github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-07 03:03:59 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #121813 from 21kyu/fix/use-generic-set

Browse Source 
fix: use generic set in pkg/util/iptables
This commit is contained in:
Kubernetes Prow Robot 2023-12-13 23:54:52 +01:00 committed by GitHub
commit 015ccc0bcd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 44 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/util/iptables/iptables.go
View File

@ -446,7 +446,6 @@ func iptablesRestoreCommand(protocol Protocol) string {
return cmdIP6TablesRestore return cmdIP6TablesRestore
} }
return cmdIPTablesRestore return cmdIPTablesRestore
} }
func iptablesCommand(protocol Protocol) string { func iptablesCommand(protocol Protocol) string {
@ -509,10 +508,10 @@ func (runner *runner) checkRuleWithoutCheck(table Table, chain Chain, args ...st
tmpField = trimhex(tmpField) tmpField = trimhex(tmpField)
argsCopy = append(argsCopy, strings.Fields(tmpField)...) argsCopy = append(argsCopy, strings.Fields(tmpField)...)
} }
argset := sets.NewString(argsCopy...) argset := sets.New(argsCopy...)
for _, line := range strings.Split(string(out), "\n") { for _, line := range strings.Split(string(out), "\n") {
var fields = strings.Fields(line) fields := strings.Fields(line)
// Check that this is a rule for the correct chain, and that it has // Check that this is a rule for the correct chain, and that it has
// the correct number of argument (+2 for "-A <chain name>") // the correct number of argument (+2 for "-A <chain name>")
@ -528,7 +527,7 @@ func (runner *runner) checkRuleWithoutCheck(table Table, chain Chain, args ...st
} }
// TODO: This misses reorderings e.g. "-x foo ! -y bar" will match "! -x foo -y bar" // TODO: This misses reorderings e.g. "-x foo ! -y bar" will match "! -x foo -y bar"
if sets.NewString(fields...).IsSuperset(argset) { if sets.New(fields...).IsSuperset(argset) {
return true, nil return true, nil
} }
klog.V(5).InfoS("DBG: fields is not a superset of args", "fields", fields, "arguments", args) klog.V(5).InfoS("DBG: fields is not a superset of args", "fields", fields, "arguments", args)
@ -603,7 +602,6 @@ func (runner *runner) Monitor(canary Chain, tables []Table, reloadFunc func(), i
} }
return true, nil return true, nil
}, stopCh) }, stopCh)
if err != nil { if err != nil {
// stopCh was closed // stopCh was closed
for _, table := range tables { for _, table := range tables {

50
pkg/util/iptables/iptables_test.go
View File

@ -64,12 +64,12 @@ func testIPTablesVersionCmds(t *testing.T, protocol Protocol) {
_ = New(fexec, protocol) _ = New(fexec, protocol)
// Check that proper iptables version command was used during runner instantiation // Check that proper iptables version command was used during runner instantiation
if !sets.NewString(fcmd.CombinedOutputLog[0]...).HasAll(iptablesCmd, "--version") { if !sets.New(fcmd.CombinedOutputLog[0]...).HasAll(iptablesCmd, "--version") {
t.Errorf("%s runner instantiate: Expected cmd '%s --version', Got '%s'", protocol, iptablesCmd, fcmd.CombinedOutputLog[0]) t.Errorf("%s runner instantiate: Expected cmd '%s --version', Got '%s'", protocol, iptablesCmd, fcmd.CombinedOutputLog[0])
} }
// Check that proper iptables restore version command was used during runner instantiation // Check that proper iptables restore version command was used during runner instantiation
if !sets.NewString(fcmd.CombinedOutputLog[1]...).HasAll(iptablesRestoreCmd, "--version") { if !sets.New(fcmd.CombinedOutputLog[1]...).HasAll(iptablesRestoreCmd, "--version") {
t.Errorf("%s runner instantiate: Expected cmd '%s --version', Got '%s'", protocol, iptablesRestoreCmd, fcmd.CombinedOutputLog[1]) t.Errorf("%s runner instantiate: Expected cmd '%s --version', Got '%s'", protocol, iptablesRestoreCmd, fcmd.CombinedOutputLog[1])
} }
} }
@ -116,7 +116,7 @@ func testEnsureChain(t *testing.T, protocol Protocol) {
t.Errorf("%s new chain: Expected 2 CombinedOutput() calls, got %d", protocol, fcmd.CombinedOutputCalls) t.Errorf("%s new chain: Expected 2 CombinedOutput() calls, got %d", protocol, fcmd.CombinedOutputCalls)
} }
cmd := iptablesCommand(protocol) cmd := iptablesCommand(protocol)
if !sets.NewString(fcmd.CombinedOutputLog[1]...).HasAll(cmd, "-t", "nat", "-N", "FOOBAR") { if !sets.New(fcmd.CombinedOutputLog[1]...).HasAll(cmd, "-t", "nat", "-N", "FOOBAR") {
t.Errorf("%s new chain: Expected cmd containing '%s -t nat -N FOOBAR', got %s", protocol, cmd, fcmd.CombinedOutputLog[2]) t.Errorf("%s new chain: Expected cmd containing '%s -t nat -N FOOBAR', got %s", protocol, cmd, fcmd.CombinedOutputLog[2])
} }
// Exists. // Exists.
