func createIPTablesManager(sysconfig sysconfig.Config, runner command_runner.CommandRunner, log lager.Logger) linux_container.IPTablesManager { filterChain := iptables_manager.NewFilterChain(&sysconfig.IPTables.Filter, runner, log.Session("iptables-manager-filter")) natChain := iptables_manager.NewNATChain(&sysconfig.IPTables.NAT, runner, log.Session("iptables-manager-nat")) return iptables_manager.New().AddChain(filterChain).AddChain(natChain) }
var err error fakeRunner = fake_command_runner.New() testCfg = &sysconfig.IPTablesFilterConfig{ InputChain: "filter-input-chain", ForwardChain: "filter-forward-chain", DefaultChain: "filter-default-chain", InstancePrefix: "filter-instance-prefix", } containerID = "some-ctr-id" bridgeName = "some-bridge" ip, network, err = net.ParseCIDR("1.2.3.4/28") Expect(err).NotTo(HaveOccurred()) chain = iptables_manager.NewFilterChain(testCfg, fakeRunner, lagertest.NewTestLogger("test")) }) Describe("Setup", func() { var specs []fake_command_runner.CommandSpec BeforeEach(func() { expectedFilterInstanceChain := testCfg.InstancePrefix + containerID specs = []fake_command_runner.CommandSpec{ fake_command_runner.CommandSpec{ Path: "iptables", Args: []string{"--wait", "-N", expectedFilterInstanceChain}, }, fake_command_runner.CommandSpec{ Path: "iptables", Args: []string{"--wait", "-A", expectedFilterInstanceChain,