From 211bbf82ad2f490ed7215568c2065d76dfa682ca Mon Sep 17 00:00:00 2001
From: Kevin Krakauer <krakauer@google.com>
Date: Mon, 18 Oct 2021 15:07:06 -0700
Subject: conntrack: use tcpip.Clock instead of time.Time

- We should be using a monotonic clock
- This will make future testing easier

Updates #6748.

PiperOrigin-RevId: 404072318
---
 pkg/sentry/socket/netfilter/netfilter.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'pkg/sentry')

diff --git a/pkg/sentry/socket/netfilter/netfilter.go b/pkg/sentry/socket/netfilter/netfilter.go
index e3eade180..8d9e73243 100644
--- a/pkg/sentry/socket/netfilter/netfilter.go
+++ b/pkg/sentry/socket/netfilter/netfilter.go
@@ -58,8 +58,8 @@ var nameToID = map[string]stack.TableID{
 
 // DefaultLinuxTables returns the rules of stack.DefaultTables() wrapped for
 // compatibility with netfilter extensions.
-func DefaultLinuxTables(seed uint32) *stack.IPTables {
-	tables := stack.DefaultTables(seed)
+func DefaultLinuxTables(seed uint32, clock tcpip.Clock) *stack.IPTables {
+	tables := stack.DefaultTables(seed, clock)
 	tables.VisitTargets(func(oldTarget stack.Target) stack.Target {
 		switch val := oldTarget.(type) {
 		case *stack.AcceptTarget:
-- 
cgit v1.2.3