@ -169,7 +169,7 @@ func TestFlushChain(t *testing.T) {
if fcmd.CombinedOutputCalls != 2 { if fcmd.CombinedOutputCalls != 2 {
t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-F", "FOOBAR") { if !sets.New(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-F", "FOOBAR") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
// Failure. // Failure.
@ -206,7 +206,7 @@ func TestDeleteChain(t *testing.T) {
if fcmd.CombinedOutputCalls != 2 { if fcmd.CombinedOutputCalls != 2 {
t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-X", "FOOBAR") { if !sets.New(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-X", "FOOBAR") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
// Failure. // Failure.
@ -244,7 +244,7 @@ func TestEnsureRuleAlreadyExists(t *testing.T) {
if fcmd.CombinedOutputCalls != 2 { if fcmd.CombinedOutputCalls != 2 {
t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-C", "OUTPUT", "abc", "123") { if !sets.New(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-C", "OUTPUT", "abc", "123") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
} }
@ -280,7 +280,7 @@ func TestEnsureRuleNew(t *testing.T) {
if fcmd.CombinedOutputCalls != 3 { if fcmd.CombinedOutputCalls != 3 {
t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[2]...).HasAll("iptables", "-t", "nat", "-A", "OUTPUT", "abc", "123") { if !sets.New(fcmd.CombinedOutputLog[2]...).HasAll("iptables", "-t", "nat", "-A", "OUTPUT", "abc", "123") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[3]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[3])
} }
} }
@ -367,7 +367,7 @@ func TestDeleteRuleDoesNotExist(t *testing.T) {
if fcmd.CombinedOutputCalls != 2 { if fcmd.CombinedOutputCalls != 2 {
t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 2 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-C", "OUTPUT", "abc", "123") { if !sets.New(fcmd.CombinedOutputLog[1]...).HasAll("iptables", "-t", "nat", "-C", "OUTPUT", "abc", "123") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
} }
@ -400,7 +400,7 @@ func TestDeleteRuleExists(t *testing.T) {
if fcmd.CombinedOutputCalls != 3 { if fcmd.CombinedOutputCalls != 3 {
t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[2]...).HasAll("iptables", "-t", "nat", "-D", "OUTPUT", "abc", "123") { if !sets.New(fcmd.CombinedOutputLog[2]...).HasAll("iptables", "-t", "nat", "-D", "OUTPUT", "abc", "123") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[3]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[3])
} }
} }
@ -562,7 +562,7 @@ COMMIT
if fcmd.CombinedOutputCalls != 1 { if fcmd.CombinedOutputCalls != 1 {
t.Errorf("expected 1 CombinedOutput() call, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 1 CombinedOutput() call, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[0]...).HasAll("iptables-save", "-t", "nat") { if !sets.New(fcmd.CombinedOutputLog[0]...).HasAll("iptables-save", "-t", "nat") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[0]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[0])
} }
} }
@ -600,7 +600,7 @@ COMMIT
if fcmd.CombinedOutputCalls != 1 { if fcmd.CombinedOutputCalls != 1 {
t.Errorf("expected 1 CombinedOutput() call, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 1 CombinedOutput() call, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[0]...).HasAll("iptables-save", "-t", "nat") { if !sets.New(fcmd.CombinedOutputLog[0]...).HasAll("iptables-save", "-t", "nat") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[0]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[0])
} }
} }
@ -656,7 +656,7 @@ func TestWaitFlagUnavailable(t *testing.T) {
