constants

`constants` ¶

nftables table names, network defaults, and log prefixes.

Pure literals with no logic — safe for import by the nft.py security boundary.

`NFT_TABLE = 'inet terok_shield'` `module-attribute` ¶

`NFT_TABLE_NAME = 'terok_shield'` `module-attribute` ¶

`PASTA_DNS = '169.254.1.1'` `module-attribute` ¶

`PASTA_HOST_LOOPBACK_MAP = '169.254.1.2'` `module-attribute` ¶

`RFC1918 = ('10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', '169.254.0.0/16')` `module-attribute` ¶

`IPV6_PRIVATE = ('fc00::/7', 'fe80::/10')` `module-attribute` ¶

`PRIVATE_RANGES = RFC1918 + IPV6_PRIVATE` `module-attribute` ¶

`SLIRP4NETNS_CIDR = '10.0.2.0/24'` `module-attribute` ¶

`SLIRP4NETNS_GATEWAY = '10.0.2.2'` `module-attribute` ¶

`SLIRP4NETNS_GATEWAY_V6 = 'fd00::2'` `module-attribute` ¶

`SLIRP4NETNS_DNS = '10.0.2.3'` `module-attribute` ¶

`DNSMASQ_BIND_DEFAULT = '127.0.0.1'` `module-attribute` ¶

`DNSMASQ_BIND_KRUN = '169.254.1.3'` `module-attribute` ¶

`NFT_SET_TIMEOUT_DNSMASQ = '30m'` `module-attribute` ¶

`NFLOG_GROUP = 100` `module-attribute` ¶

`BLOCKED_LOG_PREFIX = 'TEROK_SHIELD_BLOCKED'` `module-attribute` ¶

`DENIED_LOG_PREFIX = 'TEROK_SHIELD_DENIED'` `module-attribute` ¶

`PRIVATE_LOG_PREFIX = 'TEROK_SHIELD_PRIVATE'` `module-attribute` ¶

`ALLOWED_LOG_PREFIX = 'TEROK_SHIELD_ALLOWED'` `module-attribute` ¶

`BYPASS_LOG_PREFIX = 'TEROK_SHIELD_BYPASS'` `module-attribute` ¶

constants

constants ¶

NFT_TABLE = 'inet terok_shield' module-attribute ¶

NFT_TABLE_NAME = 'terok_shield' module-attribute ¶

PASTA_DNS = '169.254.1.1' module-attribute ¶

PASTA_HOST_LOOPBACK_MAP = '169.254.1.2' module-attribute ¶

RFC1918 = ('10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', '169.254.0.0/16') module-attribute ¶

IPV6_PRIVATE = ('fc00::/7', 'fe80::/10') module-attribute ¶

PRIVATE_RANGES = RFC1918 + IPV6_PRIVATE module-attribute ¶

SLIRP4NETNS_CIDR = '10.0.2.0/24' module-attribute ¶

SLIRP4NETNS_GATEWAY = '10.0.2.2' module-attribute ¶

SLIRP4NETNS_GATEWAY_V6 = 'fd00::2' module-attribute ¶

SLIRP4NETNS_DNS = '10.0.2.3' module-attribute ¶

DNSMASQ_BIND_DEFAULT = '127.0.0.1' module-attribute ¶

DNSMASQ_BIND_KRUN = '169.254.1.3' module-attribute ¶

NFT_SET_TIMEOUT_DNSMASQ = '30m' module-attribute ¶

NFLOG_GROUP = 100 module-attribute ¶

BLOCKED_LOG_PREFIX = 'TEROK_SHIELD_BLOCKED' module-attribute ¶

DENIED_LOG_PREFIX = 'TEROK_SHIELD_DENIED' module-attribute ¶

PRIVATE_LOG_PREFIX = 'TEROK_SHIELD_PRIVATE' module-attribute ¶

ALLOWED_LOG_PREFIX = 'TEROK_SHIELD_ALLOWED' module-attribute ¶

BYPASS_LOG_PREFIX = 'TEROK_SHIELD_BYPASS' module-attribute ¶

`constants` ¶

`NFT_TABLE = 'inet terok_shield'` `module-attribute` ¶

`NFT_TABLE_NAME = 'terok_shield'` `module-attribute` ¶

`PASTA_DNS = '169.254.1.1'` `module-attribute` ¶

`PASTA_HOST_LOOPBACK_MAP = '169.254.1.2'` `module-attribute` ¶

`RFC1918 = ('10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', '169.254.0.0/16')` `module-attribute` ¶

`IPV6_PRIVATE = ('fc00::/7', 'fe80::/10')` `module-attribute` ¶

`PRIVATE_RANGES = RFC1918 + IPV6_PRIVATE` `module-attribute` ¶

`SLIRP4NETNS_CIDR = '10.0.2.0/24'` `module-attribute` ¶

`SLIRP4NETNS_GATEWAY = '10.0.2.2'` `module-attribute` ¶

`SLIRP4NETNS_GATEWAY_V6 = 'fd00::2'` `module-attribute` ¶

`SLIRP4NETNS_DNS = '10.0.2.3'` `module-attribute` ¶

`DNSMASQ_BIND_DEFAULT = '127.0.0.1'` `module-attribute` ¶

`DNSMASQ_BIND_KRUN = '169.254.1.3'` `module-attribute` ¶

`NFT_SET_TIMEOUT_DNSMASQ = '30m'` `module-attribute` ¶

`NFLOG_GROUP = 100` `module-attribute` ¶

`BLOCKED_LOG_PREFIX = 'TEROK_SHIELD_BLOCKED'` `module-attribute` ¶

`DENIED_LOG_PREFIX = 'TEROK_SHIELD_DENIED'` `module-attribute` ¶

`PRIVATE_LOG_PREFIX = 'TEROK_SHIELD_PRIVATE'` `module-attribute` ¶

`ALLOWED_LOG_PREFIX = 'TEROK_SHIELD_ALLOWED'` `module-attribute` ¶

`BYPASS_LOG_PREFIX = 'TEROK_SHIELD_BYPASS'` `module-attribute` ¶