1 files changed, 16 insertions, 7 deletions

diff --git a/test/iptables/iptables_util.go b/test/iptables/iptables_util.go
index 5c9199abf..32cf5a417 100644
--- a/test/iptables/iptables_util.go
+++ b/test/iptables/iptables_util.go
@@ -27,17 +27,16 @@ const iptablesBinary = "iptables"
 
 // filterTable calls `iptables -t filter` with the given args.
 func filterTable(args ...string) error {
-	args = append([]string{"-t", "filter"}, args...)
-	cmd := exec.Command(iptablesBinary, args...)
-	if out, err := cmd.CombinedOutput(); err != nil {
-		return fmt.Errorf("error running iptables with args %v\nerror: %v\noutput: %s", args, err, string(out))
-	}
-	return nil
+	return tableCmd("filter", args)
 }
 
 // natTable calls `iptables -t nat` with the given args.
 func natTable(args ...string) error {
-	args = append([]string{"-t", "nat"}, args...)
+	return tableCmd("nat", args)
+}
+
+func tableCmd(table string, args []string) error {
+	args = append([]string{"-t", table}, args...)
 	cmd := exec.Command(iptablesBinary, args...)
 	if out, err := cmd.CombinedOutput(); err != nil {
 		return fmt.Errorf("error running iptables with args %v\nerror: %v\noutput: %s", args, err, string(out))
@@ -45,6 +44,16 @@ func natTable(args ...string) error {
 	return nil
 }
 
+// filterTableRules is like filterTable, but runs multiple iptables commands.
+func filterTableRules(argsList [][]string) error {
+	for _, args := range argsList {
+		if err := filterTable(args...); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 // listenUDP listens on a UDP port and returns the value of net.Conn.Read() for
 // the first read on that port.
 func listenUDP(port int, timeout time.Duration) error {