Feat optimize acl performance iptables (#1025)

* use ipset for iptables * Update unit-tests for iptables * Remove debug code * Update dependencies * Create separate sets for dPort and sPort rules * Fix iptables tests * Fix 0.0.0.0 processing in iptables with ipset
2025-08-19 03:16:58 +02:00 · 2023-07-24 15:00:23 +04:00
parent 76db4f801a
commit 6dee89379b
5 changed files with 225 additions and 33 deletions
--- a/client/firewall/iptables/rule.go
+++ b/client/firewall/iptables/rule.go
@@ -2,13 +2,16 @@ package iptables

 // Rule to handle management of rules
 type Rule struct {
-	id    string
+	ruleID    string
+	ipsetName string
+
 	specs []string
+	ip    string
 	dst   bool
 	v6    bool
 }

 // GetRuleID returns the rule id
 func (r *Rule) GetRuleID() string {
-	return r.id
+	return r.ruleID
 }