refactor(golint): lint fixes for iptables test file

Signed-off-by: gkarthiks <github.gkarthiks@gmail.com>
This commit is contained in:
gkarthiks 2019-11-22 19:57:43 -08:00
parent a8128804ab
commit a4abc1dd4d
2 changed files with 39 additions and 13 deletions

View File

@ -219,7 +219,6 @@ pkg/ssh
pkg/util/config
pkg/util/ebtables
pkg/util/goroutinemap/exponentialbackoff
pkg/util/iptables/testing
pkg/util/labels # See previous effort in PR #80685
pkg/util/oom
pkg/util/procfs

View File

@ -26,80 +26,106 @@ import (
)
const (
// Destination represents the destination address flag
Destination = "-d "
Source = "-s "
DPort = "--dport "
Protocol = "-p "
Jump = "-j "
Reject = "REJECT"
ToDest = "--to-destination "
Recent = "recent "
MatchSet = "--match-set "
SrcType = "--src-type "
Masquerade = "MASQUERADE "
// Source represents the source address flag
Source = "-s "
// DPort represents the destination port
DPort = "--dport "
// Protocol represents the protocol flag which takes input by number of name
Protocol = "-p "
// Jump represents jump flag specifies the jump target
Jump = "-j "
// Reject specifies the reject target
Reject = "REJECT"
// ToDest represents the --to-destination flag used to specify the destination address in DNAT
ToDest = "--to-destination "
// Recent represents the sub-command recent that allows to dynamically create list of IP address to match against
Recent = "recent "
// MatchSet represents the --match-set flag which match packets against the specified set
MatchSet = "--match-set "
// SrcType represents the --src-type flag which matches if the source address is of given type
SrcType = "--src-type "
// Masquerade represents the target that is used in nat table.
Masquerade = "MASQUERADE "
)
// Rule holds a map of rules.
type Rule map[string]string
// no-op implementation of iptables Interface
// FakeIPTables no-op implementation of iptables Interface.
type FakeIPTables struct {
hasRandomFully bool
Lines []byte
}
// NewFake returns a pointer for no-op implementation of iptables Interface.
func NewFake() *FakeIPTables {
return &FakeIPTables{}
}
// SetHasRandomFully will enable the port maping fully randomized in the no-op implementation of iptables Interface.
func (f *FakeIPTables) SetHasRandomFully(can bool) *FakeIPTables {
f.hasRandomFully = can
return f
}
// EnsureChain will returns true and states the specified chain exists for testing.
func (*FakeIPTables) EnsureChain(table iptables.Table, chain iptables.Chain) (bool, error) {
return true, nil
}
// FlushChain returns nil and states that the specified chain is cleared.
func (*FakeIPTables) FlushChain(table iptables.Table, chain iptables.Chain) error {
return nil
}
// DeleteChain returns nil and states that the specified chain exists and it is deleted.
func (*FakeIPTables) DeleteChain(table iptables.Table, chain iptables.Chain) error {
return nil
}
// EnsureRule return true and states that the specified rule is present.
func (*FakeIPTables) EnsureRule(position iptables.RulePosition, table iptables.Table, chain iptables.Chain, args ...string) (bool, error) {
return true, nil
}
// DeleteRule returns nil and states that the specified rule is present and is deleted.
func (*FakeIPTables) DeleteRule(table iptables.Table, chain iptables.Chain, args ...string) error {
return nil
}
// IsIpv6 returns false and states that it is managing only ipv4 tables.
func (*FakeIPTables) IsIpv6() bool {
return false
}
// Save returns a copy of the iptables lines byte array.
func (f *FakeIPTables) Save(table iptables.Table) ([]byte, error) {
lines := make([]byte, len(f.Lines))
copy(lines, f.Lines)
return lines, nil
}
// SaveInto calls `iptables-save` command for table and stores result in a given buffer.
func (f *FakeIPTables) SaveInto(table iptables.Table, buffer *bytes.Buffer) error {
buffer.Write(f.Lines)
return nil
}
// Restore returns null and states that it ran `iptables-restore` successfully.
func (*FakeIPTables) Restore(table iptables.Table, data []byte, flush iptables.FlushFlag, counters iptables.RestoreCountersFlag) error {
return nil
}
// RestoreAll is the same as Restore except that no table is specified.
func (f *FakeIPTables) RestoreAll(data []byte, flush iptables.FlushFlag, counters iptables.RestoreCountersFlag) error {
f.Lines = data
return nil
}
// Monitor detects when the given iptables tables have been flushed by an external
// tool (e.g. a firewall reload) by creating canary chains and polling to see if they have been deleted.
func (f *FakeIPTables) Monitor(canary iptables.Chain, tables []iptables.Table, reloadFunc func(), interval time.Duration, stopCh <-chan struct{}) {
}
@ -111,7 +137,7 @@ func getToken(line, separator string) string {
return ""
}
// GetChain returns a list of rules for the given chain.
// GetRules returns a list of rules for the given chain.
// The chain name must match exactly.
// The matching is pretty dumb, don't rely on it for anything but testing.
func (f *FakeIPTables) GetRules(chainName string) (rules []Rule) {
@ -130,6 +156,7 @@ func (f *FakeIPTables) GetRules(chainName string) (rules []Rule) {
return
}
// HasRandomFully returns the value of the flag --random-fully
func (f *FakeIPTables) HasRandomFully() bool {
return f.hasRandomFully
}