libnetwork/iptables: IPTable.NewChain() minor cleanups
- validate input variables before constructing the ChainInfo - only construct the ChainInfo if things were successful Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
parent
9bb0e7a5ee
commit
9717734d1c
1 changed files with 13 additions and 15 deletions
|
|
@ -145,25 +145,23 @@ func GetIptable(version IPVersion) *IPTable {
|
|||
|
||||
// NewChain adds a new chain to ip table.
|
||||
func (iptable IPTable) NewChain(name string, table Table, hairpinMode bool) (*ChainInfo, error) {
|
||||
c := &ChainInfo{
|
||||
if table == "" {
|
||||
table = Filter
|
||||
}
|
||||
// Add chain if it doesn't exist
|
||||
if _, err := iptable.Raw("-t", string(table), "-n", "-L", name); err != nil {
|
||||
if output, err := iptable.Raw("-t", string(table), "-N", name); err != nil {
|
||||
return nil, err
|
||||
} else if len(output) != 0 {
|
||||
return nil, fmt.Errorf("could not create %s/%s chain: %s", table, name, output)
|
||||
}
|
||||
}
|
||||
return &ChainInfo{
|
||||
Name: name,
|
||||
Table: table,
|
||||
HairpinMode: hairpinMode,
|
||||
IPTable: iptable,
|
||||
}
|
||||
if string(c.Table) == "" {
|
||||
c.Table = Filter
|
||||
}
|
||||
|
||||
// Add chain if it doesn't exist
|
||||
if _, err := iptable.Raw("-t", string(c.Table), "-n", "-L", c.Name); err != nil {
|
||||
if output, err := iptable.Raw("-t", string(c.Table), "-N", c.Name); err != nil {
|
||||
return nil, err
|
||||
} else if len(output) != 0 {
|
||||
return nil, fmt.Errorf("Could not create %s/%s chain: %s", c.Table, c.Name, output)
|
||||
}
|
||||
}
|
||||
return c, nil
|
||||
}, nil
|
||||
}
|
||||
|
||||
// LoopbackByVersion returns loopback address by version
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue