mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
cd381aea56
libnetwork/etchosts/etchosts_test.go:167:54: empty-lines: extra empty line at the end of a block (revive)
libnetwork/osl/route_linux.go:185:74: empty-lines: extra empty line at the start of a block (revive)
libnetwork/osl/sandbox_linux_test.go:323:36: empty-lines: extra empty line at the start of a block (revive)
libnetwork/bitseq/sequence.go:412:48: empty-lines: extra empty line at the start of a block (revive)
libnetwork/datastore/datastore_test.go:67:46: empty-lines: extra empty line at the end of a block (revive)
libnetwork/datastore/mock_store.go:34:60: empty-lines: extra empty line at the end of a block (revive)
libnetwork/iptables/firewalld.go:202:44: empty-lines: extra empty line at the end of a block (revive)
libnetwork/iptables/firewalld_test.go:76:36: empty-lines: extra empty line at the end of a block (revive)
libnetwork/iptables/iptables.go:256:67: empty-lines: extra empty line at the end of a block (revive)
libnetwork/iptables/iptables.go:303:128: empty-lines: extra empty line at the start of a block (revive)
libnetwork/networkdb/cluster.go:183:72: empty-lines: extra empty line at the end of a block (revive)
libnetwork/ipams/null/null_test.go:44:38: empty-lines: extra empty line at the end of a block (revive)
libnetwork/drivers/macvlan/macvlan_store.go:45:52: empty-lines: extra empty line at the end of a block (revive)
libnetwork/ipam/allocator_test.go:1058:39: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/bridge/port_mapping.go:88:111: empty-lines: extra empty line at the end of a block (revive)
libnetwork/drivers/bridge/link.go:26:90: empty-lines: extra empty line at the end of a block (revive)
libnetwork/drivers/bridge/setup_ipv6_test.go:17:34: empty-lines: extra empty line at the end of a block (revive)
libnetwork/drivers/bridge/setup_ip_tables.go:392:4: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/bridge/bridge.go:804:50: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/ov_serf.go:183:29: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/ov_utils.go:81:64: empty-lines: extra empty line at the end of a block (revive)
libnetwork/drivers/overlay/peerdb.go:172:67: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/peerdb.go:209:67: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/peerdb.go:344:89: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/peerdb.go:436:63: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/overlay.go:183:36: empty-lines: extra empty line at the start of a block (revive)
libnetwork/drivers/overlay/encryption.go:69:28: empty-lines: extra empty line at the end of a block (revive)
libnetwork/drivers/overlay/ov_network.go:563:81: empty-lines: extra empty line at the start of a block (revive)
libnetwork/default_gateway.go:32:43: empty-lines: extra empty line at the start of a block (revive)
libnetwork/errors_test.go:9:40: empty-lines: extra empty line at the start of a block (revive)
libnetwork/service_common.go:184:64: empty-lines: extra empty line at the end of a block (revive)
libnetwork/endpoint.go:161:55: empty-lines: extra empty line at the end of a block (revive)
libnetwork/store.go:320:33: empty-lines: extra empty line at the end of a block (revive)
libnetwork/store_linux_test.go:11:38: empty-lines: extra empty line at the end of a block (revive)
libnetwork/sandbox.go:571:36: empty-lines: extra empty line at the start of a block (revive)
libnetwork/service_common.go:317:246: empty-lines: extra empty line at the start of a block (revive)
libnetwork/endpoint.go:550:17: empty-lines: extra empty line at the end of a block (revive)
