From 2d7bfa2f2c9c72dc6d8171b4a22618aeebcf91df Mon Sep 17 00:00:00 2001 From: Mingzhen Feng Date: Thu, 16 Apr 2015 15:09:36 +0800 Subject: [PATCH] Removal of the regex to replace ips Signed-off-by: Mingzhen Feng Upstream-commit: 3ab7ceb5d7aaa5fc04af98aae4115201ebae13ee Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 35 +++++++++++++++++++ components/engine/pkg/iptables/iptables.go | 10 +----- 2 files changed, 36 insertions(+), 9 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index b2eb46bd07..030c670ae3 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -564,6 +564,41 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { deleteInterface(c, defaultNetworkBridge) } +func (s *DockerDaemonSuite) TestDaemonRestartWithBridgeIPChange(c *check.C) { + if err := s.d.Start(); err != nil { + c.Fatalf("Could not start daemon: %v", err) + } + defer s.d.Restart() + if err := s.d.Stop(); err != nil { + c.Fatalf("Could not stop daemon: %v", err) + } + + // now we will change the docker0's IP and then try starting the daemon + bridgeIP := "192.169.100.1/24" + _, bridgeIPNet, _ := net.ParseCIDR(bridgeIP) + + ipCmd := exec.Command("ifconfig", "docker0", bridgeIP) + stdout, stderr, _, err := runCommandWithStdoutStderr(ipCmd) + if err != nil { + c.Fatalf("failed to change docker0's IP association: %v, stdout: %q, stderr: %q", err, stdout, stderr) + } + + if err := s.d.Start("--bip", bridgeIP); err != nil { + c.Fatalf("Could not start daemon: %v", err) + } + + //check if the iptables contains new bridgeIP MASQUERADE rule + ipTablesSearchString := bridgeIPNet.String() + ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL") + out, _, err := runCommandWithOutput(ipTablesCmd) + if err != nil { + c.Fatalf("Could not run iptables -nvL: %s, %v", out, err) + } + if !strings.Contains(out, ipTablesSearchString) { + c.Fatalf("iptables output should have contained new MASQUERADE rule with IP %q, but was %q", ipTablesSearchString, out) + } +} + func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { d := s.d diff --git a/components/engine/pkg/iptables/iptables.go b/components/engine/pkg/iptables/iptables.go index f772a33ca7..9cf1bbfa5c 100644 --- a/components/engine/pkg/iptables/iptables.go +++ b/components/engine/pkg/iptables/iptables.go @@ -5,7 +5,6 @@ import ( "fmt" "net" "os/exec" - "regexp" "strconv" "strings" "sync" @@ -267,14 +266,7 @@ func Exists(table Table, chain string, rule ...string) bool { ruleString := strings.Join(rule, " ") existingRules, _ := exec.Command(iptablesPath, "-t", string(table), "-S", chain).Output() - // regex to replace ips in rule - // because MASQUERADE rule will not be exactly what was passed - re := regexp.MustCompile(`[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/[0-9]{1,2}`) - - return strings.Contains( - re.ReplaceAllString(string(existingRules), "?"), - re.ReplaceAllString(ruleString, "?"), - ) + return strings.Contains(string(existingRules), ruleString) } // Call 'iptables' system command, passing supplied arguments