Fixes #2.

README.md

@@ -20,7 +20,23 @@ Basically the only system requirement is that the **netfilter** framework to be
 sure is installed by default in Linux based OSes.
 
 Other requirement is about permission levels. To properly execute the provided methods the application that uses the
-module must have the proper `sudo` privileges.
+module must have the proper `sudo` privileges. One way to do it could be by adding a custom user to the system:
+
+`sudo adduser --system --no-create-home netfilter`
+
+then add its permissions at `/etc/sudoers` file:
+
+`netfilter ALL= NOPASSWD: /sbin/iptables, /sbin/ip6tables, /sbin/ipset`
+
+and then execute the commands with `sudo: true`:
+
+	iptables.flush({
+		sudo: true
+	}, function (error) {
+		if (error) {
+			console.log(error);
+		}
+	});
 
 ## Issues
 

lib/ipset/add.js

@@ -11,10 +11,14 @@ module.exports = function (options, cb) {
     throw new Error('Invalid arguments. Signature: (options, callback?)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'add', '-exist'];
+  var cmd = [ipset_cmd, 'ipset', 'add', '-exist'];
   var args = [];
 
   /*

lib/ipset/create.js

@@ -11,10 +11,14 @@ module.exports = function (options, cb) {
     throw new Error('Invalid arguments. Signature: (options, callback?)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'create', '-exist'];
+  var cmd = [ipset_cmd, 'ipset', 'create', '-exist'];
   var args = [];
 
   /*

lib/ipset/del.js

@@ -11,10 +11,14 @@ module.exports = function (options, cb) {
     throw new Error('Invalid arguments. Signature: (options, callback?)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'del', '-exist'];
+  var cmd = [ipset_cmd, 'ipset', 'del', '-exist'];
   var args = [];
 
   /*

lib/ipset/destroy.js

@@ -24,10 +24,14 @@ module.exports = function (/* options?, cb */) {
     throw new Error('Invalid arguments. Signature: [options,] callback');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'destroy'];
+  var cmd = [ipset_cmd, 'ipset', 'destroy'];
   var args = [];
 
   /*

lib/ipset/flush.js

@@ -24,10 +24,14 @@ module.exports = function (/* options?, cb */) {
     throw new Error('Invalid arguments. Signature: [options,] callback');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'flush'];
+  var cmd = [ipset_cmd, 'ipset', 'flush'];
   var args = [];
 
   /*

lib/ipset/rename.js

@@ -11,10 +11,14 @@ module.exports = function (options, cb) {
     throw new Error('Invalid arguments. Signature: (options, callback?)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'rename'];
+  var cmd = [ipset_cmd, 'ipset', 'rename'];
   var args = [];
 
   /*

lib/ipset/swap.js

@@ -11,10 +11,14 @@ module.exports = function (options, cb) {
     throw new Error('Invalid arguments. Signature: (options, callback?)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'swap'];
+  var cmd = [ipset_cmd, 'ipset', 'swap'];
   var args = [];
 
   /*

lib/ipset/test.js

@@ -11,10 +11,14 @@ module.exports = function (options, cb) {
     throw new Error('Invalid arguments. Signature: (options, callback?)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'test'];
+  var cmd = [ipset_cmd, 'ipset', 'test'];
   var args = [];
 
   /*

lib/ipset/version.js

@@ -10,10 +10,14 @@ module.exports = function (cb) {
     throw new Error('Invalid arguments. Signature: (callback)');
   }
 
+  var ipset_cmd = (options.sudo)
+    ? 'sudo'
+    : '';
+
   /*
    * Build cmd to execute.
    */
-  var cmd = ['ipset', 'version'];
+  var cmd = [ipset_cmd, 'ipset', 'version'];
 
   /*
    * Execute command.

lib/iptables/append.js

@@ -19,7 +19,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/delete.js

@@ -19,7 +19,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/delete_chain.js

@@ -30,7 +30,11 @@ module.exports = function (/* options?, cb */) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/flush.js

@@ -30,7 +30,11 @@ module.exports = function (/* options?, cb */) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/insert.js

@@ -19,7 +19,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/new.js

@@ -17,7 +17,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/policy.js

@@ -17,7 +17,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/rename.js

@@ -17,7 +17,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/replace.js

@@ -19,7 +19,11 @@ module.exports = function (options, cb) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

lib/iptables/zero.js

@@ -30,7 +30,11 @@ module.exports = function (/* options?, cb */) {
     ? options.table
     : tables.filter;
 
-  var ipt_cmd = (options.ipv6)
+  var ipt_cmd = (options.sudo)
+    ? 'sudo '
+    : '';
+
+  ipt_cmd += (options.ipv6)
     ? 'ip6tables'
     : 'iptables';
 

package.json

@@ -1,6 +1,6 @@
 {
   "name"        : "netfilter",
-  "version"     : "0.2.1",
+  "version"     : "0.2.2",
   "description" : "Packet filtering framework. Wrapper to provide netfilter capabilities from Node.js",
   "main"        : "index.js",
   "keywords"    : [