kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

QEMU: Made firewall detction simplier and more robust

pull/16760/head
Steven Powell 2023-06-22 14:57:39 -07:00
parent 95de938511
commit 6ef429550e
1 changed files with 2 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/minikube/cmd/start.go
View File

@ -427,7 +427,7 @@ func isBootpdBlocked(cc config.ClusterConfig) bool {
klog.Warningf("failed to get firewall state: %v", err) klog.Warningf("failed to get firewall state: %v", err)
return false return false
} }
if !strings.Contains(string(out), "Firewall is enabled") { if regexp.MustCompile(`Firewall is disabled`).Match(out) {
return false return false
} }
out, err = exec.Command("/usr/libexec/ApplicationFirewall/socketfilterfw", "--listapps").Output() out, err = exec.Command("/usr/libexec/ApplicationFirewall/socketfilterfw", "--listapps").Output()
@ -435,17 +435,7 @@ func isBootpdBlocked(cc config.ClusterConfig) bool {
klog.Warningf("failed to list firewall apps: %v", err) klog.Warningf("failed to list firewall apps: %v", err)
return false return false
} }
if !strings.Contains(string(out), "/usr/libexec/bootpd") { return !regexp.MustCompile(`\/usr\/libexec\/bootpd.*\n.*\( Allow`).Match(out)
return true
}
parts := strings.Split(string(out), `/usr/libexec/bootpd
( `)
// if bootpd is not in application list it's blocked
if len(parts) == 1 {
return true
}
return strings.HasPrefix(parts[1], "Block")
} }
// unblockBootpdFirewall adds bootpd to the built-in macOS firewall and then unblocks it // unblockBootpdFirewall adds bootpd to the built-in macOS firewall and then unblocks it