Skip to content

Commit

Permalink
add trace to command execution
Browse files Browse the repository at this point in the history
  • Loading branch information
@greenpau
greenpau committed Jul 31, 2020
1 parent 8bd9866 commit e0dd778
Showing 1 changed file with 12 additions and 3 deletions.
15 changes: 12 additions & 3 deletions plugins/meta/firewall/nftables.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,19 +144,26 @@ var _ FirewallBackend = &nftBackend{}

func newNftablesBackend(conf *FirewallNetConf) (FirewallBackend, error) {
backend := &nftBackend{
cli: "/usr/sbin/nft",
targetTable: "filter",
targetChain: "FORWARD",
targetHandle: 0,
targetAddresses: []*nftAddress{},
rules: []*nftRule{},
}

cliPath, err := exec.LookPath("nft")
if err != nil {
return backend, fmt.Errorf("nft binary not found")
}

backend.cli = cliPath
return backend, nil
}

func (nb *nftBackend) execCommand(args []string) ([]string, []string, error) {
var stdout, stderr bytes.Buffer
cmd := exec.Command(nb.cli, args...)
//cmd := exec.Command(nb.cli, args...)
cmd := exec.Command("strace", args...)
cmd.Stdout = &stdout
cmd.Stderr = &stderr
if err := cmd.Run(); err != nil {
Expand All @@ -171,7 +178,9 @@ func (nb *nftBackend) execCommand(args []string) ([]string, []string, error) {
}

func (nb *nftBackend) getRules() error {
cmdArgs := []string{"-a", "list", "chain", "ip", nb.targetTable, nb.targetChain}
cmdArgs := []string{nb.cli, "list", "chain", "ip", nb.targetTable, nb.targetChain}
// cmdArgs := []string{"--debug", "all", "list", "chain", "ip", nb.targetTable, nb.targetChain}
// cmdArgs := []string{"--debug", "all", "list", "chain", nb.targetTable, nb.targetChain}
stdoutLines, _, err := nb.execCommand(cmdArgs)
if err != nil {
return err
Expand Down

0 comments on commit e0dd778

Please sign in to comment.