Support EndPort field#75
Merged
zeeke merged 5 commits intok8snetworkplumbingwg:masterfrom Apr 28, 2025
Merged
Conversation
Bumped dependency with commands: ``` $ go get github.com/k8snetworkplumbingwg/multi-networkpolicy@v1.0.1 go: downloading github.com/k8snetworkplumbingwg/multi-networkpolicy v1.0.1 go: downloading k8s.io/code-generator v0.28.8 go: downloading k8s.io/gengo v0.0.0-20220902162205-c0856e24416d go: downloading k8s.io/klog v1.0.0 go: downloading golang.org/x/tools v0.16.1 go: downloading golang.org/x/mod v0.14.0 go: upgraded github.com/k8snetworkplumbingwg/multi-networkpolicy v0.0.0-20200903074708-7b3ce95ae804 => v1.0.1 $ go mod tidy $ go mod vendor ``` Signed-off-by: Andrea Panattoni <apanatto@redhat.com>
This commit simply adds a small conditional checking whether port.EndPort is not nil, in which case it writes the iptable rule with flag `--dport N:N`, else it write the same iptables rule as before.
Verfies that a port specification which includes endPort writes the expected iptables rule with `--dport N:N`, and that one that doesn't include endPort writes the normal iptables rule with `--dport N`.
This was an oversight on my part, as our use case only requires ingress rules, but the functionality needs to be available for both ingress and egress rules. Additionally, I reformated the logic, per PR reviewer suggestions, to eliminate some redudnacy and make the code cleaner and more readable.
Pull Request Test Coverage Report for Build 14535937923Details
💛 - Coveralls |
zeeke
added a commit
to zeeke/multi-networkpolicy-iptables
that referenced
this pull request
Apr 28, 2025
Add end2end test cases for - k8snetworkplumbingwg#75 Signed-off-by: Andrea Panattoni <apanatto@redhat.com>
Cellebyte
pushed a commit
to telekom/multi-networkpolicy-nftables
that referenced
this pull request
Sep 15, 2025
Support `EndPort` field
Cellebyte
pushed a commit
to telekom/multi-networkpolicy-nftables
that referenced
this pull request
Sep 15, 2025
Add end2end test cases for - k8snetworkplumbingwg#75 Signed-off-by: Andrea Panattoni <apanatto@redhat.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
MultiNetworkPolicy API v1.0.1 supports EndPort fields in rules.
This PR elaborates on @nkinkade's work
To support such fields in the iptables implementation
cc @nkinkade, @dougbtv , @s1061123