Andrew Dunham ba48ec5e39 util/linuxfw: initial implementation of package
This package is an initial implementation of something that can read
netfilter and iptables rules from the Linux kernel without needing to
shell out to an external utility; it speaks directly to the kernel using
syscalls and parses the data returned.

Currently this is read-only since it only knows how to parse a subset of
the available data.

Signed-off-by: Andrew Dunham <andrew@tailscale.com>
Change-Id: Iccadf5dcc081b73268d8ccf8884c24eb6a6f1ff5
2023-02-09 14:20:24 -05:00

32 lines
712 B
Go

// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause
//go:build cgo && linux
// Package linuxfwtest contains tests for the linuxfw package. Go does not
// support cgo in tests, and we don't want the main package to have a cgo
// dependency, so we put all the tests here and call them from the main package
// in tests intead.
package linuxfwtest
import (
"testing"
"unsafe"
)
/*
#include <sys/socket.h> // socket()
*/
import "C"
type SizeInfo struct {
SizeofSocklen uintptr
}
func TestSizes(t *testing.T, si *SizeInfo) {
want := unsafe.Sizeof(C.socklen_t(0))
if want != si.SizeofSocklen {
t.Errorf("sockLen has wrong size; want=%d got=%d", want, si.SizeofSocklen)
}
}