InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
071d27cd3db8a8395677431727501ff28997edb8
moby/libnetwork/testdata
History
Rob Murray 76417bf763 Don't use ipset 
Commit 0546d90 introduced the use of ipset to reduce the number
of rules that need to be processed per-packet, and make the code
a bit simpler.

But, docker's used on embedded kernels compiled without support
for ipset, so the change is too disruptive.

Replace the two ipset rules with a new chain that writes out the
rule's actions long-hand. So ..

This rule:
  -A FORWARD -m set --match-set docker-ext-bridges-v4 dst \
    -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
Is transformed into a per-bridge rule in new chain DOCKER-CT:
  -A DOCKER-FORWARD -j DOCKER-CT
  -A DOCKER-CT -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  -A DOCKER-CT -o bridge1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

And:
  -A FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER
Is transformed into a per-bridge rule in new chain DOCKER-BRIDGE:
  -A DOCKER-FORWARD -j DOCKER-BRIDGE
  -A DOCKER-BRIDGE -o docker0 -j DOCKER
  -A DOCKER-BRIDGE -o bridge1 -j DOCKER

Signed-off-by: Rob Murray <rob.murray@docker.com>
2025-02-25 15:24:25 +00:00
..
TestUserChain_iptables-false_append-false_fwdafter4
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-false_append-false_fwdafter6
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-false_append-false_fwdinit4
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-false_append-false_fwdinit6
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-true_append-false_dockerfwdafter4
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-false_dockerfwdafter6
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-false_dockerfwdinit4
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-false_dockerfwdinit6
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-false_fwdafter4
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-false_fwdafter6
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-false_fwdinit4
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-false_fwdinit6
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-false_usrafter4
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-true_append-false_usrafter6
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-true_append-true_dockerfwdafter4
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-true_dockerfwdafter6
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-true_dockerfwdinit4
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-true_dockerfwdinit6
Don't use ipset
2025-02-25 15:24:25 +00:00
TestUserChain_iptables-true_append-true_fwdafter4
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-true_fwdafter6
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-true_fwdinit4
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-true_fwdinit6
Add chain DOCKER-FORWARD
2025-02-24 17:09:09 +00:00
TestUserChain_iptables-true_append-true_usrafter4
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00
TestUserChain_iptables-true_append-true_usrafter6
Use golden testdata in TestUserChain
2024-12-17 09:14:25 +00:00