forked from go-freebsd/pf
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rule_protocol.go
79 lines (70 loc) · 1.55 KB
/
rule_protocol.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package pf
import (
"bufio"
"fmt"
"os"
"strconv"
"strings"
)
// #include <net/if.h>
// #include "pfvar.h"
import "C"
// Protocol that should be filtered by pf
type Protocol uint8
const (
// ProtocolAny Any matches any protocol
ProtocolAny Protocol = 0
// ProtocolTCP TCP
ProtocolTCP Protocol = C.IPPROTO_TCP
// ProtocolUDP UDP
ProtocolUDP Protocol = C.IPPROTO_UDP
// ProtocolICMP ICMP
ProtocolICMP Protocol = C.IPPROTO_ICMP
)
// Default set of protocols.
var Protocols = map[int]string{
int(ProtocolAny): "any",
int(ProtocolICMP): "icmp",
int(ProtocolTCP): "tcp",
int(ProtocolUDP): "udp",
}
// Attempt to read valid protocols from the system's /etc/protocols file.
// Adapted from go/src/net/lookup_unix.go
func init() {
file, err := os.Open("/etc/protocols")
if err != nil {
return
}
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
line := scanner.Text()
// tcp 6 TCP # transmission control protocol
if i := strings.Index(line, "#"); i >= 0 {
line = line[0:i]
}
var f []string
for _, separator := range []string{" ", "\r", "\t", "\n"} {
f = strings.Split(line, separator)
if len(f) >= 2 {
break
}
}
if len(f) < 2 {
continue
}
if proto, err := strconv.Atoi(strings.TrimSpace(f[1])); err == nil {
// We ignore all but the first entries.
if _, ok := Protocols[proto]; !ok {
Protocols[proto] = strings.TrimSpace(f[0])
}
}
}
}
func (p Protocol) String() string {
if s, ok := Protocols[int(p)]; ok {
return s
} else {
return fmt.Sprintf("Protocol(%d)", p)
}
}