Add bridge-nf-call-iptables/bridge-nf-call-ipv6tables to docker info

Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-06-17 09:19:11 +08:00 · 2015-06-17 09:19:11 +08:00 · ba8bb0c1d7
commit ba8bb0c1d7
parent bfdf63d37c
2 changed files with 24 additions and 7 deletions
--- a/sysinfo/sysinfo.go
+++ b/sysinfo/sysinfo.go
@ -3,11 +3,13 @@ package sysinfo
 // SysInfo stores information about which features a kernel supports.
 // TODO Windows: Factor out platform specific capabilities.
 type SysInfo struct {
-	MemoryLimit            bool
-	SwapLimit              bool
-	CpuCfsPeriod           bool
-	CpuCfsQuota            bool
-	IPv4ForwardingDisabled bool
-	AppArmor               bool
-	OomKillDisable         bool
+	MemoryLimit                   bool
+	SwapLimit                     bool
+	CpuCfsPeriod                  bool
+	CpuCfsQuota                   bool
+	IPv4ForwardingDisabled        bool
+	AppArmor                      bool
+	OomKillDisable                bool
+	BridgeNfCallIptablesDisabled  bool
+	BridgeNfCallIp6tablesDisabled bool
 }
--- a/sysinfo/sysinfo_linux.go
+++ b/sysinfo/sysinfo_linux.go
@ -63,6 +63,21 @@ func New(quiet bool) *SysInfo {
 		}
 	}

+	// Check if bridge-nf-call-iptables is disabled.
+	if data, err := ioutil.ReadFile("/proc/sys/net/bridge/bridge-nf-call-iptables"); os.IsNotExist(err) {
+		sysInfo.BridgeNfCallIptablesDisabled = true
+	} else {
+		enabled, _ := strconv.Atoi(strings.TrimSpace(string(data)))
+		sysInfo.BridgeNfCallIptablesDisabled = enabled == 0
+	}
+	// Check if bridge-nf-call-ip6tables is disabled.
+	if data, err := ioutil.ReadFile("/proc/sys/net/bridge/bridge-nf-call-ip6tables"); os.IsNotExist(err) {
+		sysInfo.BridgeNfCallIp6tablesDisabled = true
+	} else {
+		enabled, _ := strconv.Atoi(strings.TrimSpace(string(data)))
+		sysInfo.BridgeNfCallIp6tablesDisabled = enabled == 0
+	}
+
 	// Check if AppArmor is supported.
 	if _, err := os.Stat("/sys/kernel/security/apparmor"); os.IsNotExist(err) {
 		sysInfo.AppArmor = false