summaryrefslogtreecommitdiff
path: root/vendor/github.com/coreos
diff options
context:
space:
mode:
authordependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>2020-01-23 08:40:54 +0000
committerMatthew Heon <mheon@redhat.com>2020-01-23 04:07:24 -0500
commit49bd58e29a7048b2280c99ddcd55750a0088424e (patch)
tree4c88dd127b9606c00903959fa224e37c2bed069e /vendor/github.com/coreos
parentac3a6b80b0ccd2f9592110811ccf6fd844110b9e (diff)
downloadpodman-49bd58e29a7048b2280c99ddcd55750a0088424e.tar.gz
podman-49bd58e29a7048b2280c99ddcd55750a0088424e.tar.bz2
podman-49bd58e29a7048b2280c99ddcd55750a0088424e.zip
build(deps): bump github.com/containernetworking/plugins
Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 0.8.2 to 0.8.5. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](https://github.com/containernetworking/plugins/compare/v0.8.2...v0.8.5) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Matthew Heon <mheon@redhat.com>
Diffstat (limited to 'vendor/github.com/coreos')
-rw-r--r--vendor/github.com/coreos/go-iptables/iptables/iptables.go29
1 files changed, 14 insertions, 15 deletions
diff --git a/vendor/github.com/coreos/go-iptables/iptables/iptables.go b/vendor/github.com/coreos/go-iptables/iptables/iptables.go
index 2ed875bb5..1074275b0 100644
--- a/vendor/github.com/coreos/go-iptables/iptables/iptables.go
+++ b/vendor/github.com/coreos/go-iptables/iptables/iptables.go
@@ -48,9 +48,13 @@ func (e *Error) Error() string {
// IsNotExist returns true if the error is due to the chain or rule not existing
func (e *Error) IsNotExist() bool {
- return e.ExitStatus() == 1 &&
- (e.msg == fmt.Sprintf("%s: Bad rule (does a matching rule exist in that chain?).\n", getIptablesCommand(e.proto)) ||
- e.msg == fmt.Sprintf("%s: No chain/target/match by that name.\n", getIptablesCommand(e.proto)))
+ if e.ExitStatus() != 1 {
+ return false
+ }
+ cmdIptables := getIptablesCommand(e.proto)
+ msgNoRuleExist := fmt.Sprintf("%s: Bad rule (does a matching rule exist in that chain?).\n", cmdIptables)
+ msgNoChainExist := fmt.Sprintf("%s: No chain/target/match by that name.\n", cmdIptables)
+ return strings.Contains(e.msg, msgNoRuleExist) || strings.Contains(e.msg, msgNoChainExist)
}
// Protocol to differentiate between IPv4 and IPv6
@@ -101,7 +105,13 @@ func NewWithProtocol(proto Protocol) (*IPTables, error) {
return nil, err
}
vstring, err := getIptablesVersionString(path)
+ if err != nil {
+ return nil, fmt.Errorf("could not get iptables version: %v", err)
+ }
v1, v2, v3, mode, err := extractIptablesVersion(vstring)
+ if err != nil {
+ return nil, fmt.Errorf("failed to extract iptables version from [%s]: %v", vstring, err)
+ }
checkPresent, waitPresent, randomFullyPresent := getIptablesCommandSupport(v1, v2, v3)
@@ -348,18 +358,6 @@ func (ipt *IPTables) executeList(args []string) ([]string, error) {
rules = rules[:len(rules)-1]
}
- // nftables mode doesn't return an error code when listing a non-existent
- // chain. Patch that up.
- if len(rules) == 0 && ipt.mode == "nf_tables" {
- v := 1
- return nil, &Error{
- cmd: exec.Cmd{Args: args},
- msg: fmt.Sprintf("%s: No chain/target/match by that name.\n", getIptablesCommand(ipt.proto)),
- proto: ipt.proto,
- exitStatus: &v,
- }
- }
-
for i, rule := range rules {
rules[i] = filterRuleOutput(rule)
}
@@ -437,6 +435,7 @@ func (ipt *IPTables) runWithOutput(args []string, stdout io.Writer) error {
}
ul, err := fmu.tryLock()
if err != nil {
+ syscall.Close(fmu.fd)
return err
}
defer ul.Unlock()