ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity
1,498 Commits 6 Branches 48 Tags
Commit Graph

72 Commits

Author SHA1 Message Date
Casey Callendrello
152e7a48e4 go mod tidy 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2022-01-19 18:24:47 +01:00
Michael Zappa
5d073d690c plugins: replace arping package with arp_notify 
this replaces the arping package with the linux arp_notify feature.

Resolves: #588
Signed-off-by: Michael Zappa <Michael.Zappa@stateless.net>
 2022-01-06 20:53:54 -07:00
Matt Dupre
f1f128e3c9
Merge pull request #639 from EdDev/bridge-macspoofchk 
bridge: Add macspoofchk support
 2021-10-06 08:39:10 -07:00
Edward Haas
081ed44a1d bridge: Add macspoofchk support 
The new macspoofchk field is added to the bridge plugin to support
anti-mac-spoofing.
When the parameter is enabled, traffic is limited to the mac addresses
of the container interface (the veth peer that is placed in the
container ns).
Any traffic that exits the pod is checked against the source mac address
that is expected. If the mac address is different, the frames are
dropped.

The implementation is using nftables and should only be used on nodes
that support it.

Signed-off-by: Edward Haas <edwardh@redhat.com>
 2021-09-14 12:46:15 +03:00
Casey Callendrello
62952ffdac vendor: bump to libcni v1.0.1 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-09-07 15:43:54 +02:00
Casey Callendrello
0818512c7a vendor: bump all direct dependencies 
Just good hygiene.

Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-08-10 14:55:43 +02:00
Casey Callendrello
9b1666d489 vendor: bump to libcni v1.0 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-08-10 14:55:43 +02:00
Michael Cambria
d6bf1eac6c Update to lastest vendor/github.com/vishvananda/netlink 
Signed-off-by: Michael Cambria <mcambria@redhat.com>
 2021-05-05 11:17:59 -04:00
Casey Callendrello
33a29292da vendor: bump to libcni v1.0-rc1 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-05-04 17:45:44 -04:00
Sebastiaan van Stijn
2eac102887
go.mod: github.com/j-keck/arping v1.0.1 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:34 +02:00
Sebastiaan van Stijn
f4d2925220
go.mod: github.com/buger/jsonparser v1.1.1 
Fix CVE-2020-35381

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:32 +02:00
Sebastiaan van Stijn
c3d01539d5
go.mod: github.com/alexflint/go-filemutex v1.1.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:30 +02:00
Sebastiaan van Stijn
75b64e0f60
go.mod github.com/Microsoft/hcsshim v0.8.16 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:28 +02:00
Sebastiaan van Stijn
bc856372bb
go.mod: godbus/dbus/v5 v5.0.3, coreos/go-systemd v22.2.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:25 +02:00
Sebastiaan van Stijn
d2d89ddfad
go.mod: github.com/mattn/go-shellwords v1.0.11 
adds go module support, among others

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:23 +02:00
Sebastiaan van Stijn
59a6259f8c
go.mod: github.com/sirupsen/logrus v1.8.1 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-04-09 00:07:19 +02:00
Dan Williams
9e2430bb80 vendor: bump CNI to 1.0.0-pre @ 62e54113 
go get github.com/containernetworking/cni@62e54113f44a762923fd2ef3115cda92a2111ca2
go mod vendor
go mod tidy

Signed-off-by: Dan Williams <dcbw@redhat.com>
 2021-02-11 23:27:07 -06:00
Casey Callendrello
74a6b28a2c vendor: bump libcni 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2021-02-03 14:38:29 +01:00
toby lorne
23a1d90e0b deps: bump coreos/go-iptables 
Closes #544

The above issue describes a situation where using the bridge plugin
with IPv6 addresses prevented `DEL` from working correctly.

`DEL` seems to be failing in the body of `TeardownIPMasq`

This arises because:

* twice delete postrouting rules: `ipn.String()` `ipn.IP.String()` #279
* we are using a version of go-iptables which is bugged for v6

PR github.com/coreos/go-iptables/pull/74 describes why this does
not work. The error message is not being checked correctly.

Using a later version of go-iptables means that
* when the second `ipt.Delete` fails (this is okay)
* we will correctly interpret this as an non-fatal error
* `TeardownIPMasq` will not prematurely exit the method
* `ipt.ClearChain` now can run
* `ipt.DeleteChain` now can run

This explains why this was working for v4 but not v6

This commit was amended to include v0.5.0 instead of a pseudo-version
v0.4.6-0.20200318170312-12696f5c9108

Signed-off-by: toby lorne <toby@toby.codes>
 2021-01-05 19:28:14 +00:00
Casey Callendrello
b47d178ae0 vendor: bump ginkgo, gover 
Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2020-12-08 16:33:10 +01:00
Antonio Ojea
c41c78b600 update netlink dependencies 
Signed-off-by: Antonio Ojea <aojea@redhat.com>
 2020-11-17 23:32:35 +01:00
Federico Paolinelli
362f5d626a Update github.com/vishvananda/netlink to v1.1.0 
Latest version allows to set a VRF device as master and not only
a bridge one.

