Module com.aoindustries.aoserv.daemon
Package com.aoindustries.aoserv.daemon.iptables

Class Ipset

java.lang.Object
com.aoindustries.aoserv.daemon.iptables.Ipset
public final class Ipset extends Object
Handles access to ipset.
Author:
AO Industries, Inc.

  • Field Details

  • Method Details

    • save

      public static String save(String setName, boolean missingAsNull) throws IOException
      Calls ipset -S, skipping any comment lines.
      Parameters:
      setName - the name of the set
      missingAsNull - when true, a missing set will be returned as null, otherwise will throw an exception
      Throws:
      IOException

    • create

      public static void create(String setName, Ipset.SetType setType, String... options) throws IOException
      Calls ipset -N.
      Throws:
      IOException

    • delete

      public static void delete(String setName, int entry) throws IOException
      Calls ipset -D.
      Throws:
      IOException

    • add

      public static void add(String setName, int entry) throws IOException
      Calls ipset -A.
      Throws:
      IOException

    • parse

      public static void parse(String save, Set<Integer> entries) throws IOException
      Parses an ipset save file, returning the mutable set of IP addresses in order dumped.
      Throws:
      IOException

    • synchronize

      public static void synchronize(Set<Integer> entries, short networkPrefix, String setName, PosixFile setDir) throws IOException
      Synchronizes a single set to the expected entries, both in-kernel and on-disk versions. Creates set in kernel if missing. Adds/removes any necessary changes. Updates on-disk only if missing or set modified.
      Parameters:
      entries - the ip or network entries, only the first MAX_IPSET_SIZE entries will be used
      networkPrefix - the network prefix or HOST_NETWORK_PREFIX for individual hosts
      setName - the set name used both in-kernel and on-disk
      setDir - the directory that stores the on-disk version
      Throws:
      IOException