We use cookies to ensure you get the best experience on our website
Inicio Explorar Axuda
Rexistro Iniciar sesión
0ct0pu5
/
moby
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

libnetwork/iptables: make some vars local, and move bestEffortLock lock

Make some variables local to the if-branches to be slightly more iodiomatic,
and to make clear it's only used in that branch.

Move the bestEffortLock locking later in IPtable.raw(), because that function'
could return before the lock was even needed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn %!s(int64=2) %!d(string=hai) anos
pai
93d050f504
achega
9c2cd65c0d
Modificáronse 1 ficheiros con 12 adicións e 20 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 12 20
      libnetwork/iptables/iptables.go

+ 12 - 20
libnetwork/iptables/iptables.go
Ver ficheiro 

@@ -488,9 +488,8 @@ const (
 
 )
 
 
 func filterOutput(start time.Time, output []byte, args ...string) []byte {
 
-	// Flag operations that have taken a long time to complete
 
-	opTime := time.Since(start)
 
-	if opTime > opWarnTime {
 
+	if opTime := time.Since(start); opTime > opWarnTime {
 
+		// Flag operations that have taken a long time to complete
 
 		log.G(context.TODO()).Warnf("xtables contention detected while running [%s]: Waited for %.2f seconds and received %q", strings.Join(args, " "), float64(opTime)/float64(time.Second), string(output))
 
 	}
 
 	// ignore iptables' message about xtables lock:
 
@@ -524,13 +523,6 @@ func (iptable IPTable) raw(args ...string) ([]byte, error) {
 
 	if err := initCheck(); err != nil {
 
 		return nil, err
 
 	}
 
-	if supportsXlock {
 
-		args = append([]string{"--wait"}, args...)
 
-	} else {
 
-		bestEffortLock.Lock()
 
-		defer bestEffortLock.Unlock()
 
-	}
 
-
 
 	path := iptablesPath
 
 	commandName := "iptables"
 
 	if iptable.Version == IPv6 {
 
@@ -541,6 +533,13 @@ func (iptable IPTable) raw(args ...string) ([]byte, error) {
 
 		commandName = "ip6tables"
 
 	}
 
 
+	if supportsXlock {
 
+		args = append([]string{"--wait"}, args...)
 
+	} else {
 
+		bestEffortLock.Lock()
 
+		defer bestEffortLock.Unlock()
 
+	}
 
+
 
 	log.G(context.TODO()).Debugf("%s, %v", path, args)
 
 
 	startTime := time.Now()
 
@@ -589,28 +588,21 @@ func (iptable IPTable) AddReturnRule(chain string) error {
 
 	if iptable.Exists(Filter, chain, "-j", "RETURN") {
 
 		return nil
 
 	}
 
-
 
-	err := iptable.RawCombinedOutput("-A", chain, "-j", "RETURN")
 
-	if err != nil {
 
+	if err := iptable.RawCombinedOutput("-A", chain, "-j", "RETURN"); err != nil {
 
 		return fmt.Errorf("unable to add return rule in %s chain: %v", chain, err)
 
 	}
 
-
 
 	return nil
 
 }
 
 
 // EnsureJumpRule ensures the jump rule is on top
 
 func (iptable IPTable) EnsureJumpRule(fromChain, toChain string) error {
 
 	if iptable.Exists(Filter, fromChain, "-j", toChain) {
 
-		err := iptable.RawCombinedOutput("-D", fromChain, "-j", toChain)
 
-		if err != nil {
 
+		if err := iptable.RawCombinedOutput("-D", fromChain, "-j", toChain); err != nil {
 
 			return fmt.Errorf("unable to remove jump to %s rule in %s chain: %v", toChain, fromChain, err)
 
 		}
 
 	}
 
-
 
-	err := iptable.RawCombinedOutput("-I", fromChain, "-j", toChain)
 
-	if err != nil {
 
+	if err := iptable.RawCombinedOutput("-I", fromChain, "-j", toChain); err != nil {
 
 		return fmt.Errorf("unable to insert jump to %s rule in %s chain: %v", toChain, fromChain, err)
 
 	}
 
-
 
 	return nil
 
 }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5