if fcmd.CombinedOutputCalls != 3 { if fcmd.CombinedOutputCalls != 3 {
t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if sets.NewString(fcmd.CombinedOutputLog[2]...).Has(WaitString) { if sets.New(fcmd.CombinedOutputLog[2]...).Has(WaitString) {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
} }
@ -687,10 +687,10 @@ func TestWaitFlagOld(t *testing.T) {
if fcmd.CombinedOutputCalls != 3 { if fcmd.CombinedOutputCalls != 3 {
t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[2]...).HasAll("iptables", WaitString) { if !sets.New(fcmd.CombinedOutputLog[2]...).HasAll("iptables", WaitString) {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
if sets.NewString(fcmd.CombinedOutputLog[2]...).Has(WaitSecondsValue) { if sets.New(fcmd.CombinedOutputLog[2]...).Has(WaitSecondsValue) {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
} }
@ -721,7 +721,7 @@ func TestWaitFlagNew(t *testing.T) {
if fcmd.CombinedOutputCalls != 3 { if fcmd.CombinedOutputCalls != 3 {
t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[2]...).HasAll("iptables", WaitString, WaitSecondsValue) { if !sets.New(fcmd.CombinedOutputLog[2]...).HasAll("iptables", WaitString, WaitSecondsValue) {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
} }
@ -752,7 +752,7 @@ func TestWaitIntervalFlagNew(t *testing.T) {
if fcmd.CombinedOutputCalls != 3 { if fcmd.CombinedOutputCalls != 3 {
t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls) t.Errorf("expected 3 CombinedOutput() calls, got %d", fcmd.CombinedOutputCalls)
} }
if !sets.NewString(fcmd.CombinedOutputLog[2]...).HasAll("iptables", WaitString, WaitSecondsValue, WaitIntervalString, WaitIntervalUsecondsValue) { if !sets.New(fcmd.CombinedOutputLog[2]...).HasAll("iptables", WaitString, WaitSecondsValue, WaitIntervalString, WaitIntervalUsecondsValue) {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
} }
@ -808,7 +808,7 @@ COMMIT
if fcmd.RunCalls != 1 { if fcmd.RunCalls != 1 {
t.Errorf("%s: Expected 1 Run() call, got %d", protocol, fcmd.RunCalls) t.Errorf("%s: Expected 1 Run() call, got %d", protocol, fcmd.RunCalls)
} }
if !sets.NewString(fcmd.RunLog[0]...).HasAll(iptablesSaveCmd, "-t", "nat") { if !sets.New(fcmd.RunLog[0]...).HasAll(iptablesSaveCmd, "-t", "nat") {
t.Errorf("%s: Expected cmd containing '%s -t nat', got '%s'", protocol, iptablesSaveCmd, fcmd.RunLog[0]) t.Errorf("%s: Expected cmd containing '%s -t nat', got '%s'", protocol, iptablesSaveCmd, fcmd.RunLog[0])
} }
@ -865,7 +865,7 @@ func testRestore(t *testing.T, protocol Protocol) {
t.Errorf("%s flush,restore: Expected success, got %v", protocol, err) t.Errorf("%s flush,restore: Expected success, got %v", protocol, err)
} }
commandSet := sets.NewString(fcmd.CombinedOutputLog[1]...) commandSet := sets.New(fcmd.CombinedOutputLog[1]...)
if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT), "--counters") || commandSet.HasAny("--noflush") { if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT), "--counters") || commandSet.HasAny("--noflush") {
t.Errorf("%s flush, restore: Expected cmd containing '%s -T %s --counters', got '%s'", protocol, iptablesRestoreCmd, string(TableNAT), fcmd.CombinedOutputLog[1]) t.Errorf("%s flush, restore: Expected cmd containing '%s -T %s --counters', got '%s'", protocol, iptablesRestoreCmd, string(TableNAT), fcmd.CombinedOutputLog[1])
} }
@ -876,7 +876,7 @@ func testRestore(t *testing.T, protocol Protocol) {
t.Errorf("%s flush, no restore: Expected success, got %v", protocol, err) t.Errorf("%s flush, no restore: Expected success, got %v", protocol, err)
} }
commandSet = sets.NewString(fcmd.CombinedOutputLog[2]...) commandSet = sets.New(fcmd.CombinedOutputLog[2]...)
