ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity

Portmap: append, rather than prepend, entry rules

Browse Source 
This means that portmapped connections can be more easily controlled /
firewalled.
This commit is contained in:
Casey Callendrello
2019-02-26 11:43:35 +01:00
committed by Dan Williams
parent afd7391938
commit 9fab520c37
5 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/meta/portmap/chain_test.go
View File

@ -117,8 +117,8 @@ var _ = Describe("chain tests", func() {
Expect(err).NotTo(HaveOccurred())
Expect(haveRules).To(Equal([]string{
"-N " + tlChainName,
"-A " + tlChainName + " -d 203.0.113.1/32 -j " + testChain.name,
"-A " + tlChainName + ` -m comment --comment "canary value" -j ACCEPT`,
"-A " + tlChainName + " -d 203.0.113.1/32 -j " + testChain.name,
}))
// Check that the chain and rule was created