Struct riptables::RIPTables

pub struct RIPTables {
    pub cmd: &'static str,
    pub has_check: bool,
    pub has_wait: bool,
}

Fields

cmd: &'static str

The utility command which must be 'iptables' or 'ip6tables'.

has_check: bool

Indicates if iptables has -C (--check) option

has_wait: bool

Indicates if iptables has -w (--wait) option

Methods

impl RIPTables

pub fn execute<T>(&self, caller: T) -> RIPTResult<(i32, String)> where
    T: Fn(&mut Command) -> &mut Command, 

Execute iptables command

Example

let iptables = riptables::new(false).unwrap();
iptables.execute(|iptables| iptables.args(&["-t", "nat", "-A", "TESTNAT", "-j", "ACCEPT"])).is_ok();

pub fn get_policy<S>(&self, table: S, chain: S) -> RIPTResult<Option<String>> where
    S: AsRef<OsStr> + Clone, 

Get the default policy for a table/chain.

Example

let iptables = riptables::new(false).unwrap();
iptables.get_policy("filter", "INPUT").is_ok();

pub fn set_policy<S>(&self, table: S, chain: S, policy: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Set the default policy for a table/chain.

Example

let iptables = riptables::new(false).unwrap();
iptables.set_policy("mangle", "FORWARD", "DROP").unwrap();

pub fn insert<S>(
    &self,
    table: S,
    chain: S,
    rule: S,
    position: i32
) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Inserts rule in the position to the table/chain. Returns true if the rule is inserted.

Example

let iptables = riptables::new(false).unwrap();
iptables.insert("nat", "TESTNAT", "-j ACCEPT", 1).unwrap();

pub fn insert_unique<S>(
    &self,
    table: S,
    chain: S,
    rule: S,
    position: i32
) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Inserts rule in the position to the table/chain if it does not exist. Returns true if the rule is inserted.

Example

let iptables = riptables::new(false).unwrap();
iptables.insert_unique("nat", "TESTNAT", "-j ACCEPT", 1).unwrap();

pub fn replace<S>(
    &self,
    table: S,
    chain: S,
    rule: S,
    position: i32
) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Replaces rule in the position to the table/chain. Returns true if the rule is replaced.

Example

let iptables = riptables::new(false).unwrap();
iptables.replace("nat", "TESTNAT", "-j ACCEPT", 1).unwrap();

pub fn append<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Appends rule to the table/chain. Returns true if the rule is appended.

Example

let iptables = riptables::new(false).unwrap();
iptables.append("nat", "TESTNAT", "-m comment --comment \"double-quoted comment\" -j ACCEPT").unwrap();

pub fn append_unique<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Appends rule to the table/chain if it does not exist. Returns true if the rule is appended.

Example

let iptables = riptables::new(false).unwrap();
iptables.append_unique("nat", "TESTNAT", "-m comment --comment \"double-quoted comment\" -j ACCEPT").unwrap();

pub fn append_replace<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Appends or replaces rule to the table/chain if it does not exist. Returns true if the rule is appended or replaced.

Example

let iptables = riptables::new(false).unwrap();
iptables.append_replace("nat", "TESTNAT", "-m comment --comment \"double-quoted comment\" -j ACCEPT").unwrap();

pub fn delete<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Deletes rule from the table/chain. Returns true if the rule is deleted.

Example

let iptables = riptables::new(false).unwrap();
iptables.delete("nat", "TESTNAT", "-j ACCEPT").unwrap();

pub fn delete_all<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Deletes all repetition of the rule from the table/chain. Returns true if the rules are deleted.

let iptables = riptables::new(false).unwrap();
iptables.delete_all("nat", "TESTNAT", "-j ACCEPT").unwrap();

pub fn list<S>(&self, table: S) -> RIPTResult<Vec<RIPTRule>> where
    S: AsRef<OsStr> + Clone, 

Lists rules in the table/chain.

Example

use riptables::rule::{Archive, RIPTRule};

let iptables = riptables::new(false).unwrap();

let table = "nat";
let name = "TESTNAT";
iptables.new_chain(table, name).unwrap();
iptables.insert(table, name, "-j ACCEPT", 1).unwrap();
let rules: Vec<RIPTRule> = iptables.list("nat").unwrap();
iptables.delete(table, name, "-j ACCEPT").unwrap();
iptables.delete_chain(table, name).unwrap();

println!("{}", rules.len());

for rule in rules {
  println!("{:?}", rule);
  println!("{:?}", rule.table);
  println!("{:?}", rule.chain);
  println!("{:?}", rule.origin);
}

pub fn chain_names<S>(&self, table: S) -> RIPTResult<Vec<String>> where
    S: AsRef<OsStr> + Clone, 

Lists the name of each chain in the table.

Example

let iptables = riptables::new(false).unwrap();
let names = iptables.chain_names("nat");

pub fn list_chains<S>(&self, table: S, chain: S) -> RIPTResult<Vec<RIPTRule>> where
    S: AsRef<OsStr> + Clone, 

Lists rules in the table/chain.

Example

use riptables::rule::RIPTRule;

let iptables = riptables::new(false).unwrap();
let rules: Vec<RIPTRule> = iptables.list_chains("nat", "INPUT").unwrap();

pub fn new_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Creates a new user-defined chain. Returns true if the chain is created.

Example

let iptables = riptables::new(false).unwrap();
iptables.new_chain("nat", "TESTNAT");

pub fn delete_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Deletes a user-defined chain in the table. Returns true if the chain is deleted.

Example

let iptables = riptables::new(false).unwrap();
iptables.delete_chain("nat", "TESTNAT");

pub fn rename_chain<S>(
    &self,
    table: S,
    old_chain: S,
    new_chain: S
) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Renames a chain in the table. Returns true if the chain is renamed.

Example

let iptables = riptables::new(false).unwrap();
iptables.rename_chain("nat", "TESTNAT", "OTHERNAME");

pub fn flush_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Flushes (deletes all rules) a chain. Returns true if the chain is flushed.

Example

let iptables = riptables::new(false).unwrap();
iptables.flush_chain("nat", "TESTNAT");

pub fn exists_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Checks for the existence of the chain in the table. Returns true if the chain exists.

Example

let iptables = riptables::new(false).unwrap();
iptables.exists_chain("nat", "TESTNAT");

pub fn flush_table<S>(&self, table: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Flushes all chains in a table. Returns true if the chains are flushed.

Example

let iptables = riptables::new(false).unwrap();
iptables.flush_table("nat");

pub fn list_tables<S>(&self, table: S) -> RIPTResult<Vec<RIPTRule>> where
    S: AsRef<OsStr> + Clone, 

Lists rules in the table.

Example

use riptables::rule::RIPTRule;

let iptables = riptables::new(false).unwrap();
let rule: Vec<RIPTRule> = iptables.list_tables("nat").unwrap();

pub fn exists<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool> where
    S: AsRef<OsStr> + Clone, 

Checks for the existence of the rule in the table/chain. Returns true if the rule exists.

Example

let iptables = riptables::new(false).unwrap();
iptables.exists("nat", "TESTNAT", "-j ACCEPT").unwrap();