portmap: fix iptables conditions detection

containernetworking / plugins

Some reference and example networking plugins, maintained by the CNI team.

Apache License 2.0

2.23k stars 788 forks source link

portmap: fix iptables conditions detection #1117

Open champtar opened 2 weeks ago

champtar commented 2 weeks ago

As show in the docs, iptables conditions can also start with '!'

Fixes 01a94e17c77e6ff8e5019e15c42d8d92cf87194f Fixes #1114

champtar commented 2 weeks ago

Tested with

{
  "type": "portmap",
  "capabilities": {"portMappings": true},
  "externalSetMarkChain": "KUBE-MARK-MASQ",
  "conditionsV4": ["!", "-d", "127.0.0.0/8", "-m", "iprange", "!", "--dst-range", "198.19.254.254"]
},

danwinship commented 2 weeks ago

ah, oops, yes /lgtm (but I'm not sure I can actually do that?) /assign @squeed

danwinship commented 2 weeks ago

(ah, lol, there's no prow at all here)

champtar commented 6 days ago

@squeed this one is also ready to be merged (just rebased)

champtar commented 4 days ago

@danwinship @squeed rebased and ready to merge