LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27108 Commits
1 Branch
46 MiB
 
 
 
 
 
 
Tree: 71bd1a8a59
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '71bd1a8a59'
${ noResults }
openwrt-packages-dist/utils/cni-plugins-nft/patches/010-fw4-force-inet-family.p...

330 lines
7.7 KiB
Raw Blame History

--- a/pkg/utils/broadcast_rule.go
+++ b/pkg/utils/broadcast_rule.go
@@ -25,7 +25,7 @@ func addPostRoutingBroadcastRule(opts ma
tb := &nftables.Table{
Name: tableName,
- Family: nftables.TableFamilyIPv4,
+ Family: nftables.TableFamilyINet,
}
ch := &nftables.Chain{
--- a/pkg/utils/chain_jump_rule.go
+++ b/pkg/utils/chain_jump_rule.go
@@ -26,11 +26,8 @@ func DeleteJumpRule(v, tableName, srcCha
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: srcChainName,
@@ -159,11 +156,8 @@ func createJumpRule(v, tableName, srcCha
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: srcChainName,
--- a/pkg/utils/chains.go
+++ b/pkg/utils/chains.go
@@ -33,14 +33,8 @@ func IsChainExists(v, tableName, chainNa
if chain.Table.Name != tableName {
continue
}
- if v == "4" {
- if chain.Table.Family != nftables.TableFamilyIPv4 {
- continue
- }
- } else {
- if chain.Table.Family != nftables.TableFamilyIPv6 {
- continue
- }
+ if chain.Table.Family != nftables.TableFamilyINet {
+ continue
}
return true, nil
}
@@ -100,11 +94,8 @@ func CreateChain(v, tableName, chainName
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+ tb.Family = nftables.TableFamilyINet
+
ch := &nftables.Chain{
Name: chainName,
Table: tb,
@@ -178,11 +169,9 @@ func CreateFilterForwardChain(v, tableNa
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
+
ch := &nftables.Chain{
Name: chainName,
Table: tb,
@@ -217,11 +206,8 @@ func DeleteChain(v, tableName, chainName
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/dest_nat.go
+++ b/pkg/utils/dest_nat.go
@@ -34,11 +34,8 @@ func AddDestinationNatRules(opts map[str
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/dest_nat_rewrite.go
+++ b/pkg/utils/dest_nat_rewrite.go
@@ -28,11 +28,8 @@ func AddDestinationNatRewriteRules(opts
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/filter_forward_inbound_traffic_rule.go
+++ b/pkg/utils/filter_forward_inbound_traffic_rule.go
@@ -16,11 +16,8 @@ func addFilterForwardInboundTrafficRule(
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/filter_forward_intra_interface_rule.go
+++ b/pkg/utils/filter_forward_intra_interface_rule.go
@@ -16,11 +16,8 @@ func addFilterForwardIntraInterfaceRule(
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/filter_forward_mapped_port_rules.go
+++ b/pkg/utils/filter_forward_mapped_port_rules.go
@@ -32,11 +32,8 @@ func AddFilterForwardMappedPortRules(opt
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
@@ -247,11 +244,8 @@ func RemoveFilterForwardMappedPortRules(
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/filter_forward_outbound_traffic_rule.go
+++ b/pkg/utils/filter_forward_outbound_traffic_rule.go
@@ -16,11 +16,8 @@ func addFilterForwardOutboundTrafficRule
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/get_chain_props.go
+++ b/pkg/utils/get_chain_props.go
@@ -33,14 +33,8 @@ func GetChainProps(v, tableName, chainNa
var chain *nftables.Chain
for _, c := range chains {
- if v == "4" {
- if c.Table.Family != nftables.TableFamilyIPv4 {
- continue
- }
- } else {
- if c.Table.Family != nftables.TableFamilyIPv6 {
- continue
- }
+ if c.Table.Family != nftables.TableFamilyINet {
+ continue
}
if chainName != c.Name {
continue
@@ -66,11 +60,8 @@ func GetChainProps(v, tableName, chainNa
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/local_multicast_rule.go
+++ b/pkg/utils/local_multicast_rule.go
@@ -23,11 +23,8 @@ func addPostRoutingLocalMulticastRule(op
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/log_deny_rule.go
+++ b/pkg/utils/log_deny_rule.go
@@ -16,11 +16,8 @@ func addLogDenyRule(v, tableName, chainN
tb := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- tb.Family = nftables.TableFamilyIPv4
- } else {
- tb.Family = nftables.TableFamilyIPv6
- }
+
+ tb.Family = nftables.TableFamilyINet
ch := &nftables.Chain{
Name: chainName,
--- a/pkg/utils/source_nat.go
+++ b/pkg/utils/source_nat.go
@@ -29,7 +29,7 @@ func addPostRoutingSourceNatRule(opts ma
tb := &nftables.Table{
Name: tableName,
- Family: nftables.TableFamilyIPv4,
+ Family: nftables.TableFamilyINet,
}
ch := &nftables.Chain{
@@ -97,7 +97,7 @@ func AddPostRoutingDestNatRule(opts map[
tb := &nftables.Table{
Name: tableName,
- Family: nftables.TableFamilyIPv4,
+ Family: nftables.TableFamilyINet,
}
ch := &nftables.Chain{
--- a/pkg/utils/tables.go
+++ b/pkg/utils/tables.go
@@ -34,14 +34,8 @@ func IsTableExist(v, tableName string) (
if table.Name != tableName {
continue
}
- if v == "4" {
- if table.Family != nftables.TableFamilyIPv4 {
- continue
- }
- } else {
- if table.Family != nftables.TableFamilyIPv6 {
- continue
- }
+ if table.Family != nftables.TableFamilyINet {
+ continue
}
return true, nil
}
@@ -62,11 +56,7 @@ func CreateTable(v, tableName string) er
t := &nftables.Table{
Name: tableName,
}
- if v == "4" {
- t.Family = nftables.TableFamilyIPv4
- } else {
- t.Family = nftables.TableFamilyIPv6
- }
+ t.Family = nftables.TableFamilyINet
conn.AddTable(t)
if err := conn.Flush(); err != nil {
return err