iptables - filter packets using outgoing interface.

Enables commands with -o (--out-interface) for iptables rules. $ iptables -A OUTPUT -o eth0 -j ACCEPT PiperOrigin-RevId: 310642286
author: gVisor bot <gvisor-bot@google.com> 2020-05-08 15:39:04 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-05-08 15:44:54 -0700
commit: cfd30665c1d857f20dd05e67c6da6833770e2141 (patch)
tree: 223515237833691eeeaf1fc1ef19218a98b26831 /pkg/tcpip/stack/stack.go
parent: e4d2d21f6b1b93146378ed5edc0c55d2ae4fb3af (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/pkg/tcpip/stack/stack.go b/pkg/tcpip/stack/stack.go
index e33fae4eb..b39ffa9fb 100644
--- a/pkg/tcpip/stack/stack.go
+++ b/pkg/tcpip/stack/stack.go
@@ -1898,9 +1898,23 @@ func (s *Stack) FindNetworkEndpoint(netProto tcpip.NetworkProtocolNumber, addres
 			nic.mu.RLock()
 			defer nic.mu.RUnlock()
 
-			// An endpoint with this id exists, check if it can be used and return it.
+			// An endpoint with this id exists, check if it can be
+			// used and return it.
 			return ref.ep, nil
 		}
 	}
 	return nil, tcpip.ErrBadAddress
 }
+
+// FindNICNameFromID returns the name of the nic for the given NICID.
+func (s *Stack) FindNICNameFromID(id tcpip.NICID) string {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	nic, ok := s.nics[id]
+	if !ok {
+		return ""
+	}
+
+	return nic.Name()
+}
author	gVisor bot <gvisor-bot@google.com>	2020-05-08 15:39:04 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-05-08 15:44:54 -0700
commit	cfd30665c1d857f20dd05e67c6da6833770e2141 (patch)
tree	223515237833691eeeaf1fc1ef19218a98b26831 /pkg/tcpip/stack/stack.go
parent	e4d2d21f6b1b93146378ed5edc0c55d2ae4fb3af (diff)