Skip to content

Commit

Permalink
chore(internal/iptables): exec iptables-restore directly
Browse files Browse the repository at this point in the history
iptables-restore was being executed via bash, which was unnecessary.
Executing directly is simpler and more reliable.

Fixes: jodevsa#79
  • Loading branch information
uhthomas committed May 9, 2024
1 parent 8565ade commit c744c41
Showing 1 changed file with 6 additions and 24 deletions.
30 changes: 6 additions & 24 deletions internal/iptables/iptables.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,36 +2,18 @@ package iptables

import (
"fmt"
"os/exec"
"strings"

"github.com/go-logr/logr"
"github.com/jodevsa/wireguard-operator/pkg/agent"
"github.com/jodevsa/wireguard-operator/pkg/api/v1alpha1"
"os"
"os/exec"
"strings"
)

func ApplyRules(rules string) error {
file, err := os.CreateTemp("/tmp", "iptables-")
if err != nil {
return err
}
defer os.RemoveAll(file.Name())

err = os.WriteFile(file.Name(), []byte(rules), 0640)

if err != nil {
return err
}

bashCommand := fmt.Sprintf("iptables-restore < %s", file.Name())
cmd := exec.Command("bash", "-c", bashCommand)

err = cmd.Run()
if err != nil {
return err
}

return nil
cmd := exec.Command("iptables-restore")
cmd.Stdin = strings.NewReader(rules)
return cmd.Run()
}

type Iptables struct {
Expand Down

0 comments on commit c744c41

Please sign in to comment.