0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libnetwork/iptables: un-export ErrConntrackNotConfigurable, IsConntrackProgrammable

Browse source 
These were only used internally, and ErrConntrackNotConfigurable was not used
as a sentinel error anywhere. Remove ErrConntrackNotConfigurable, and change
IsConntrackProgrammable to return an error instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2023-07-21 10:59:33 +02:00
parent e57b807a42
commit edafcb2c39
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
1 changed files with 11 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
libnetwork/iptables/conntrack.go
View file

@ -14,19 +14,20 @@ import (
"github.com/vishvananda/netlink"
)
// ErrConntrackNotConfigurable means that conntrack module is not loaded or does not have the netlink module loaded
var ErrConntrackNotConfigurable = errors.New("conntrack is not available")
// IsConntrackProgrammable returns true if the handle supports the NETLINK_NETFILTER and the base modules are loaded
func IsConntrackProgrammable(nlh *netlink.Handle) bool {
return nlh.SupportsNetlinkFamily(syscall.NETLINK_NETFILTER)
// checkConntrackProgrammable checks if the handle supports the
// NETLINK_NETFILTER and the base modules are loaded.
func checkConntrackProgrammable(nlh *netlink.Handle) error {
if !nlh.SupportsNetlinkFamily(syscall.NETLINK_NETFILTER) {
return errors.New("conntrack is not available")
}
return nil
}
// DeleteConntrackEntries deletes all the conntrack connections on the host for the specified IP
// Returns the number of flows deleted for IPv4, IPv6 else error
func DeleteConntrackEntries(nlh *netlink.Handle, ipv4List []net.IP, ipv6List []net.IP) (uint, uint, error) {
if !IsConntrackProgrammable(nlh) {
return 0, 0, ErrConntrackNotConfigurable
if err := checkConntrackProgrammable(nlh); err != nil {
return 0, 0, err
}
var totalIPv4FlowPurged uint
@ -54,8 +55,8 @@ func DeleteConntrackEntries(nlh *netlink.Handle, ipv4List []net.IP, ipv6List []n
}
func DeleteConntrackEntriesByPort(nlh *netlink.Handle, proto types.Protocol, ports []uint16) error {
if !IsConntrackProgrammable(nlh) {
return ErrConntrackNotConfigurable
if err := checkConntrackProgrammable(nlh); err != nil {
return err
}
var totalIPv4FlowPurged uint