diff options
| author | baude <bbaude@redhat.com> | 2018-03-02 15:09:18 -0600 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-03-03 19:45:24 +0000 |
| commit | 4f4a78abb40fa0e8407e8a55d5a67a2650d8fd96 (patch) | |
| tree | aa3e6b64dd4dfa46e0e8a9ded5194816508010c9 /libpod | |
| parent | c187538b9e7fa9af75a4123ff3dc128ce6f4ba1b (diff) | |
| download | podman-4f4a78abb40fa0e8407e8a55d5a67a2650d8fd96.tar.gz podman-4f4a78abb40fa0e8407e8a55d5a67a2650d8fd96.tar.bz2 podman-4f4a78abb40fa0e8407e8a55d5a67a2650d8fd96.zip | |
networking.go tweak iptables functions
Took duplicated code and merged it into the helper function so only a single
exec was executed.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #446
Approved by: mheon
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/networking.go | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/libpod/networking.go b/libpod/networking.go index 5118b972a..cceeb18d6 100644 --- a/libpod/networking.go +++ b/libpod/networking.go @@ -68,21 +68,22 @@ func (r *Runtime) createNetNS(ctr *Container) (err error) { // https://github.com/containernetworking/plugins/pull/75 if resultStruct.IPs != nil { for _, ip := range resultStruct.IPs { - iptablesCmd := iptablesDNS("-I", ip.Address.IP.String()) - logrus.Debug("Running iptables command: ", strings.Join(iptablesCmd, " ")) - _, err := utils.ExecCmd("iptables", iptablesCmd...) - if err != nil { - logrus.Error(err) - } + iptablesDNS("-I", ip.Address.IP.String()) } } return nil } -// iptablesDNS accepts an arg (-I|-D) and IP address that generates the -// iptables command to be run -func iptablesDNS(arg, ip string) []string { - return []string{"-t", "filter", arg, "FORWARD", "-s", ip, "!", "-o", ip, "-j", "ACCEPT"} +// iptablesDNS accepts an arg (-I|-D) and IP address of the container and then +// generates an iptables command to either add or subtract the needed rule +func iptablesDNS(arg, ip string) error { + iptablesCmd := []string{"-t", "filter", arg, "FORWARD", "-s", ip, "!", "-o", ip, "-j", "ACCEPT"} + logrus.Debug("Running iptables command: ", strings.Join(iptablesCmd, " ")) + _, err := utils.ExecCmd("iptables", iptablesCmd...) + if err != nil { + logrus.Error(err) + } + return err } // Join an existing network namespace @@ -128,12 +129,7 @@ func (r *Runtime) teardownNetNS(ctr *Container) error { // on cleanup. Remove when https://github.com/containernetworking/plugins/pull/75 // is merged. for _, ip := range ctr.state.IPs { - iptablesCmd := iptablesDNS("-D", ip.Address.IP.String()) - logrus.Debug("Running iptables command: ", strings.Join(iptablesCmd, " ")) - _, err := utils.ExecCmd("iptables", iptablesCmd...) - if err != nil { - logrus.Error(err) - } + iptablesDNS("-D", ip.Address.IP.String()) } logrus.Debugf("Tearing down network namespace at %s for container %s", ctr.state.NetNS.Path(), ctr.ID()) |