Initial ipv6 / iptables work

pkg/util/iptables/iptables.go

@@ -34,8 +34,17 @@ type Interface interface {
 	EnsureRule(table Table, chain Chain, args ...string) (bool, error)
 	// DeleteRule checks if the specified rule is present and, if so, deletes it.
 	DeleteRule(table Table, chain Chain, args ...string) error
+	// IsIpv6 returns true if this is managing ipv6 tables
+	IsIpv6() bool
 }
 
+type Protocol bool
+
+const (
+	ProtocolIpv4 Protocol = false
+	ProtocolIpv6 Protocol = true
+)
+
 type Table string
 
 const (
@@ -51,13 +60,14 @@ const (
 
 // runner implements Interface in terms of exec("iptables").
 type runner struct {
-	mu   sync.Mutex
-	exec utilexec.Interface
+	mu       sync.Mutex
+	exec     utilexec.Interface
+	protocol Protocol
 }
 
 // New returns a new Interface which will exec iptables.
-func New(exec utilexec.Interface) Interface {
-	return &runner{exec: exec}
+func New(exec utilexec.Interface, protocol Protocol) Interface {
+	return &runner{exec: exec, protocol: protocol}
 }
 
 // EnsureChain is part of Interface.
@@ -135,8 +145,20 @@ func (runner *runner) DeleteRule(table Table, chain Chain, args ...string) error
 	return nil
 }
 
+func (runner *runner) IsIpv6() bool {
+	return runner.protocol == ProtocolIpv6
+}
+
+func (runner *runner) iptablesCommand() string {
+	if runner.IsIpv6() {
+		return "ip6tables"
+	} else {
+		return "iptables"
+	}
+}
+
 func (runner *runner) run(op operation, args []string) ([]byte, error) {
-	const iptablesCmd = "iptables"
+	iptablesCmd := runner.iptablesCommand()
 
 	fullArgs := append([]string{string(op)}, args...)
 	glog.V(1).Infof("running iptables %s %v", string(op), args)