Closed rst0git closed 5 months ago
Attention: 5 lines
in your changes are missing coverage. Please review.
Comparison is base (
50aa6da
) 70.51% compared to head (b7482ae
) 70.62%.:exclamation: Current head b7482ae differs from pull request most recent head e35df4d. Consider uploading reports for the commit e35df4d to get more accurate results
Files | Patch % | Lines |
---|---|---|
criu/net.c | 76.19% | 5 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Great job, Radostin!
LGTM.
to discuss: probably at some point it makes sense to change NETWORK_LOCK_DEFAULT
value to NETWORK_LOCK_NFTABLES
.
When iptables-nft is used as backend for iptables, the rules for network locking are translated into the following nft rules:
These rules create the following chains:
In order to delete the CRIU chain, we need to first delete all four jump targets. Otherwise,
-X CRIU
would fail with the following error:Fixes: #2313