diff options
| author | Kevin Krakauer <krakauer@google.com> | 2021-06-14 12:24:04 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-06-14 12:26:29 -0700 |
| commit | 9c7ff24fe6160f5eaa7f0018cc88d253abc7beae (patch) | |
| tree | 0c96bea8b674a10052b4d94fc7fa28fb00eff667 /pkg/sentry/socket/netstack | |
| parent | b720bcb6f61b6e518fac05ded41d177c4b6986d7 (diff) | |
Cleanup iptables bug TODOs
There are many references to unimplemented iptables features that link to #170,
but that bug is about Istio support specifically. Istio is supported, so the
references should change.
Some TODOs are addressed, some removed because they are not features requested
by users, and some are left as implementation notes.
Fixes #170.
PiperOrigin-RevId: 379328488
Diffstat (limited to 'pkg/sentry/socket/netstack')
| -rw-r--r-- | pkg/sentry/socket/netstack/netstack.go | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/pkg/sentry/socket/netstack/netstack.go b/pkg/sentry/socket/netstack/netstack.go index d4b1bad67..11ba80497 100644 --- a/pkg/sentry/socket/netstack/netstack.go +++ b/pkg/sentry/socket/netstack/netstack.go @@ -2105,10 +2105,10 @@ func setSockOptIPv6(t *kernel.Task, s socket.SocketOps, ep commonEndpoint, name return syserr.ErrNoDevice } // Stack must be a netstack stack. - return netfilter.SetEntries(stack.(*Stack).Stack, optVal, true) + return netfilter.SetEntries(t, stack.(*Stack).Stack, optVal, true) case linux.IP6T_SO_SET_ADD_COUNTERS: - // TODO(gvisor.dev/issue/170): Counter support. + log.Infof("IP6T_SO_SET_ADD_COUNTERS is not supported") return nil default: @@ -2348,10 +2348,10 @@ func setSockOptIP(t *kernel.Task, s socket.SocketOps, ep commonEndpoint, name in return syserr.ErrNoDevice } // Stack must be a netstack stack. - return netfilter.SetEntries(stack.(*Stack).Stack, optVal, false) + return netfilter.SetEntries(t, stack.(*Stack).Stack, optVal, false) case linux.IPT_SO_SET_ADD_COUNTERS: - // TODO(gvisor.dev/issue/170): Counter support. + log.Infof("IPT_SO_SET_ADD_COUNTERS is not supported") return nil case linux.IP_ADD_SOURCE_MEMBERSHIP, |