libnetwork/sandbox_dns_unix.go:213:106: empty-lines: extra empty line at the start of a block (revive)
libnetwork/controller.go:676:85: empty-lines: extra empty line at the end of a block (revive)
libnetwork/agent.go:876:60: empty-lines: extra empty line at the end of a block (revive)
libnetwork/resolver.go:324:69: empty-lines: extra empty line at the end of a block (revive)
libnetwork/network.go:1153:92: empty-lines: extra empty line at the end of a block (revive)
libnetwork/network.go:1955:67: empty-lines: extra empty line at the start of a block (revive)
libnetwork/network.go:2235:9: empty-lines: extra empty line at the start of a block (revive)
libnetwork/libnetwork_internal_test.go:336:26: empty-lines: extra empty line at the start of a block (revive)
libnetwork/resolver_test.go:76:35: empty-lines: extra empty line at the end of a block (revive)
libnetwork/libnetwork_test.go:303:38: empty-lines: extra empty line at the end of a block (revive)
libnetwork/libnetwork_test.go:985:46: empty-lines: extra empty line at the end of a block (revive)
libnetwork/ipam/allocator_test.go:1263:37: empty-lines: extra empty line at the start of a block (revive)
libnetwork/errors_test.go:9:40: empty-lines: extra empty line at the end of a block (revive)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
87 lines
2 KiB
Go
87 lines
2 KiB
Go
//go:build linux
|
|
// +build linux
|
|
|
|
package bridge
|
|
|
|
import (
|
|
"fmt"
|
|
"net"
|
|
|
|
"github.com/docker/docker/libnetwork/iptables"
|
|
"github.com/docker/docker/libnetwork/types"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
type link struct {
|
|
parentIP string
|
|
childIP string
|
|
ports []types.TransportPort
|
|
bridge string
|
|
}
|
|
|
|
func (l *link) String() string {
|
|
return fmt.Sprintf("%s <-> %s [%v] on %s", l.parentIP, l.childIP, l.ports, l.bridge)
|
|
}
|
|
|
|
func newLink(parentIP, childIP string, ports []types.TransportPort, bridge string) *link {
|
|
return &link{
|
|
childIP: childIP,
|
|
parentIP: parentIP,
|
|
ports: ports,
|
|
bridge: bridge,
|
|
}
|
|
}
|
|
|
|
func (l *link) Enable() error {
|
|
// -A == iptables append flag
|
|
linkFunction := func() error {
|
|
return linkContainers("-A", l.parentIP, l.childIP, l.ports, l.bridge, false)
|
|
}
|
|
|
|
iptables.OnReloaded(func() { linkFunction() })
|
|
return linkFunction()
|
|
}
|
|
|
|
func (l *link) Disable() {
|
|
// -D == iptables delete flag
|
|
err := linkContainers("-D", l.parentIP, l.childIP, l.ports, l.bridge, true)
|
|
if err != nil {
|
|
logrus.Errorf("Error removing IPTables rules for a link %s due to %s", l.String(), err.Error())
|
|
}
|
|
// Return proper error once we move to use a proper iptables package
|
|
// that returns typed errors
|
|
}
|
|
|
|
func linkContainers(action, parentIP, childIP string, ports []types.TransportPort, bridge string,
|
|
ignoreErrors bool) error {
|
|
var nfAction iptables.Action
|
|
|
|
switch action {
|
|
case "-A":
|
|
nfAction = iptables.Append
|
|
case "-I":
|
|
nfAction = iptables.Insert
|
|
case "-D":
|
|
nfAction = iptables.Delete
|
|
default:
|
|
return InvalidIPTablesCfgError(action)
|
|
}
|
|
|
|
ip1 := net.ParseIP(parentIP)
|
|
if ip1 == nil {
|
|
return InvalidLinkIPAddrError(parentIP)
|
|
}
|
|
ip2 := net.ParseIP(childIP)
|
|
if ip2 == nil {
|
|
return InvalidLinkIPAddrError(childIP)
|
|
}
|
|
|
|
chain := iptables.ChainInfo{Name: DockerChain}
|
|
for _, port := range ports {
|
|
err := chain.Link(nfAction, ip1, ip2, int(port.Port), port.Proto.String(), bridge)
|
|
if !ignoreErrors && err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|