github.com/geofffranks/garden-linux@v0.0.0-20160715111146-26c893169cfa/linux_container/iptables_manager/iptables_manager.go

github.com/geofffranks/garden-linux@v0.0.0-20160715111146-26c893169cfa/linux_container/iptables_manager/iptables_manager.go (about)

     1  package iptables_manager
     2  
     3  import "net"
     4  
     5  //go:generate counterfeiter -o fake_chain/fake_chain.go . Chain
     6  type Chain interface {
     7  	Setup(containerID, bridgeName string, ip net.IP, network *net.IPNet) error
     8  	Teardown(containerID string) error
     9  }
    10  
    11  type IPTablesManager struct {
    12  	chains []Chain
    13  }
    14  
    15  func New() *IPTablesManager {
    16  	return &IPTablesManager{}
    17  }
    18  
    19  func (mgr *IPTablesManager) AddChain(chain Chain) *IPTablesManager {
    20  	mgr.chains = append(mgr.chains, chain)
    21  
    22  	return mgr
    23  }
    24  
    25  func (mgr *IPTablesManager) ContainerSetup(containerID, bridgeName string, ip net.IP, network *net.IPNet) error {
    26  	if err := mgr.ContainerTeardown(containerID); err != nil {
    27  		return err
    28  	}
    29  
    30  	for index, chain := range mgr.chains {
    31  		if err := chain.Setup(containerID, bridgeName, ip, network); err != nil {
    32  			for i := 0; i < index; i++ {
    33  				mgr.chains[i].Teardown(containerID)
    34  			}
    35  			return err
    36  		}
    37  
    38  	}
    39  
    40  	return nil
    41  }
    42  
    43  func (mgr *IPTablesManager) ContainerTeardown(containerID string) error {
    44  	var lastErr error
    45  	for _, chain := range mgr.chains {
    46  		if err := chain.Teardown(containerID); err != nil {
    47  			lastErr = err
    48  		}
    49  	}
    50  
    51  	return lastErr
    52  }