func createIPTablesManager(sysconfig sysconfig.Config, runner command_runner.CommandRunner, log lager.Logger) linux_container.IPTablesManager {
filterChain := iptables_manager.NewFilterChain(&sysconfig.IPTables.Filter, runner, log.Session("iptables-manager-filter"))
natChain := iptables_manager.NewNATChain(&sysconfig.IPTables.NAT, runner, log.Session("iptables-manager-nat"))
return iptables_manager.New().AddChain(filterChain).AddChain(natChain)
}
var err error
fakeRunner = fake_command_runner.New()
testCfg = &sysconfig.IPTablesFilterConfig{
InputChain: "filter-input-chain",
ForwardChain: "filter-forward-chain",
DefaultChain: "filter-default-chain",
InstancePrefix: "filter-instance-prefix",
}
containerID = "some-ctr-id"
bridgeName = "some-bridge"
ip, network, err = net.ParseCIDR("1.2.3.4/28")
Expect(err).NotTo(HaveOccurred())
chain = iptables_manager.NewFilterChain(testCfg, fakeRunner, lagertest.NewTestLogger("test"))
})
Describe("Setup", func() {
var specs []fake_command_runner.CommandSpec
BeforeEach(func() {
expectedFilterInstanceChain := testCfg.InstancePrefix + containerID
specs = []fake_command_runner.CommandSpec{
fake_command_runner.CommandSpec{
Path: "iptables",
Args: []string{"--wait", "-N", expectedFilterInstanceChain},
},
fake_command_runner.CommandSpec{
Path: "iptables",
Args: []string{"--wait", "-A", expectedFilterInstanceChain,
