Struct RIPTables

pub struct RIPTables {
    pub cmd: &'static str,
    pub has_check: bool,
    pub has_wait: bool,
}

Fields

cmd: &'static str

The utility command which must be ‘iptables’ or ‘ip6tables’.

has_check: bool

Indicates if iptables has -C (–check) option

has_wait: bool

Indicates if iptables has -w (–wait) option

Implementations

impl RIPTables

pub fn execute<T>(&self, caller: T) -> RIPTResult<(i32, String)>

where T: Fn(&mut Command) -> &mut Command,

Execute iptables command

Example

let iptables = riptables::new(false).unwrap();
iptables.execute(|iptables| iptables.args(&["-t", "nat", "-A", "TESTNAT", "-j", "ACCEPT"])).is_ok();

pub fn get_policy<S>(&self, table: S, chain: S) -> RIPTResult<Option<String>>

where S: AsRef<OsStr> + Clone,

Get the default policy for a table/chain.

Example

let iptables = riptables::new(false).unwrap();
iptables.get_policy("filter", "INPUT").is_ok();

pub fn set_policy<S>(&self, table: S, chain: S, policy: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Set the default policy for a table/chain.

Example

let iptables = riptables::new(false).unwrap();
iptables.set_policy("mangle", "FORWARD", "DROP").unwrap();

pub fn insert<S>( &self, table: S, chain: S, rule: S, position: i32, ) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Inserts rule in the position to the table/chain. Returns true if the rule is inserted.

Example

let iptables = riptables::new(false).unwrap();
iptables.insert("nat", "TESTNAT", "-j ACCEPT", 1).unwrap();

pub fn insert_unique<S>( &self, table: S, chain: S, rule: S, position: i32, ) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Inserts rule in the position to the table/chain if it does not exist. Returns true if the rule is inserted.

Example

let iptables = riptables::new(false).unwrap();
iptables.insert_unique("nat", "TESTNAT", "-j ACCEPT", 1).unwrap();

pub fn replace<S>( &self, table: S, chain: S, rule: S, position: i32, ) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Replaces rule in the position to the table/chain. Returns true if the rule is replaced.

Example

let iptables = riptables::new(false).unwrap();
iptables.replace("nat", "TESTNAT", "-j ACCEPT", 1).unwrap();

pub fn append<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Appends rule to the table/chain. Returns true if the rule is appended.

Example

let iptables = riptables::new(false).unwrap();
iptables.append("nat", "TESTNAT", "-m comment --comment \"double-quoted comment\" -j ACCEPT").unwrap();

pub fn append_unique<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Appends rule to the table/chain if it does not exist. Returns true if the rule is appended.

Example

let iptables = riptables::new(false).unwrap();
iptables.append_unique("nat", "TESTNAT", "-m comment --comment \"double-quoted comment\" -j ACCEPT").unwrap();

pub fn append_replace<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Appends or replaces rule to the table/chain if it does not exist. Returns true if the rule is appended or replaced.

Example

let iptables = riptables::new(false).unwrap();
iptables.append_replace("nat", "TESTNAT", "-m comment --comment \"double-quoted comment\" -j ACCEPT").unwrap();

pub fn delete<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Deletes rule from the table/chain. Returns true if the rule is deleted.

Example

let iptables = riptables::new(false).unwrap();
iptables.delete("nat", "TESTNAT", "-j ACCEPT").unwrap();

pub fn delete_all<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Deletes all repetition of the rule from the table/chain. Returns true if the rules are deleted.

let iptables = riptables::new(false).unwrap();
iptables.delete_all("nat", "TESTNAT", "-j ACCEPT").unwrap();

pub fn list<S>(&self, table: S) -> RIPTResult<Vec<RIPTRule>>

where S: AsRef<OsStr> + Clone,

Lists rules in the table/chain.

Example

use riptables::rule::{Archive, RIPTRule};

let iptables = riptables::new(false).unwrap();

let table = "nat";
let name = "TESTNAT";
iptables.new_chain(table, name).unwrap();
iptables.insert(table, name, "-j ACCEPT", 1).unwrap();
let rules: Vec<RIPTRule> = iptables.list("nat").unwrap();
iptables.delete(table, name, "-j ACCEPT").unwrap();
iptables.delete_chain(table, name).unwrap();

println!("{}", rules.len());

for rule in rules {
  println!("{:?}", rule);
  println!("{:?}", rule.table);
  println!("{:?}", rule.chain);
  println!("{:?}", rule.origin);
}

pub fn chain_names<S>(&self, table: S) -> RIPTResult<Vec<String>>

where S: AsRef<OsStr> + Clone,

Lists the name of each chain in the table.

Example

let iptables = riptables::new(false).unwrap();
let names = iptables.chain_names("nat");

pub fn list_chains<S>(&self, table: S, chain: S) -> RIPTResult<Vec<RIPTRule>>

where S: AsRef<OsStr> + Clone,

Lists rules in the table/chain.

Example

use riptables::rule::RIPTRule;

let iptables = riptables::new(false).unwrap();
let rules: Vec<RIPTRule> = iptables.list_chains("nat", "INPUT").unwrap();

pub fn new_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Creates a new user-defined chain. Returns true if the chain is created.

Example

let iptables = riptables::new(false).unwrap();
iptables.new_chain("nat", "TESTNAT");

pub fn delete_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Deletes a user-defined chain in the table. Returns true if the chain is deleted.

Example

let iptables = riptables::new(false).unwrap();
iptables.delete_chain("nat", "TESTNAT");

pub fn rename_chain<S>( &self, table: S, old_chain: S, new_chain: S, ) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Renames a chain in the table. Returns true if the chain is renamed.

Example

let iptables = riptables::new(false).unwrap();
iptables.rename_chain("nat", "TESTNAT", "OTHERNAME");

pub fn flush_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Flushes (deletes all rules) a chain. Returns true if the chain is flushed.

Example

let iptables = riptables::new(false).unwrap();
iptables.flush_chain("nat", "TESTNAT");

pub fn exists_chain<S>(&self, table: S, chain: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Checks for the existence of the chain in the table. Returns true if the chain exists.

Example

let iptables = riptables::new(false).unwrap();
iptables.exists_chain("nat", "TESTNAT");

pub fn flush_table<S>(&self, table: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Flushes all chains in a table. Returns true if the chains are flushed.

Example

let iptables = riptables::new(false).unwrap();
iptables.flush_table("nat");

pub fn list_tables<S>(&self, table: S) -> RIPTResult<Vec<RIPTRule>>

where S: AsRef<OsStr> + Clone,

Lists rules in the table.

Example

use riptables::rule::RIPTRule;

let iptables = riptables::new(false).unwrap();
let rule: Vec<RIPTRule> = iptables.list_tables("nat").unwrap();

pub fn exists<S>(&self, table: S, chain: S, rule: S) -> RIPTResult<bool>

where S: AsRef<OsStr> + Clone,

Checks for the existence of the rule in the table/chain. Returns true if the rule exists.

Example

let iptables = riptables::new(false).unwrap();
iptables.exists("nat", "TESTNAT", "-j ACCEPT").unwrap();