More little fixes.

author: Kevin Krakauer <krakauer@google.com> 2020-01-21 13:39:48 -0800
committer: Kevin Krakauer <krakauer@google.com> 2020-01-21 13:42:43 -0800
commit: 9f736ac6a7747917f690596ac9b072c108b5670c (patch)
tree: 1d37d19db8c4b6c116977564032af85935eaf420
parent: 47bc7550c0b8fcde7b3452bf536082e955882026 (diff)
2 files changed, 3 insertions, 4 deletions
diff --git a/pkg/sentry/socket/netfilter/netfilter.go b/pkg/sentry/socket/netfilter/netfilter.go
index 4ef8123ac..e1f2bacce 100644
--- a/pkg/sentry/socket/netfilter/netfilter.go
+++ b/pkg/sentry/socket/netfilter/netfilter.go
@@ -325,8 +325,8 @@ func SetEntries(stack *stack.Stack, optVal []byte) *syserr.Error {
 			return syserr.ErrInvalidArgument
 		}
 
-		// TODO(gvisor.dev/issue/170): We should support IPTIP
-		// filtering. We reject any nonzero IPTIP values for now.
+		// TODO(gvisor.dev/issue/170): We should support more IPTIP
+		// filtering fields.
 		filter, err := filterFromIPTIP(entry.IP)
 		if err != nil {
 			return err
diff --git a/test/iptables/iptables_test.go b/test/iptables/iptables_test.go
index 150b44e42..679a29bef 100644
--- a/test/iptables/iptables_test.go
+++ b/test/iptables/iptables_test.go
@@ -15,6 +15,7 @@
 package iptables
 
 import (
+	"flag"
 	"fmt"
 	"net"
 	"os"
@@ -22,8 +23,6 @@ import (
 	"testing"
 	"time"
 
-	"flag"
-
 	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/runsc/dockerutil"
 	"gvisor.dev/gvisor/runsc/testutil"
author	Kevin Krakauer <krakauer@google.com>	2020-01-21 13:39:48 -0800
committer	Kevin Krakauer <krakauer@google.com>	2020-01-21 13:42:43 -0800
commit	9f736ac6a7747917f690596ac9b072c108b5670c (patch)
tree	1d37d19db8c4b6c116977564032af85935eaf420
parent	47bc7550c0b8fcde7b3452bf536082e955882026 (diff)