adelorenzo/kilo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use iptables.InsertUnique() instead of iptables.Insert()

Browse Source
This commit is contained in:
Alex Stockinger
2022-09-15 09:43:53 +02:00
parent f62989fff7
commit 485e22e1b6
7 changed files with 39 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/iptables/fake.go
View File

@@ -46,7 +46,7 @@ type fakeClient struct {
var _ Client = &fakeClient{}
func (f *fakeClient) Insert(table, chain string, pos int, spec ...string) error {
func (f *fakeClient) InsertUnique(table, chain string, pos int, spec ...string) error {
atomic.AddUint64(&f.calls, 1)
exists, err := f.Exists(table, chain, spec...)
if err != nil {

13
pkg/iptables/iptables.go
View File

@@ -84,7 +84,7 @@ func GetProtocol(ip net.IP) Protocol {
// Client represents any type that can administer iptables rules.
type Client interface {
AppendUnique(table string, chain string, rule ...string) error
Insert(table string, chain string, pos int, rule ...string) error
InsertUnique(table, chain string, pos int, rule ...string) error
Delete(table string, chain string, rule ...string) error
Exists(table string, chain string, rule ...string) (bool, error)
List(table string, chain string) ([]string, error)
@@ -129,16 +129,7 @@ func NewIPv6Rule(table, chain string, spec ...string) Rule {
}
func (r *rule) Prepend(client Client) error {
// TODO There's already a PR to implement InsertUnique() in go-iptables. Once that hopefully gets merged this should be replaced.
// https://github.com/coreos/go-iptables/pull/92
exists, err := client.Exists(r.table, r.chain, r.spec...)
if err != nil {
return err
}
if exists {
return nil
}
if err := client.Insert(r.table, r.chain, 1, r.spec...); err != nil {
if err := client.InsertUnique(r.table, r.chain, 1, r.spec...); err != nil {
return fmt.Errorf("failed to add iptables rule: %v", err)
}
return nil

6
pkg/iptables/metrics.go
View File

@@ -51,13 +51,13 @@ func (m *metricsClientWrapper) AppendUnique(table string, chain string, rule ...
return m.client.AppendUnique(table, chain, rule...)
}
func (m *metricsClientWrapper) Insert(table string, chain string, pos int, rule ...string) error {
func (m *metricsClientWrapper) InsertUnique(table, chain string, pos int, rule ...string) error {
m.operationCounter.With(prometheus.Labels{
"operation": "Insert",
"operation": "InsertUnique",
"table": table,
"chain": chain,
}).Inc()
return m.client.Insert(table, chain, pos, rule...)
return m.client.InsertUnique(table, chain, pos, rule...)
}
func (m *metricsClientWrapper) Delete(table string, chain string, rule ...string) error {