if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT)) || commandSet.HasAny("--noflush", "--counters") { if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT)) || commandSet.HasAny("--noflush", "--counters") {
t.Errorf("%s flush, no restore: Expected cmd containing '--noflush' or '--counters', got '%s'", protocol, fcmd.CombinedOutputLog[2]) t.Errorf("%s flush, no restore: Expected cmd containing '--noflush' or '--counters', got '%s'", protocol, fcmd.CombinedOutputLog[2])
} }
@ -887,7 +887,7 @@ func testRestore(t *testing.T, protocol Protocol) {
t.Errorf("%s no flush, restore: Expected success, got %v", protocol, err) t.Errorf("%s no flush, restore: Expected success, got %v", protocol, err)
} }
commandSet = sets.NewString(fcmd.CombinedOutputLog[3]...) commandSet = sets.New(fcmd.CombinedOutputLog[3]...)
if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT), "--noflush", "--counters") { if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT), "--noflush", "--counters") {
t.Errorf("%s no flush, restore: Expected cmd containing '--noflush' and '--counters', got '%s'", protocol, fcmd.CombinedOutputLog[3]) t.Errorf("%s no flush, restore: Expected cmd containing '--noflush' and '--counters', got '%s'", protocol, fcmd.CombinedOutputLog[3])
} }
@ -898,7 +898,7 @@ func testRestore(t *testing.T, protocol Protocol) {
t.Errorf("%s no flush, no restore: Expected success, got %v", protocol, err) t.Errorf("%s no flush, no restore: Expected success, got %v", protocol, err)
} }
commandSet = sets.NewString(fcmd.CombinedOutputLog[4]...) commandSet = sets.New(fcmd.CombinedOutputLog[4]...)
if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT), "--noflush") || commandSet.HasAny("--counters") { if !commandSet.HasAll(iptablesRestoreCmd, "-T", string(TableNAT), "--noflush") || commandSet.HasAny("--counters") {
t.Errorf("%s no flush, no restore: Expected cmd containing '%s -T %s --noflush', got '%s'", protocol, iptablesRestoreCmd, string(TableNAT), fcmd.CombinedOutputLog[4]) t.Errorf("%s no flush, no restore: Expected cmd containing '%s -T %s --noflush', got '%s'", protocol, iptablesRestoreCmd, string(TableNAT), fcmd.CombinedOutputLog[4])
} }
@ -947,7 +947,7 @@ func TestRestoreAll(t *testing.T) {
t.Fatalf("expected success, got %v", err) t.Fatalf("expected success, got %v", err)
} }
commandSet := sets.NewString(fcmd.CombinedOutputLog[1]...) commandSet := sets.New(fcmd.CombinedOutputLog[1]...)
if !commandSet.HasAll("iptables-restore", "--counters", "--noflush") { if !commandSet.HasAll("iptables-restore", "--counters", "--noflush") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
@ -988,7 +988,7 @@ func TestRestoreAllWait(t *testing.T) {
t.Fatalf("expected success, got %v", err) t.Fatalf("expected success, got %v", err)
} }
commandSet := sets.NewString(fcmd.CombinedOutputLog[1]...) commandSet := sets.New(fcmd.CombinedOutputLog[1]...)
if !commandSet.HasAll("iptables-restore", WaitString, WaitSecondsValue, WaitIntervalString, WaitIntervalUsecondsValue, "--counters", "--noflush") { if !commandSet.HasAll("iptables-restore", WaitString, WaitSecondsValue, WaitIntervalString, WaitIntervalUsecondsValue, "--counters", "--noflush") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[1]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[1])
} }
@ -1036,7 +1036,7 @@ func TestRestoreAllWaitOldIptablesRestore(t *testing.T) {
t.Fatalf("expected success, got %v", err) t.Fatalf("expected success, got %v", err)
} }
commandSet := sets.NewString(fcmd.CombinedOutputLog[2]...) commandSet := sets.New(fcmd.CombinedOutputLog[2]...)
