SetMetadata(metadata interface{}) { // packets this rule applies to. If there are no matchers in the rule, it // applies to any packet. type Rule struct { + // IPHeaderFilters holds basic IP filtering fields common to every rule. + IPHeaderFilter IPHeaderFilter + // Matchers is the list of matchers for this rule. Matchers []Matcher @@ -158,6 +161,23 @@ type Rule struct { Target Target } +// TODO: This is gross. +// TODO: Save this in SetEntries. +// TODO: Utilize this when traversing tables. +type IPHeaderFilter struct { + Source [4]byte + Destination [4]byte + SourceMask [4]byte + DestinationMask [4]byte + OutputInterface string + InputInterface string + OutputInterfaceMask string + InputInterfaceMask string + Protocol uint16 + Flags uint8 + InverseFlags uint8 +} + // A Matcher is the interface for matching packets. type Matcher interface { // Match returns whether the packet matches and whether the packet |