mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
added TODOs for open IPv6 point
Signed-off-by: Benjamin Böhmke <benjamin@boehmke.net>
This commit is contained in:
parent
648d891827
commit
34f4706174
6 changed files with 13 additions and 1 deletions
|
@ -34,6 +34,7 @@ func (n *bridgeNetwork) allocatePorts(ep *bridgeEndpoint, reqDefBindIP net.IP, u
|
|||
|
||||
// IPv6 port binding excluding user land proxy
|
||||
if n.driver.config.EnableIP6Tables && ep.addrv6 != nil {
|
||||
// TODO IPv6 custom default binding IP
|
||||
pbv6, err := n.allocatePortsInternal(ep.extConnConfig.PortBindings, ep.addrv6.IP, defaultBindingIPV6, false)
|
||||
if err != nil {
|
||||
// ensure we clear the previous allocated IPv4 ports
|
||||
|
|
|
@ -210,6 +210,7 @@ func programMangle(vni uint32, add bool) (err error) {
|
|||
action = "install"
|
||||
)
|
||||
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
|
||||
if add == iptable.Exists(iptables.Mangle, chain, rule...) {
|
||||
|
@ -241,6 +242,7 @@ func programInput(vni uint32, add bool) (err error) {
|
|||
msg = "add"
|
||||
)
|
||||
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
|
||||
if !add {
|
||||
|
|
|
@ -20,6 +20,7 @@ func filterWait() func() {
|
|||
}
|
||||
|
||||
func chainExists(cname string) bool {
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
if _, err := iptable.Raw("-L", cname); err != nil {
|
||||
return false
|
||||
|
@ -29,6 +30,7 @@ func chainExists(cname string) bool {
|
|||
}
|
||||
|
||||
func setupGlobalChain() {
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
// Because of an ungraceful shutdown, chain could already be present
|
||||
if !chainExists(globalChain) {
|
||||
|
@ -46,6 +48,7 @@ func setupGlobalChain() {
|
|||
}
|
||||
|
||||
func setNetworkChain(cname string, remove bool) error {
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
// Initialize the onetime global overlay chain
|
||||
filterOnce.Do(setupGlobalChain)
|
||||
|
@ -95,6 +98,7 @@ func setFilters(cname, brName string, remove bool) error {
|
|||
if remove {
|
||||
opt = "-D"
|
||||
}
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
|
||||
// Every time we set filters for a new subnet make sure to move the global overlay hook to the top of the both the OUTPUT and forward chains
|
||||
|
|
|
@ -26,6 +26,7 @@ func arrangeUserFilterRule() {
|
|||
if ctrl == nil || !ctrl.iptablesEnabled() {
|
||||
return
|
||||
}
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
_, err := iptable.NewChain(userChain, iptables.Filter, false)
|
||||
if err != nil {
|
||||
|
|
|
@ -57,6 +57,7 @@ func reexecSetupResolver() {
|
|||
os.Exit(3)
|
||||
}
|
||||
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
|
||||
// insert outputChain and postroutingchain
|
||||
|
|
|
@ -302,7 +302,7 @@ func filterPortConfigs(ingressPorts []*PortConfig, isDelete bool) []*PortConfig
|
|||
}
|
||||
|
||||
func programIngress(gwIP net.IP, ingressPorts []*PortConfig, isDelete bool) error {
|
||||
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
|
||||
addDelOpt := "-I"
|
||||
|
@ -464,6 +464,7 @@ func programIngress(gwIP net.IP, ingressPorts []*PortConfig, isDelete bool) erro
|
|||
// This chain has the rules to allow access to the published ports for swarm tasks
|
||||
// from local bridge networks and docker_gwbridge (ie:taks on other swarm networks)
|
||||
func arrangeIngressFilterRule() {
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
if iptable.ExistChain(ingressChain, iptables.Filter) {
|
||||
if iptable.Exists(iptables.Filter, "FORWARD", "-j", ingressChain) {
|
||||
|
@ -610,6 +611,7 @@ func invokeFWMarker(path string, vip net.IP, fwMark uint32, ingressPorts []*Port
|
|||
|
||||
// Firewall marker reexec function.
|
||||
func fwMarker() {
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
runtime.LockOSThread()
|
||||
defer runtime.UnlockOSThread()
|
||||
|
@ -716,6 +718,7 @@ func addRedirectRules(path string, eIP *net.IPNet, ingressPorts []*PortConfig) e
|
|||
|
||||
// Redirector reexec function.
|
||||
func redirector() {
|
||||
// TODO IPv6 support
|
||||
iptable := iptables.GetIptable(iptables.IPv4)
|
||||
runtime.LockOSThread()
|
||||
defer runtime.UnlockOSThread()
|
||||
|
|
Loading…
Add table
Reference in a new issue