func iptablesDeleteOld(ipt iptables.Interface) {
// DEPRECATED: The iptablesOldPortalChain is from when we had a single chain
// for all rules. We'll unilaterally delete it here. We will remove this
// code at some future date (before 1.0).
ipt.DeleteRule(iptables.TableNAT, iptables.ChainPrerouting, "-j", string(iptablesOldPortalChain))
ipt.DeleteRule(iptables.TableNAT, iptables.ChainOutput, "-j", string(iptablesOldPortalChain))
ipt.FlushChain(iptables.TableNAT, iptablesOldPortalChain)
ipt.DeleteChain(iptables.TableNAT, iptablesOldPortalChain)
}
// Flush all of our custom iptables rules.
func iptablesFlush(ipt iptables.Interface) error {
el := []error{}
if err := ipt.FlushChain(iptables.TableNAT, iptablesContainerPortalChain); err != nil {
el = append(el, err)
}
if err := ipt.FlushChain(iptables.TableNAT, iptablesHostPortalChain); err != nil {
el = append(el, err)
}
if len(el) != 0 {
glog.Errorf("Some errors flushing old iptables portals: %v", el)
}
return errors.NewAggregate(el)
}
// Flush all of our custom iptables rules.
func iptablesFlush(ipt iptables.Interface) error {
return ipt.FlushChain(iptables.TableNAT, iptablesProxyChain)
}