5 files changed, 69 insertions, 30 deletions

diff --git a/libpod/container_api.go b/libpod/container_api.go
index 4ccb240e7..b75d0b41d 100644
--- a/libpod/container_api.go
+++ b/libpod/container_api.go
@@ -12,6 +12,7 @@ import (
 	"github.com/containers/podman/v3/libpod/define"
 	"github.com/containers/podman/v3/libpod/events"
 	"github.com/containers/podman/v3/pkg/signal"
+	"github.com/containers/storage/pkg/archive"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -776,6 +777,9 @@ type ContainerCheckpointOptions struct {
 	// ImportPrevious tells the API to restore container with two
 	// images. One is TargetFile, the other is ImportPrevious.
 	ImportPrevious string
+	// Compression tells the API which compression to use for
+	// the exported checkpoint archive.
+	Compression archive.Compression
 }
 
 // Checkpoint checkpoints a container
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 1b2f5a496..a3acc3198 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -985,7 +985,7 @@ func (c *Container) exportCheckpoint(options ContainerCheckpointOptions) error {
 	}
 
 	input, err := archive.TarWithOptions(c.bundlePath(), &archive.TarOptions{
-		Compression:      archive.Gzip,
+		Compression:      options.Compression,
 		IncludeSourceDir: true,
 		IncludeFiles:     includeFiles,
 	})
@@ -1668,17 +1668,16 @@ func (c *Container) generateResolvConf() (string, error) {
 		return "", err
 	}
 
-	// Ensure that the container's /etc/resolv.conf is compatible with its
-	// network configuration.
-	// TODO: set ipv6 enable bool more sanely
-	resolv, err := resolvconf.FilterResolvDNS(contents, true, c.config.CreateNetNS)
-	if err != nil {
-		return "", errors.Wrapf(err, "error parsing host resolv.conf")
-	}
-
+	ipv6 := false
 	// Check if CNI gave back and DNS servers for us to add in
 	cniResponse := c.state.NetworkStatus
 	for _, i := range cniResponse {
+		for _, ip := range i.IPs {
+			// Note: only using To16() does not work since it also returns a vaild ip for ipv4
+			if ip.Address.IP.To4() == nil && ip.Address.IP.To16() != nil {
+				ipv6 = true
+			}
+		}
 		if i.DNS.Nameservers != nil {
 			cniNameServers = append(cniNameServers, i.DNS.Nameservers...)
 			logrus.Debugf("adding nameserver(s) from cni response of '%q'", i.DNS.Nameservers)
@@ -1689,6 +1688,25 @@ func (c *Container) generateResolvConf() (string, error) {
 		}
 	}
 
+	if c.config.NetMode.IsSlirp4netns() {
+		ctrNetworkSlipOpts := []string{}
+		if c.config.NetworkOptions != nil {
+			ctrNetworkSlipOpts = append(ctrNetworkSlipOpts, c.config.NetworkOptions["slirp4netns"]...)
+		}
+		slirpOpts, err := parseSlirp4netnsNetworkOptions(c.runtime, ctrNetworkSlipOpts)
+		if err != nil {
+			return "", err
+		}
+		ipv6 = slirpOpts.enableIPv6
+	}
+
+	// Ensure that the container's /etc/resolv.conf is compatible with its
+	// network configuration.
+	resolv, err := resolvconf.FilterResolvDNS(contents, ipv6, c.config.CreateNetNS)
+	if err != nil {
+		return "", errors.Wrapf(err, "error parsing host resolv.conf")
+	}
+
 	dns := make([]net.IP, 0, len(c.runtime.config.Containers.DNSServers))
 	for _, i := range c.runtime.config.Containers.DNSServers {
 		result := net.ParseIP(i)
diff --git a/libpod/events/filters.go b/libpod/events/filters.go
index acfb96302..4d27e8fc4 100644
--- a/libpod/events/filters.go
+++ b/libpod/events/filters.go
@@ -97,18 +97,41 @@ func parseFilter(filter string) (string, string, error) {
 	return filterSplit[0], filterSplit[1], nil
 }
 
