Parse lines generated by iptables-save.
This parser is inspired by Ben Johnson's SQL Parser.
This parser parses lines returned from iptables-save or iptables -S and returns a Line or an Error.
A Line can be a Rule, Comment, Policy (default rule) or Header,
all of them being structs.
iptables has a lot of match extensions.
Only a few are implemented.
If one is not implemented, the parses returns an error for that line.
Just like in Match Extensions, not all of the target extensions are implemented.
package main
import (
"fmt"
"log"
ipt "github.com/coreos/go-iptables/iptables"
iptp "github.com/kilo-io/iptables_parser"
)
func main() {
t, err := ipt.NewWithProtocol(ipt.ProtocolIPv4)
if err != nil {
log.Fatal(err.Error())
}
rs, err := t.List("filter", "DOCKER")
if err != nil {
log.Fatal(err.Error())
}
for _, r := range rs {
fmt.Println(r)
tr, err := iptp.NewFromString(r)
if err != nil {
fmt.Printf("Error: %v", err)
continue
}
switch r := tr.(type) {
case iptp.Rule:
fmt.Printf("rule parsed: %v\n", r)
case iptp.Policy:
fmt.Printf("policy parsed: %v\n", r)
default:
fmt.Printf("something else happend: %v\n", r)
}
}
}