Skip to content

Commit c3b1124

Browse files
robmryrobmry
committed
Experimental! Reload nftables on SIGHUP
Signed-off-by: Rob Murray <[email protected]>
1 parent 7889037 commit c3b1124

File tree

1 file changed

+17
-0
lines changed

1 file changed

+17
-0
lines changed

libnetwork/drivers/bridge/internal/nftabler/nftabler.go

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,13 @@ package nftabler
55
import (
66
"context"
77
"fmt"
8+
"os"
9+
"os/signal"
810

911
"github.com/docker/docker/libnetwork/drivers/bridge/internal/firewaller"
1012
"github.com/docker/docker/libnetwork/internal/nftables"
1113
"go.opentelemetry.io/otel"
14+
"golang.org/x/sys/unix"
1215
)
1316

1417
// Prefix for OTEL span names.
@@ -80,6 +83,20 @@ func NewNftabler(ctx context.Context, config firewaller.Config) (firewaller.Fire
8083
}
8184
}
8285

86+
// FIXME(robmry) - locking!
87+
c := make(chan os.Signal, 1)
88+
signal.Notify(c, unix.SIGHUP)
89+
go func() {
90+
for range c {
91+
if nft.IPv4 {
92+
nft.table4.Reload(ctx)
93+
}
94+
if nft.IPv6 {
95+
nft.table6.Reload(ctx)
96+
}
97+
}
98+
}()
99+
83100
return nft, nil
84101
}
85102

0 commit comments

Comments
 (0)