From ad6bb105179cb69dc18c81e0f5438548057367c5 Mon Sep 17 00:00:00 2001
From: Michel Prunet <mprunet@users.noreply.github.com>
Date: Wed, 24 May 2023 12:57:19 +0200
Subject: [PATCH] Update iptables.go

Add a method to known all chain default policy
---
 iptables/iptables.go | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/iptables/iptables.go b/iptables/iptables.go
index 1e7ad24..50edb6b 100644
--- a/iptables/iptables.go
+++ b/iptables/iptables.go
@@ -296,6 +296,30 @@ func (ipt *IPTables) ChainExists(table, chain string) (bool, error) {
 	}
 }
 
+// ChainsPolicies returns a slice containing a struct with the name and the default policy of each chain in the specified table.
+func (ipt *IPTables) ChainsPolicies(table string) (map[string]string, error) {
+	ret := make(map[string]string)
+	args := []string{"-t", table, "-S"}
+
+	result, err := ipt.executeList(args)
+	if err != nil {
+		return nil, err
+	}
+
+	// Iterate over rules to find all default (-P)
+	// Chains definition always come before rules.
+	// Format is the following:
+	// -P OUTPUT ACCEPT
+	for _, val := range result {
+		if strings.HasPrefix(val, "-P") {
+			ret[strings.Fields(val)[1]] = strings.Fields(val)[2]
+		} else {
+			break
+		}
+	}
+	return ret, nil
+}
+
 // Stats lists rules including the byte and packet counts
 func (ipt *IPTables) Stats(table, chain string) ([][]string, error) {
 	args := []string{"-t", table, "-L", chain, "-n", "-v", "-x"}