Update libnetwork vendoring
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
diff --git a/hack/vendor.sh b/hack/vendor.sh
index 44b46e6..6839432 100755
--- a/hack/vendor.sh
+++ b/hack/vendor.sh
@@ -55,7 +55,7 @@
clone hg code.google.com/p/gosqlite 74691fb6f837
#get libnetwork packages
-clone git github.com/docker/libnetwork e578e95aa101441481411ff1d620f343895f24fe
+clone git github.com/docker/libnetwork b116b5c0d20ee4021297fa92b7db4429a622c044
clone git github.com/vishvananda/netns 5478c060110032f972e86a1f844fdb9a2f008f2c
clone git github.com/vishvananda/netlink 8eb64238879fed52fd51c5b30ad20b928fb4c36c
diff --git a/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go b/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go
index ccdf204..a0a3987 100644
--- a/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go
+++ b/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go
@@ -10,6 +10,7 @@
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/ipallocator"
+ "github.com/docker/libnetwork/iptables"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/netutils"
"github.com/docker/libnetwork/options"
@@ -109,6 +110,9 @@
if out, err := exec.Command("modprobe", "-va", "bridge", "nf_nat", "br_netfilter").Output(); err != nil {
logrus.Warnf("Running modprobe bridge nf_nat failed with message: %s, error: %v", out, err)
}
+ if err := iptables.RemoveExistingChain(DockerChain, iptables.Nat); err != nil {
+ logrus.Warnf("Failed to remove existing iptables entries in %s : %v", DockerChain, err)
+ }
return dc.RegisterDriver(networkType, newDriver())
}
diff --git a/vendor/src/github.com/docker/libnetwork/iptables/iptables.go b/vendor/src/github.com/docker/libnetwork/iptables/iptables.go
index 481013a..707ddb7 100644
--- a/vendor/src/github.com/docker/libnetwork/iptables/iptables.go
+++ b/vendor/src/github.com/docker/libnetwork/iptables/iptables.go
@@ -99,7 +99,8 @@
case Nat:
preroute := []string{
"-m", "addrtype",
- "--dst-type", "LOCAL"}
+ "--dst-type", "LOCAL",
+ "-j", c.Name}
if !Exists(Nat, "PREROUTING", preroute...) {
if err := c.Prerouting(Append, preroute...); err != nil {
return nil, fmt.Errorf("Failed to inject docker in PREROUTING chain: %s", err)
@@ -107,7 +108,8 @@
}
output := []string{
"-m", "addrtype",
- "--dst-type", "LOCAL"}
+ "--dst-type", "LOCAL",
+ "-j", c.Name}
if !hairpinMode {
output = append(output, "!", "--dst", "127.0.0.0/8")
}
@@ -228,7 +230,7 @@
if len(args) > 0 {
a = append(a, args...)
}
- if output, err := Raw(append(a, "-j", c.Name)...); err != nil {
+ if output, err := Raw(a...); err != nil {
return err
} else if len(output) != 0 {
return ChainError{Chain: "PREROUTING", Output: output}
@@ -242,7 +244,7 @@
if len(args) > 0 {
a = append(a, args...)
}
- if output, err := Raw(append(a, "-j", c.Name)...); err != nil {
+ if output, err := Raw(a...); err != nil {
return err
} else if len(output) != 0 {
return ChainError{Chain: "OUTPUT", Output: output}
@@ -254,9 +256,9 @@
func (c *Chain) Remove() error {
// Ignore errors - This could mean the chains were never set up
if c.Table == Nat {
- c.Prerouting(Delete, "-m", "addrtype", "--dst-type", "LOCAL")
- c.Output(Delete, "-m", "addrtype", "--dst-type", "LOCAL", "!", "--dst", "127.0.0.0/8")
- c.Output(Delete, "-m", "addrtype", "--dst-type", "LOCAL") // Created in versions <= 0.1.6
+ c.Prerouting(Delete, "-m", "addrtype", "--dst-type", "LOCAL", "-j", c.Name)
+ c.Output(Delete, "-m", "addrtype", "--dst-type", "LOCAL", "!", "--dst", "127.0.0.0/8", "-j", c.Name)
+ c.Output(Delete, "-m", "addrtype", "--dst-type", "LOCAL", "-j", c.Name) // Created in versions <= 0.1.6
c.Prerouting(Delete)
c.Output(Delete)
diff --git a/vendor/src/github.com/docker/libnetwork/iptables/iptables_test.go b/vendor/src/github.com/docker/libnetwork/iptables/iptables_test.go
index afb3587..63d931c 100644
--- a/vendor/src/github.com/docker/libnetwork/iptables/iptables_test.go
+++ b/vendor/src/github.com/docker/libnetwork/iptables/iptables_test.go
@@ -48,6 +48,7 @@
"--dport", strconv.Itoa(port),
"-j", "DNAT",
"--to-destination", dstAddr + ":" + strconv.Itoa(dstPort),
+ "!", "-i", natChain.Bridge,
}
if !Exists(natChain.Table, natChain.Name, dnatRule...) {
@@ -130,16 +131,11 @@
t.Fatal(err)
}
- rule := []string{
- "-j", natChain.Name}
-
- rule = append(rule, args...)
-
- if !Exists(natChain.Table, "PREROUTING", rule...) {
+ if !Exists(natChain.Table, "PREROUTING", args...) {
t.Fatalf("rule does not exist")
}
- delRule := append([]string{"-D", "PREROUTING", "-t", string(Nat)}, rule...)
+ delRule := append([]string{"-D", "PREROUTING", "-t", string(Nat)}, args...)
if _, err = Raw(delRule...); err != nil {
t.Fatal(err)
}
@@ -155,17 +151,12 @@
t.Fatal(err)
}
- rule := []string{
- "-j", natChain.Name}
-
- rule = append(rule, args...)
-
- if !Exists(natChain.Table, "OUTPUT", rule...) {
+ if !Exists(natChain.Table, "OUTPUT", args...) {
t.Fatalf("rule does not exist")
}
delRule := append([]string{"-D", "OUTPUT", "-t",
- string(natChain.Table)}, rule...)
+ string(natChain.Table)}, args...)
if _, err = Raw(delRule...); err != nil {
t.Fatal(err)
}
