diff options
author | Kevin Krakauer <krakauer@google.com> | 2020-01-31 13:46:13 -0800 |
---|---|---|
committer | Kevin Krakauer <krakauer@google.com> | 2020-01-31 13:46:13 -0800 |
commit | eba7bdc24d31388ca81eeab251ed2db108f785dc (patch) | |
tree | 465da8d7f4a14d35b92cd67b3913084306b4fcb4 /pkg/sentry/socket/hostinet | |
parent | 2142c70118a6f5ac3ca438a240525af4fa114f7f (diff) |
iptables: enable TCP matching with "-m tcp".
A couple other things that changed:
- There's a proper extension registration system for matchers. Anyone
adding another matcher can use tcp_matcher.go or udp_matcher.go as a
template.
- All logging and use of syserr.Error in the netfilter package happens at the
highest possible level (public functions). Lower-level functions just
return normal, descriptive golang errors.
Diffstat (limited to 'pkg/sentry/socket/hostinet')
0 files changed, 0 insertions, 0 deletions