Home Explore Help
Register Sign In
scw
/
go-iptables
mirror of https://github.com/coreos/go-iptables
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Add another pattern to IsNotExist

With iptables-nft, this can happen:

    process 1                       process 2
    ask kernel if chain X exists    ask kernel if chain X exists
      --> yes                         --> yes
                                    ask kernel to delete chain X
                                      --> OK
    ask kernel to delete chain X
      --> ENOENT

You only get the normal "chain doesn't exist" error message if the
initial check fails; if another process deletes the chain after that,
then it outputs the raw kernel error. (This can happen in the
containernetworking/plugins tests.)

So make IsNotExist recognize "No such file or directory".
Dan Winship 1 year ago
parent
fa6abe8703
commit
b299a5bead
1 changed files with 2 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      iptables/iptables.go

+ 2 - 1
iptables/iptables.go
View File 

@@ -52,7 +52,8 @@ func (e *Error) IsNotExist() bool {
 
 	}
 
 	msgNoRuleExist := "Bad rule (does a matching rule exist in that chain?).\n"
 
 	msgNoChainExist := "No chain/target/match by that name.\n"
 
-	return strings.Contains(e.msg, msgNoRuleExist) || strings.Contains(e.msg, msgNoChainExist)
 
+	msgENOENT := "No such file or directory"
 
+	return strings.Contains(e.msg, msgNoRuleExist) || strings.Contains(e.msg, msgNoChainExist) || strings.Contains(e.msg, msgENOENT)
 
 }
 
 
 // Protocol to differentiate between IPv4 and IPv6