// applyRules renders desired rules and passes them as stdin to iptables-restore.
func (i *IPTsaveFirewall) applyRules(iptables *iptsave.IPtables) error {
cmd := i.os.Cmd(iptablesRestoreBin, []string{"--noflush"})
reader := bytes.NewReader([]byte(iptables.Render()))
log.Tracef(trace.Inside, "In applyRules allocating stdin pipe")
stdin, err := cmd.StdinPipe()
if err != nil {
return fmt.Errorf("Failed to allocate stdin for iptables-restore - %s", err)
}
log.Tracef(trace.Inside, "In applyRules starting the command")
if err := cmd.Start(); err != nil {
return err
}
log.Tracef(trace.Inside, "In applyRules sending the rules")
_, err = reader.WriteTo(stdin)
if err != nil {
return err
}
stdin.Close()
log.Tracef(trace.Inside, "In applyRules waiting for command to complete")
if err := cmd.Wait(); err != nil {
log.Tracef(trace.Inside, "In applyRules failed to apply")
return err
}
return nil
}
func main() {
flag.Parse()
ipt := iptsave.IPtables{}
ipt.Parse(os.Stdin)
fmt.Println(ipt.Render())
}