mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 19:31:44 +00:00
refactor(golint): lint fixes for iptables test file
Signed-off-by: gkarthiks <github.gkarthiks@gmail.com>
This commit is contained in:
parent
a8128804ab
commit
a4abc1dd4d
@ -219,7 +219,6 @@ pkg/ssh
|
||||
pkg/util/config
|
||||
pkg/util/ebtables
|
||||
pkg/util/goroutinemap/exponentialbackoff
|
||||
pkg/util/iptables/testing
|
||||
pkg/util/labels # See previous effort in PR #80685
|
||||
pkg/util/oom
|
||||
pkg/util/procfs
|
||||
|
@ -26,80 +26,106 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
// Destination represents the destination address flag
|
||||
Destination = "-d "
|
||||
Source = "-s "
|
||||
DPort = "--dport "
|
||||
Protocol = "-p "
|
||||
Jump = "-j "
|
||||
Reject = "REJECT"
|
||||
ToDest = "--to-destination "
|
||||
Recent = "recent "
|
||||
MatchSet = "--match-set "
|
||||
SrcType = "--src-type "
|
||||
Masquerade = "MASQUERADE "
|
||||
// Source represents the source address flag
|
||||
Source = "-s "
|
||||
// DPort represents the destination port
|
||||
DPort = "--dport "
|
||||
// Protocol represents the protocol flag which takes input by number of name
|
||||
Protocol = "-p "
|
||||
// Jump represents jump flag specifies the jump target
|
||||
Jump = "-j "
|
||||
// Reject specifies the reject target
|
||||
Reject = "REJECT"
|
||||
// ToDest represents the --to-destination flag used to specify the destination address in DNAT
|
||||
ToDest = "--to-destination "
|
||||
// Recent represents the sub-command recent that allows to dynamically create list of IP address to match against
|
||||
Recent = "recent "
|
||||
// MatchSet represents the --match-set flag which match packets against the specified set
|
||||
MatchSet = "--match-set "
|
||||
// SrcType represents the --src-type flag which matches if the source address is of given type
|
||||
SrcType = "--src-type "
|
||||
// Masquerade represents the target that is used in nat table.
|
||||
Masquerade = "MASQUERADE "
|
||||
)
|
||||
|
||||
// Rule holds a map of rules.
|
||||
type Rule map[string]string
|
||||
|
||||
// no-op implementation of iptables Interface
|
||||
// FakeIPTables no-op implementation of iptables Interface.
|
||||
type FakeIPTables struct {
|
||||
hasRandomFully bool
|
||||
Lines []byte
|
||||
}
|
||||
|
||||
// NewFake returns a pointer for no-op implementation of iptables Interface.
|
||||
func NewFake() *FakeIPTables {
|
||||
return &FakeIPTables{}
|
||||
}
|
||||
|
||||
// SetHasRandomFully will enable the port maping fully randomized in the no-op implementation of iptables Interface.
|
||||
func (f *FakeIPTables) SetHasRandomFully(can bool) *FakeIPTables {
|
||||
f.hasRandomFully = can
|
||||
return f
|
||||
}
|
||||
|
||||
// EnsureChain will returns true and states the specified chain exists for testing.
|
||||
func (*FakeIPTables) EnsureChain(table iptables.Table, chain iptables.Chain) (bool, error) {
|
||||
return true, nil
|
||||
}
|
||||
|
||||
// FlushChain returns nil and states that the specified chain is cleared.
|
||||
func (*FakeIPTables) FlushChain(table iptables.Table, chain iptables.Chain) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeleteChain returns nil and states that the specified chain exists and it is deleted.
|
||||
func (*FakeIPTables) DeleteChain(table iptables.Table, chain iptables.Chain) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// EnsureRule return true and states that the specified rule is present.
|
||||
func (*FakeIPTables) EnsureRule(position iptables.RulePosition, table iptables.Table, chain iptables.Chain, args ...string) (bool, error) {
|
||||
return true, nil
|
||||
}
|
||||
|
||||
// DeleteRule returns nil and states that the specified rule is present and is deleted.
|
||||
func (*FakeIPTables) DeleteRule(table iptables.Table, chain iptables.Chain, args ...string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// IsIpv6 returns false and states that it is managing only ipv4 tables.
|
||||
func (*FakeIPTables) IsIpv6() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
// Save returns a copy of the iptables lines byte array.
|
||||
func (f *FakeIPTables) Save(table iptables.Table) ([]byte, error) {
|
||||
lines := make([]byte, len(f.Lines))
|
||||
copy(lines, f.Lines)
|
||||
return lines, nil
|
||||
}
|
||||
|
||||
// SaveInto calls `iptables-save` command for table and stores result in a given buffer.
|
||||
func (f *FakeIPTables) SaveInto(table iptables.Table, buffer *bytes.Buffer) error {
|
||||
buffer.Write(f.Lines)
|
||||
return nil
|
||||
}
|
||||
|
||||
// Restore returns null and states that it ran `iptables-restore` successfully.
|
||||
func (*FakeIPTables) Restore(table iptables.Table, data []byte, flush iptables.FlushFlag, counters iptables.RestoreCountersFlag) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// RestoreAll is the same as Restore except that no table is specified.
|
||||
func (f *FakeIPTables) RestoreAll(data []byte, flush iptables.FlushFlag, counters iptables.RestoreCountersFlag) error {
|
||||
f.Lines = data
|
||||
return nil
|
||||
}
|
||||
|
||||
// Monitor detects when the given iptables tables have been flushed by an external
|
||||
// tool (e.g. a firewall reload) by creating canary chains and polling to see if they have been deleted.
|
||||
func (f *FakeIPTables) Monitor(canary iptables.Chain, tables []iptables.Table, reloadFunc func(), interval time.Duration, stopCh <-chan struct{}) {
|
||||
}
|
||||
|
||||
@ -111,7 +137,7 @@ func getToken(line, separator string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
// GetChain returns a list of rules for the given chain.
|
||||
// GetRules returns a list of rules for the given chain.
|
||||
// The chain name must match exactly.
|
||||
// The matching is pretty dumb, don't rely on it for anything but testing.
|
||||
func (f *FakeIPTables) GetRules(chainName string) (rules []Rule) {
|
||||
@ -130,6 +156,7 @@ func (f *FakeIPTables) GetRules(chainName string) (rules []Rule) {
|
||||
return
|
||||
}
|
||||
|
||||
// HasRandomFully returns the value of the flag --random-fully
|
||||
func (f *FakeIPTables) HasRandomFully() bool {
|
||||
return f.hasRandomFully
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user