Shikong/iptables-helper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

完善解析

Browse Source
This commit is contained in:
shikong 2023-11-02 23:27:36 +08:00
parent a76ff7220c
commit eba89dc442
3 changed files with 28 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/utils/iptables/flag_test.go
View File

@ -1,7 +1,9 @@
package iptables package iptables
import ( import (
"fmt"
"iptables-helper/pkg/utils/command" "iptables-helper/pkg/utils/command"
utils "iptables-helper/pkg/utils/json"
"testing" "testing"
) )
@ -396,5 +398,7 @@ func TestParser(t *testing.T) {
-A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable -A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable
-A ufw-user-limit-accept -j ACCEPT` -A ufw-user-limit-accept -j ACCEPT`
Parse(result) info := Parse(result)
fmt.Printf("%+v\n", utils.Json(info))
fmt.Printf("解析 策略: %d, 策略链: %d, 规则: %d\n", len(info.Policies), len(info.Chains), len(info.Rules))
} }

9
pkg/utils/iptables/iptables.go
View File

@ -1,8 +1,11 @@
package iptables package iptables
// iptables 内置动作
var ( var (
ACCEPT Action = "ACCEPT" ACCEPT Action = "ACCEPT"
DROP Action = "DROP" DROP Action = "DROP"
REJECT Action = "REJECT"
RETURN Action = "RETURN"
) )
type Action string type Action string
@ -64,3 +67,9 @@ type Rule struct {
// --limit example: 3/min // --limit example: 3/min
Limit string `json:"limit"` Limit string `json:"limit"`
} }
type Info struct {
Policies []Policy `json:"policies"`
Chains []Chain `json:"chains"`
Rules []Rule `json:"rules"`
}

36
pkg/utils/iptables/parser.go
View File

@ -1,16 +1,14 @@
package iptables package iptables
import ( import (
"fmt"
flag "github.com/spf13/pflag" flag "github.com/spf13/pflag"
"iptables-helper/pkg/logger" "iptables-helper/pkg/logger"
utils "iptables-helper/pkg/utils/json"
"strings" "strings"
) )
// Parse // Parse
// iptables 规则解析 // iptables 规则解析
func Parse(rules string) { func Parse(rules string) Info {
results := strings.Split(rules, "\n") results := strings.Split(rules, "\n")
policyList := make([]Policy, 0) policyList := make([]Policy, 0)
@ -18,6 +16,11 @@ func Parse(rules string) {
ruleList := make([]Rule, 0) ruleList := make([]Rule, 0)
for _, rule := range results { for _, rule := range results {
rule = strings.TrimSpace(rule)
if len(rule) == 0 {
continue
}
logger.Log().Debug("解析规则: ", rule) logger.Log().Debug("解析规则: ", rule)
//rule := "-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER" //rule := "-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER"
@ -54,14 +57,10 @@ func Parse(rules string) {
chainList = append(chainList, chain) chainList = append(chainList, chain)
policyList = append(policyList, Policy{chain, target}) policyList = append(policyList, Policy{chain, target})
continue continue
} } else if len(newChain) > 0 {
if len(newChain) > 0 {
chainList = append(chainList, Chain(newChain)) chainList = append(chainList, Chain(newChain))
continue continue
} } else if len(appendRule) > 0 {
if len(appendRule) > 0 {
// 来源 // 来源
source := flagSet.StringP("source", "s", "", "") source := flagSet.StringP("source", "s", "", "")
excludeSource := flagSet.String("excludeS", "", "") excludeSource := flagSet.String("excludeS", "", "")
@ -120,23 +119,16 @@ func Parse(rules string) {
Limit: *limit, Limit: *limit,
} }
ruleList = append(ruleList, r) ruleList = append(ruleList, r)
} else {
logger.Log().Warnf("无法解析的规则: %+v", rule)
} }
//logger.Log().Debugf("appendRule %+v", appendRule) //logger.Log().Debugf("appendRule %+v", appendRule)
//logger.Log().Debugf("reverse %+v", reverse) //logger.Log().Debugf("reverse %+v", reverse)
} }
for i := 0; i < 50; i++ { return Info{
fmt.Print("=") policyList,
} chainList,
fmt.Println() ruleList,
for _, policy := range policyList {
logger.Log().Infof("默认策略: %s => %s", policy.Name, policy.Target)
}
for _, chain := range chainList {
logger.Log().Infof("自定义规则链: %s", chain)
}
for _, rule := range ruleList {
fmt.Printf("规则: %+v\n", utils.Json(rule))
} }
} }