EdgeNode/internal/firewalls/nftables/rule.go

// Copyright 2022 GoEdge goedge.cdn@gmail.com. All rights reserved.
//go:build linux

package nftables

import (
	nft "github.com/google/nftables"
	"github.com/google/nftables/expr"
)

type Rule struct {
	rawRule *nft.Rule
}

func NewRule(rawRule *nft.Rule) *Rule {
	return &Rule{
		rawRule: rawRule,
	}
}

func (this *Rule) Raw() *nft.Rule {
	return this.rawRule
}

func (this *Rule) LookupSetName() string {
	for _, e := range this.rawRule.Exprs {
		exp, ok := e.(*expr.Lookup)
		if ok {
			return exp.SetName
		}
	}
	return ""
}

func (this *Rule) VerDict() expr.VerdictKind {
	for _, e := range this.rawRule.Exprs {
		exp, ok := e.(*expr.Verdict)
		if ok {
			return exp.Kind
		}
	}

	return -100
}

func (this *Rule) Handle() uint64 {
	return this.rawRule.Handle
}

func (this *Rule) UserData() []byte {
	return this.rawRule.UserData
}
修改copyright 2024-05-17 18:30:33 +08:00			`// Copyright 2022 GoEdge goedge.cdn@gmail.com. All rights reserved.`
优化IP名单同步速度 2023-04-19 12:01:02 +08:00			`//go:build linux`
实现基础的DDoS防护 2022-05-18 21:03:51 +08:00
			`package nftables`

			`import (`
			`nft "github.com/google/nftables"`
			`"github.com/google/nftables/expr"`
			`)`

			`type Rule struct {`
			`rawRule *nft.Rule`
			`}`

			`func NewRule(rawRule nft.Rule) Rule {`
			`return &Rule{`
			`rawRule: rawRule,`
			`}`
			`}`

			`func (this Rule) Raw() nft.Rule {`
			`return this.rawRule`
			`}`

			`func (this *Rule) LookupSetName() string {`
			`for _, e := range this.rawRule.Exprs {`
			`exp, ok := e.(*expr.Lookup)`
			`if ok {`
			`return exp.SetName`
			`}`
			`}`
			`return ""`
			`}`

			`func (this *Rule) VerDict() expr.VerdictKind {`
			`for _, e := range this.rawRule.Exprs {`
			`exp, ok := e.(*expr.Verdict)`
			`if ok {`
			`return exp.Kind`
			`}`
			`}`

			`return -100`
			`}`

			`func (this *Rule) Handle() uint64 {`
			`return this.rawRule.Handle`
			`}`

			`func (this *Rule) UserData() []byte {`
			`return this.rawRule.UserData`
			`}`