Signed-off-by: Federico Paolinelli <fpaoline@redhat.com>
 2020-10-14 17:40:50 +02:00
Dan Williams
c50490eb76 cni: bump to 0.8.0 
Signed-off-by: Dan Williams <dcbw@redhat.com>
 2020-08-05 14:12:09 -05:00
Dan Williams
01a8de9997 Bump Go version to 1.13 and 1.14 
Signed-off-by: Dan Williams <dcbw@redhat.com>
 2020-08-05 14:12:09 -05:00
Bruce Ma
486ef96e6f [DO NOT REVIEW] vendor upate to remove useless dependencies 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2020-03-17 14:30:28 +08:00
Antonio Ojea
5a02c5bc61
bump go-iptables module to v0.4.5 
bump the go-iptables module to v0.4.5 to avoid
concurrency issues with the portmap plugin and
errors related to iptables not able to hold the
lock.

Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
 2019-12-16 17:42:20 +01:00
Bruce Ma
b76ace9c64 bump up libcni to v0.7.1 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-08-23 20:24:16 +08:00
Michael Cambria
91a68d56f9 Vendor update go-iptables to obtain commit f1d0510cabcb710d5c5dd284096f81444b9d8d10 
Update go.mod & go.sub
 2019-08-07 10:56:30 -04:00
Nathan Gieseker
d42007865a update iptables 2019-06-26 02:14:56 -07:00
Nathan Gieseker
ce60e8eb3d dhcp module update 2019-06-26 02:07:24 -07:00
Nathan Gieseker
addbcd34b4 update ethtool 2019-06-26 02:07:24 -07:00
Nathan Gieseker
e8c953999e vendor update 2019-06-26 02:07:24 -07:00
Bruce Ma
93919752fb bump containernetworking/cni up to v0.7.1 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-06-18 20:49:51 +08:00
Moshe Levi
2753b9af8f fix compilation error on 386 
Update github.com/safchain/ethtool to fix the compilation
error on 386. Also added 386 to the tarvis yaml.

Fixes #322

Signed-off-by: Moshe Levi <moshele@mellanox.com>
 2019-05-24 23:43:37 +03:00
Casey Callendrello
0950a3607b
Merge pull request #279 from mars1024/bugfix/ipmasq_source 
change source of ipmasq rule from ipn to ip
 2019-05-10 13:40:17 +02:00
Casey Callendrello
29801c45a7 vendor: bump cni to v0.7.0 2019-04-30 15:46:12 +02:00
Bruce Ma
12b426a921 update go-iptables to v0.4.1 to fix CI broken 2019-04-26 20:34:46 +08:00
Michal Rostecki
eb66fc201c vendor: Add github.com/godbus/dbus 
Signed-off-by: Michal Rostecki <mrostecki@suse.com>
 2019-04-12 14:37:21 -04:00
Dan Williams
e9e1d37309
Merge pull request #231 from SchSeba/add-vlan-tag-to-bridge 
Added vlan tag to the bridge cni plugin.
 2019-04-11 11:58:33 -05:00
Casey Callendrello
e028b70b49 vendor: bump libcni to v0.7.0-rc2 2019-04-10 17:16:27 +02:00
Sebastian Sch
dc536993e2 vendor folder bump. 2019-04-04 16:39:05 +03:00
Nathan Gieseker
9a429d8d25 Windows: Updates Windows Vendoring 
Updates windows dependent libraries for vendoing.
 2019-01-23 18:43:18 -08:00
Michael Cambria
0af31fc4d0 Change dhcp plugin to send ClientID allowing container to have multiple CNI 
interfaces using dhcp ipam.

Vendor latest dhcp4server, dhcp4client, dhcp4

Added additional tests for new functionality in dhcp2_test.go

Wrap d2g dhcp4client calls with our own which add clientID to packet.
 2018-11-15 11:31:56 -05:00
Michael Cambria
ddbf22f7f9 Vendor github.com/containernetworking/cni libcni and pkg file needed for CHECK 
Update plugins/tests to deal with changes made to this vendor'ed code
 2018-11-05 16:35:03 -05:00
Michael Cambria
1e4d47fc35 Fix vendor regression in dhcp4server 2018-09-27 11:04:14 -04:00
MaiWJ
e1d29e9fe4 Update Vendor 
(*) github.com/Microsoft/hcsshim
    (*) golang.org/x/sys
    (*) github.com/x/cyrpto
    (*) github.com/sirupsen/logrus
    (*) github.com/Microsoft/go-winio
    (*) github.com/juju/errors
    (*) github.com/buger/jsonparser
 2018-09-21 00:34:07 +08:00
Casey Callendrello
e4fdb6cd18 vendor: bump cni to v0.7.0-alpha0. 
This will break building, as the plugins will need to be updated for
the new signatures.
 2018-06-13 17:14:35 +02:00
Luca Bruno
50d626fe02
vendor: bump go-systemd to v17 2018-05-28 12:33:21 +00:00
Casey Callendrello
56989e2380
Merge pull request #124 from squeed/masq-del 
pkg/ip: Tearing down ipmasq should be idempotent
 2018-03-07 17:40:21 +01:00
Casey Callendrello
fa2bf4c210 vendor: bump go-iptables 2018-02-21 15:35:43 +01:00