⚠️ VeridianOS Kernel Documentation - This is low-level kernel code. All functions are unsafe unless explicitly marked otherwise. no_std

FirewallEngine

veridian_kernel::net::firewall::chain

Struct FirewallEngine 

Source 
pub struct FirewallEngine {
    pub filter: FirewallTable,
    pub nat: FirewallTable,
    pub mangle: FirewallTable,
    pub rule_engine: RuleEngine,
    pub total_packets: u64,
    pub dropped_packets: u64,
}
Expand description

The main firewall engine that manages tables and processes packets

Fields§

§filter: FirewallTable

Filter table

§nat: FirewallTable

NAT table

§mangle: FirewallTable

Mangle table

§rule_engine: RuleEngine

Rule engine for evaluating individual rules

§total_packets: u64

Packet counter

§dropped_packets: u64

Dropped packet counter

Implementations§

Source§

impl FirewallEngine

Source

pub fn new() -> Self

Create a new firewall engine with default tables

Source

pub fn add_rule(&mut self, rule: FirewallRule) -> u64

Add a rule to the rule engine and return its ID

Source

pub fn add_to_filter_chain(&mut self, chain_name: &str, rule_id: u64) -> bool

Add a rule ID to a specific chain in the filter table

Source

pub fn add_to_nat_chain(&mut self, chain_name: &str, rule_id: u64) -> bool

Add a rule ID to a specific chain in the NAT table

Source

pub fn set_filter_policy( &mut self, chain_name: &str, policy: ChainPolicy, ) -> bool

Set the policy for a chain in the filter table

Source

pub fn process_packet( &mut self, hook: HookPoint, metadata: &PacketMetadata, ) -> Verdict

Process a packet through chains at a specific hook point

Evaluates mangle first, then filter (or nat for PreRouting/PostRouting). Returns the final verdict.

Trait Implementations§

Source§

impl Default for FirewallEngine

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl Freeze for FirewallEngine

§

impl RefUnwindSafe for FirewallEngine

§

impl Send for FirewallEngine

§

impl Sync for FirewallEngine

§

impl Unpin for FirewallEngine

§

impl UnwindSafe for FirewallEngine

Blanket Implementations§

§

impl<T> Any for T
where T: 'static + ?Sized,

§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> Borrow<T> for T
where T: ?Sized,

§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
§

impl<T> BorrowMut<T> for T
where T: ?Sized,

§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> From<T> for T

§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, U> Into<U> for T
where U: From<T>,

§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.