diff options
| author | kevin.xu <cming.xu@gmail.com> | 2020-04-27 21:51:31 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-27 21:51:31 +0800 |
| commit | e896ca54db67524afc20b644d43c72185e72dc0e (patch) | |
| tree | 2a16f3a62a5cafd098f1f028c621f1b655589d69 /pkg/tcpip/iptables/iptables.go | |
| parent | 1f19624fa127d7d59cabe29593cc80b7fe6c81f8 (diff) | |
| parent | 3c67754663f424f2ebbc0ff2a4c80e30618d5355 (diff) | |
Merge pull request #1 from google/master
catch up
Diffstat (limited to 'pkg/tcpip/iptables/iptables.go')
| -rw-r--r-- | pkg/tcpip/iptables/iptables.go | 81 |
1 files changed, 0 insertions, 81 deletions
diff --git a/pkg/tcpip/iptables/iptables.go b/pkg/tcpip/iptables/iptables.go deleted file mode 100644 index 68c68d4aa..000000000 --- a/pkg/tcpip/iptables/iptables.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2019 The gVisor authors. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package iptables supports packet filtering and manipulation via the iptables -// tool. -package iptables - -const ( - tablenameNat = "nat" - tablenameMangle = "mangle" -) - -// Chain names as defined by net/ipv4/netfilter/ip_tables.c. -const ( - chainNamePrerouting = "PREROUTING" - chainNameInput = "INPUT" - chainNameForward = "FORWARD" - chainNameOutput = "OUTPUT" - chainNamePostrouting = "POSTROUTING" -) - -// DefaultTables returns a default set of tables. Each chain is set to accept -// all packets. -func DefaultTables() IPTables { - return IPTables{ - Tables: map[string]Table{ - tablenameNat: Table{ - BuiltinChains: map[Hook]Chain{ - Prerouting: unconditionalAcceptChain(chainNamePrerouting), - Input: unconditionalAcceptChain(chainNameInput), - Output: unconditionalAcceptChain(chainNameOutput), - Postrouting: unconditionalAcceptChain(chainNamePostrouting), - }, - DefaultTargets: map[Hook]Target{ - Prerouting: UnconditionalAcceptTarget{}, - Input: UnconditionalAcceptTarget{}, - Output: UnconditionalAcceptTarget{}, - Postrouting: UnconditionalAcceptTarget{}, - }, - UserChains: map[string]Chain{}, - }, - tablenameMangle: Table{ - BuiltinChains: map[Hook]Chain{ - Prerouting: unconditionalAcceptChain(chainNamePrerouting), - Output: unconditionalAcceptChain(chainNameOutput), - }, - DefaultTargets: map[Hook]Target{ - Prerouting: UnconditionalAcceptTarget{}, - Output: UnconditionalAcceptTarget{}, - }, - UserChains: map[string]Chain{}, - }, - }, - Priorities: map[Hook][]string{ - Prerouting: []string{tablenameMangle, tablenameNat}, - Output: []string{tablenameMangle, tablenameNat}, - }, - } -} - -func unconditionalAcceptChain(name string) Chain { - return Chain{ - Name: name, - Rules: []Rule{ - Rule{ - Target: UnconditionalAcceptTarget{}, - }, - }, - } -} |