Adding simple ruleset interface

ruleset.go

@@ -0,0 +1,42 @@
+package socks5
+
+import (
+	"net"
+)
+
+// RuleSet is used to provide custom rules to allow or prohibit actions
+type RuleSet interface {
+	// AllowConnect is used to filter connect requests
+	AllowConnect(dstIP *net.IPAddr, dstPort int, srcIP *net.IPAddr, srcPort int) bool
+
+	// AllowBind is used to filter bind requests
+	AllowBind(dstIP *net.IPAddr, dstPort int, srcIP *net.IPAddr, srcPort int) bool
+
+	// AllowAssociate is used to filter associate requests
+	AllowAssociate(dstIP *net.IPAddr, dstPort int, srcIP *net.IPAddr, srcPort int) bool
+}
+
+// PermitAll is an returns a RuleSet which allows all types of connections
+func PermitAll() RuleSet {
+	return &PermitCommand{true, true, true}
+}
+
+// PermitCommand is an implementation of the RuleSet which
+// enables filtering supported commands
+type PermitCommand struct {
+	EnableConnect   bool
+	EnableBind      bool
+	EnableAssociate bool
+}
+
+func (p *PermitCommand) AllowConnect(*net.IPAddr, int, *net.IPAddr, int) bool {
+	return p.EnableConnect
+}
+
+func (p *PermitCommand) AllowBind(*net.IPAddr, int, *net.IPAddr, int) bool {
+	return p.EnableBind
+}
+
+func (p *PermitCommand) AllowAssociate(*net.IPAddr, int, *net.IPAddr, int) bool {
+	return p.EnableAssociate
+}

ruleset_test.go

@@ -0,0 +1,21 @@
+package socks5
+
+import (
+	"testing"
+)
+
+func TestPermitCommand(t *testing.T) {
+	r := &PermitCommand{true, false, false}
+
+	if !r.AllowConnect(nil, 500, nil, 1000) {
+		t.Fatalf("expect connect")
+	}
+
+	if r.AllowBind(nil, 500, nil, 1000) {
+		t.Fatalf("do not expect bind")
+	}
+
+	if r.AllowAssociate(nil, 500, nil, 1000) {
+		t.Fatalf("do not expect associate")
+	}
+}