-func generateEventOptions(filters []string, since, until string) ([]EventFilter, error) {
-	options := make([]EventFilter, 0, len(filters))
+// applyFilters applies the EventFilter slices in sequence.  Filters under the
+// same key are disjunctive while each key must match (conjuctive).
+func applyFilters(event *Event, filterMap map[string][]EventFilter) bool {
+	for _, filters := range filterMap {
+		success := false
+		for _, filter := range filters {
+			if filter(event) {
+				success = true
+				break
+			}
+		}
+		if !success {
+			return false
+		}
+	}
+	return true
+}
+
+// generateEventFilter parses the specified filters into a filter map that can
+// later on be used to filter events.  Keys are conjunctive, values are
+// disjunctive.
+func generateEventFilters(filters []string, since, until string) (map[string][]EventFilter, error) {
+	filterMap := make(map[string][]EventFilter)
 	for _, filter := range filters {
 		key, val, err := parseFilter(filter)
 		if err != nil {
 			return nil, err
 		}
-		funcFilter, err := generateEventFilter(key, val)
+		filterFunc, err := generateEventFilter(key, val)
 		if err != nil {
 			return nil, err
 		}
-		options = append(options, funcFilter)
+		filterSlice := filterMap[key]
+		filterSlice = append(filterSlice, filterFunc)
+		filterMap[key] = filterSlice
 	}
 
 	if len(since) > 0 {
@@ -116,7 +139,8 @@ func generateEventOptions(filters []string, since, until string) ([]EventFilter,
 		if err != nil {
 			return nil, errors.Wrapf(err, "unable to convert since time of %s", since)
 		}
-		options = append(options, generateEventSinceOption(timeSince))
+		filterFunc := generateEventSinceOption(timeSince)
+		filterMap["since"] = []EventFilter{filterFunc}
 	}
 
 	if len(until) > 0 {
@@ -124,7 +148,8 @@ func generateEventOptions(filters []string, since, until string) ([]EventFilter,
 		if err != nil {
 			return nil, errors.Wrapf(err, "unable to convert until time of %s", until)
 		}
-		options = append(options, generateEventUntilOption(timeUntil))
+		filterFunc := generateEventUntilOption(timeUntil)
+		filterMap["until"] = []EventFilter{filterFunc}
 	}
-	return options, nil
+	return filterMap, nil
 }
diff --git a/libpod/events/journal_linux.go b/libpod/events/journal_linux.go
index 23e5f15b1..7006290e9 100644
--- a/libpod/events/journal_linux.go
+++ b/libpod/events/journal_linux.go
@@ -69,9 +69,9 @@ func (e EventJournalD) Write(ee Event) error {
 // Read reads events from the journal and sends qualified events to the event channel
 func (e EventJournalD) Read(ctx context.Context, options ReadOptions) error {
 	defer close(options.EventChannel)
-	eventOptions, err := generateEventOptions(options.Filters, options.Since, options.Until)
+	filterMap, err := generateEventFilters(options.Filters, options.Since, options.Until)
 	if err != nil {
-		return errors.Wrapf(err, "failed to generate event options")
+		return errors.Wrapf(err, "failed to parse event filters")
 	}
 	var untilTime time.Time
 	if len(options.Until) > 0 {
@@ -159,11 +159,7 @@ func (e EventJournalD) Read(ctx context.Context, options ReadOptions) error {
 			}
 			continue
 		}
-		include := true
-		for _, filter := range eventOptions {
-			include = include && filter(newEvent)
-		}
-		if include {
+		if applyFilters(newEvent, filterMap) {
 			options.EventChannel <- newEvent
 		}
 	}
diff --git a/libpod/events/logfile.go b/libpod/events/logfile.go
index 0f00525e8..952444f2b 100644
--- a/libpod/events/logfile.go
+++ b/libpod/events/logfile.go
@@ -44,9 +44,9 @@ func (e EventLogFile) Write(ee Event) error {
 // Reads from the log file
 func (e EventLogFile) Read(ctx context.Context, options ReadOptions) error {
 	defer close(options.EventChannel)
-	eventOptions, err := generateEventOptions(options.Filters, options.Since, options.Until)
+	filterMap, err := generateEventFilters(options.Filters, options.Since, options.Until)
 	if err != nil {
-		return errors.Wrapf(err, "unable to generate event options")
+		return errors.Wrapf(err, "failed to parse event filters")
 	}
 	t, err := e.getTail(options)
 	if err != nil {
@@ -92,11 +92,7 @@ func (e EventLogFile) Read(ctx context.Context, options ReadOptions) error {
 		default:
 			return errors.Errorf("event type %s is not valid in %s", event.Type.String(), e.options.LogFilePath)
 		}
-		include := true
-		for _, filter := range eventOptions {
-			include = include && filter(event)
-		}
-		if include && copy {
+		if copy && applyFilters(event, filterMap) {
 			options.EventChannel <- event
 		}
 	}