if !commandSet.HasAll("iptables-restore", "--counters", "--noflush") { if !commandSet.HasAll("iptables-restore", "--counters", "--noflush") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }
@ -1180,7 +1180,7 @@ func TestRestoreAllWaitBackportedIptablesRestore(t *testing.T) {
t.Fatalf("expected success, got %v", err) t.Fatalf("expected success, got %v", err)
} }
commandSet := sets.NewString(fcmd.CombinedOutputLog[2]...) commandSet := sets.New(fcmd.CombinedOutputLog[2]...)
if !commandSet.HasAll("iptables-restore", "--counters", "--noflush") { if !commandSet.HasAll("iptables-restore", "--counters", "--noflush") {
t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2]) t.Errorf("wrong CombinedOutput() log, got %s", fcmd.CombinedOutputLog[2])
} }

20
pkg/util/iptables/monitor_test.go
View File

@ -41,17 +41,17 @@ import (
type monitorFakeExec struct { type monitorFakeExec struct {
sync.Mutex sync.Mutex
tables map[string]sets.String tables map[string]sets.Set[string]
block bool block bool
wasBlocked bool wasBlocked bool
} }
func newMonitorFakeExec() *monitorFakeExec { func newMonitorFakeExec() *monitorFakeExec {
tables := make(map[string]sets.String) tables := make(map[string]sets.Set[string])
tables["mangle"] = sets.NewString() tables["mangle"] = sets.New[string]()
tables["filter"] = sets.NewString() tables["filter"] = sets.New[string]()
tables["nat"] = sets.NewString() tables["nat"] = sets.New[string]()
return &monitorFakeExec{tables: tables} return &monitorFakeExec{tables: tables}
} }
@ -148,33 +148,43 @@ func (mfc *monitorFakeCmd) SetStdin(in io.Reader) {
func (mfc *monitorFakeCmd) Run() error { func (mfc *monitorFakeCmd) Run() error {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) Output() ([]byte, error) { func (mfc *monitorFakeCmd) Output() ([]byte, error) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) SetDir(dir string) { func (mfc *monitorFakeCmd) SetDir(dir string) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) SetStdout(out io.Writer) { func (mfc *monitorFakeCmd) SetStdout(out io.Writer) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) SetStderr(out io.Writer) { func (mfc *monitorFakeCmd) SetStderr(out io.Writer) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) SetEnv(env []string) { func (mfc *monitorFakeCmd) SetEnv(env []string) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) StdoutPipe() (io.ReadCloser, error) { func (mfc *monitorFakeCmd) StdoutPipe() (io.ReadCloser, error) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) StderrPipe() (io.ReadCloser, error) { func (mfc *monitorFakeCmd) StderrPipe() (io.ReadCloser, error) {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) Start() error { func (mfc *monitorFakeCmd) Start() error {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) Wait() error { func (mfc *monitorFakeCmd) Wait() error {
panic("should not be reached") panic("should not be reached")
} }
func (mfc *monitorFakeCmd) Stop() { func (mfc *monitorFakeCmd) Stop() {
panic("should not be reached") panic("should not be reached")
} }

2
pkg/util/iptables/testing/fake.go
View File

@ -219,7 +219,7 @@ func (f *FakeIPTables) SaveInto(table iptables.Table, buffer *bytes.Buffer) erro
} }
// This is not a complete list but it's enough to pass the unit tests // This is not a complete list but it's enough to pass the unit tests
var builtinTargets = sets.NewString("ACCEPT", "DROP", "RETURN", "REJECT", "DNAT", "SNAT", "MASQUERADE", "MARK") var builtinTargets = sets.New("ACCEPT", "DROP", "RETURN", "REJECT", "DNAT", "SNAT", "MASQUERADE", "MARK")
func (f *FakeIPTables) restoreTable(newDump *IPTablesDump, newTable *Table, flush iptables.FlushFlag, counters iptables.RestoreCountersFlag) error { func (f *FakeIPTables) restoreTable(newDump *IPTablesDump, newTable *Table, flush iptables.FlushFlag, counters iptables.RestoreCountersFlag) error {
oldTable, err := f.Dump.GetTable(newTable.Name) oldTable, err := f.Dump.GetTable(newTable.Name)