libnetwork/iptables: NewChain, RemoveExistingChain: validate chain, table
Now that all consumers of these functions are passing non-empty values, let's validate that no empty strings for either chain or table are passed. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
parent
ad0c928ab5
commit
93d050f504
1 changed files with 8 additions and 2 deletions
|
|
@ -151,8 +151,11 @@ func GetIptable(version IPVersion) *IPTable {
|
|||
|
||||
// NewChain adds a new chain to ip table.
|
||||
func (iptable IPTable) NewChain(name string, table Table, hairpinMode bool) (*ChainInfo, error) {
|
||||
if name == "" {
|
||||
return nil, fmt.Errorf("could not create chain: chain name is empty")
|
||||
}
|
||||
if table == "" {
|
||||
table = Filter
|
||||
return nil, fmt.Errorf("could not create chain %s: invalid table name: table name is empty", name)
|
||||
}
|
||||
// Add chain if it doesn't exist
|
||||
if _, err := iptable.Raw("-t", string(table), "-n", "-L", name); err != nil {
|
||||
|
|
@ -280,8 +283,11 @@ func (iptable IPTable) ProgramChain(c *ChainInfo, bridgeName string, hairpinMode
|
|||
|
||||
// RemoveExistingChain removes existing chain from the table.
|
||||
func (iptable IPTable) RemoveExistingChain(name string, table Table) error {
|
||||
if name == "" {
|
||||
return fmt.Errorf("could not remove chain: chain name is empty")
|
||||
}
|
||||
if table == "" {
|
||||
table = Filter
|
||||
return fmt.Errorf("could not remove chain %s: invalid table name: table name is empty", name)
|
||||
}
|
||||
c := &ChainInfo{
|
||||
Name: name,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue