Eliminate unnecessary `iptRule.preArgs` field (code health)

That field was only used to pass `-t nat` for NAT rules.  Now `-t
<tableName>` (where `<tableName>` is one of the `iptables.Table`
values) is always passed, eliminating the need for `preArgs`.

Signed-off-by: Richard Hansen <rhansen@rhansen.org>

libnetwork/drivers/bridge/setup_ip_tables_linux.go

@@ -196,16 +196,15 @@ func (n *bridgeNetwork) setupIPTables(ipVersion iptables.IPVersion, maskedAddr *
 }
 
 type iptRule struct {
-	table   iptables.Table
-	chain   string
-	preArgs []string
-	args    []string
+	table iptables.Table
+	chain string
+	args  []string
 }
 
 func setupIPTablesInternal(ipVer iptables.IPVersion, config *networkConfiguration, addr *net.IPNet, hairpin, enable bool) error {
 	var (
 		address   = addr.String()
-		skipDNAT  = iptRule{table: iptables.Nat, chain: DockerChain, preArgs: []string{"-t", "nat"}, args: []string{"-i", config.BridgeName, "-j", "RETURN"}}
+		skipDNAT  = iptRule{table: iptables.Nat, chain: DockerChain, args: []string{"-i", config.BridgeName, "-j", "RETURN"}}
 		outRule   = iptRule{table: iptables.Filter, chain: "FORWARD", args: []string{"-i", config.BridgeName, "!", "-o", config.BridgeName, "-j", "ACCEPT"}}
 		natArgs   []string
 		hpNatArgs []string
@@ -221,8 +220,8 @@ func setupIPTablesInternal(ipVer iptables.IPVersion, config *networkConfiguratio
 		hpNatArgs = []string{"-m", "addrtype", "--src-type", "LOCAL", "-o", config.BridgeName, "-j", "MASQUERADE"}
 	}
 
-	natRule := iptRule{table: iptables.Nat, chain: "POSTROUTING", preArgs: []string{"-t", "nat"}, args: natArgs}
-	hpNatRule := iptRule{table: iptables.Nat, chain: "POSTROUTING", preArgs: []string{"-t", "nat"}, args: hpNatArgs}
+	natRule := iptRule{table: iptables.Nat, chain: "POSTROUTING", args: natArgs}
+	hpNatRule := iptRule{table: iptables.Nat, chain: "POSTROUTING", args: hpNatArgs}
 
 	// Set NAT.
 	if config.EnableIPMasquerade {
@@ -256,27 +255,25 @@ func programChainRule(version iptables.IPVersion, rule iptRule, ruleDescr string
 	iptable := iptables.GetIptable(version)
 
 	var (
-		prefix    []string
 		operation string
 		condition bool
 		doesExist = iptable.Exists(rule.table, rule.chain, rule.args...)
 	)
 
+	args := []string{"-t", string(rule.table)}
 	if insert {
 		condition = !doesExist
-		prefix = []string{"-I", rule.chain}
+		args = append(args, "-I")
 		operation = "enable"
 	} else {
 		condition = doesExist
-		prefix = []string{"-D", rule.chain}
+		args = append(args, "-D")
 		operation = "disable"
 	}
-	if rule.preArgs != nil {
-		prefix = append(rule.preArgs, prefix...)
-	}
+	args = append(append(args, rule.chain), rule.args...)
 
 	if condition {
-		if err := iptable.RawCombinedOutput(append(prefix, rule.args...)...); err != nil {
+		if err := iptable.RawCombinedOutput(args...); err != nil {
 			return fmt.Errorf("Unable to %s %s rule: %s", operation, ruleDescr, err.Error())
 		}
 	}

libnetwork/drivers/bridge/setup_ip_tables_linux_test.go

@@ -32,7 +32,7 @@ func TestProgramIPTable(t *testing.T) {
 		descr string
 	}{
 		{iptRule{table: iptables.Filter, chain: "FORWARD", args: []string{"-d", "127.1.2.3", "-i", "lo", "-o", "lo", "-j", "DROP"}}, "Test Loopback"},
-		{iptRule{table: iptables.Nat, chain: "POSTROUTING", preArgs: []string{"-t", "nat"}, args: []string{"-s", iptablesTestBridgeIP, "!", "-o", DefaultBridgeName, "-j", "MASQUERADE"}}, "NAT Test"},
+		{iptRule{table: iptables.Nat, chain: "POSTROUTING", args: []string{"-s", iptablesTestBridgeIP, "!", "-o", DefaultBridgeName, "-j", "MASQUERADE"}}, "NAT Test"},
 		{iptRule{table: iptables.Filter, chain: "FORWARD", args: []string{"-o", DefaultBridgeName, "-m", "conntrack", "--ctstate", "RELATED,ESTABLISHED", "-j", "ACCEPT"}}, "Test ACCEPT INCOMING"},
 		{iptRule{table: iptables.Filter, chain: "FORWARD", args: []string{"-i", DefaultBridgeName, "!", "-o", DefaultBridgeName, "-j", "ACCEPT"}}, "Test ACCEPT NON_ICC OUTGOING"},
 		{iptRule{table: iptables.Filter, chain: "FORWARD", args: []string{"-i", DefaultBridgeName, "-o", DefaultBridgeName, "-j", "ACCEPT"}}, "Test enable ICC"},