diff options
| author | Kevin Krakauer <krakauer@google.com> | 2020-06-25 21:20:29 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-06-25 21:21:57 -0700 |
| commit | 7fb6cc286fffab2f408a5dbc228e0db706104682 (patch) | |
| tree | b34e3fbc648f2b317f74295ef9c4ec3837d65f54 /pkg/sentry/socket | |
| parent | 4069461877d843654d18db74a5962b332f1226aa (diff) | |
conntrack refactor, no behavior changes
- Split connTrackForPacket into 2 functions instead of switching on flag
- Replace hash with struct keys.
- Remove prefixes where possible
- Remove unused connStatus, timeout
- Flatten ConnTrack struct a bit - some intermediate structs had no meaning
outside of the context of their parent.
- Protect conn.tcb with a mutex
- Remove redundant error checking (e.g. when is pkt.NetworkHeader valid)
- Clarify that HandlePacket and CreateConnFor are the expected entrypoints for
ConnTrack
PiperOrigin-RevId: 318407168
Diffstat (limited to 'pkg/sentry/socket')
| -rw-r--r-- | pkg/sentry/socket/netfilter/targets.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/sentry/socket/netfilter/targets.go b/pkg/sentry/socket/netfilter/targets.go index 84abe8d29..b91ba3ab3 100644 --- a/pkg/sentry/socket/netfilter/targets.go +++ b/pkg/sentry/socket/netfilter/targets.go @@ -30,6 +30,6 @@ type JumpTarget struct { } // Action implements stack.Target.Action. -func (jt JumpTarget) Action(*stack.PacketBuffer, *stack.ConnTrackTable, stack.Hook, *stack.GSO, *stack.Route, tcpip.Address) (stack.RuleVerdict, int) { +func (jt JumpTarget) Action(*stack.PacketBuffer, *stack.ConnTrack, stack.Hook, *stack.GSO, *stack.Route, tcpip.Address) (stack.RuleVerdict, int) { return stack.RuleJump, jt.RuleNum } |