Adin Scannell
90ec596166
Fix licenses.
...
The preferred Copyright holder is "The gVisor Authors".
PiperOrigin-RevId: 291786657
2020-01-27 13:23:57 -08:00
Adin Scannell
d29e59af9f
Standardize on tools directory.
...
PiperOrigin-RevId: 291745021
2020-01-27 12:21:00 -08:00
Kevin Krakauer
747137c120
Address GitHub comments.
2020-01-22 10:23:44 -08:00
Kevin Krakauer
47bc7550c0
Fixing stuff
2020-01-21 13:37:25 -08:00
Kevin Krakauer
62357a0afb
Merge branch 'master' into iptables-write-filter-proto
2020-01-21 13:16:25 -08:00
Kevin Krakauer
95e9de31d2
Address Nic's comments.
2020-01-14 17:54:02 -08:00
Kevin Krakauer
bd29289409
Protocol filtering works.
2020-01-13 16:10:00 -08:00
Kevin Krakauer
d51eaa59c0
Merge branch 'iptables-write-input-drop' into iptables-write-filter-proto
2020-01-13 16:06:29 -08:00
Kevin Krakauer
31e49f4b19
Merge branch 'master' into iptables-write-input-drop
2020-01-13 12:22:15 -08:00
gVisor bot
b30cfb1df7
Merge pull request #1528 from kevinGC:iptables-write
...
PiperOrigin-RevId: 289479774
2020-01-13 11:26:26 -08:00
Kevin Krakauer
d793677cd4
I think INPUT works with protocol
2020-01-10 18:07:15 -08:00
Kevin Krakauer
d147e6d1b2
Cleaned up logs.
2020-01-10 13:58:46 -08:00
Kevin Krakauer
ff719159be
Confirmed that it works if I hardcode 17 in for pkt.Protocol. Need to address parsing the packet early :(
2020-01-09 15:38:21 -08:00
Kevin Krakauer
89d11b4d96
Added a test that we don't pass yet
2020-01-09 13:41:52 -08:00
Kevin Krakauer
aeb3a4017b
Working on filtering by protocol.
2020-01-08 22:10:35 -08:00
Kevin Krakauer
06e2366e96
Merge branch 'iptables-write' into iptables-write-input-drop
2020-01-08 20:05:02 -08:00
Kevin Krakauer
ae060a63d9
More GH comments.
2020-01-08 17:30:08 -08:00
Kevin Krakauer
0999ae8b34
Getting a panic when running tests. For some reason the filter table is
...
ending up with the wrong chains and is indexing -1 into rules.
2020-01-08 15:57:25 -08:00
Kevin Krakauer
b2a881784c
Built dead-simple traversal, but now getting depedency cycle error :'(
2020-01-08 14:48:47 -08:00
Kevin Krakauer
446a250996
Comment cleanup.
2020-01-08 11:20:48 -08:00
Kevin Krakauer
1e1921e2ac
Minor fixes to comments and logging
2020-01-08 11:15:46 -08:00
Kevin Krakauer
8cc1c35bbd
Write simple ACCEPT rules to the filter table.
...
This gets us closer to passing the iptables tests and opens up iptables
so it can be worked on by multiple people.
A few restrictions are enforced for security (i.e. we don't want to let
users write a bunch of iptables rules and then just not enforce them):
- Only the filter table is writable.
- Only ACCEPT rules with no matching criteria can be added.
2020-01-08 10:08:14 -08:00
Kevin Krakauer
2302afb53d
Reorder BUILD license and load functions in netstack.
...
PiperOrigin-RevId: 274672346
2019-10-14 15:21:59 -07:00
Kevin Krakauer
810cc07aab
Plumbing for iptables sockopts.
...
PiperOrigin-RevId: 261413396
2019-08-02 16:26:48 -07:00
gVisor bot
d60ae0ddee
Merge pull request #279 from kevinGC:iptables-1-pkg
...
PiperOrigin-RevId: 256231055
2019-07-02 13:48:06 -07:00
Kevin Krakauer
06a83df533
Address more comments.
...
Change-Id: I83ae1079f3dcba6b018f59ab7898decab5c211d2
2019-06-10 12:43:54 -07:00
Kevin Krakauer
8afbd974da
Address Ian's comments.
...
Change-Id: I7445033b1970cbba3f2ed0682fe520dce02d8fad
2019-06-07 12:54:53 -07:00
Kevin Krakauer
d58eb9ce82
Add basic iptables structures to netstack.
...
Change-Id: Ib589906175a59dae315405a28f2d7f525ff8877f
2019-05-31 16:14:04 -07:00