Merge pull request #873 from maiqueb/mac-spoof-remove-index-when-addi…

…ng-rules bridge, spoof check: remove drop rule index
containernetworking · Apr 17, 2023 · 71aa710 · 71aa710
2 parents 4a6147a + cac8230
commit 71aa710
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 3 deletions.
diff --git a/pkg/link/spoofcheck.go b/pkg/link/spoofcheck.go
@@ -195,12 +195,10 @@ func (sc *SpoofChecker) matchMacRule(chain string) *schema.Rule {
 }
 
 func (sc *SpoofChecker) dropRule(chain string) *schema.Rule {
-	macRulesIndex := nft.NewRuleIndex()
 	return &schema.Rule{
 		Family: schema.FamilyBridge,
 		Table:  natTableName,
 		Chain:  chain,
-		Index:  macRulesIndex.Next(),
 		Expr: []schema.Statement{
 			{Verdict: schema.Verdict{SimpleVerdict: schema.SimpleVerdict{Drop: true}}},
 		},

diff --git a/pkg/link/spoofcheck_test.go b/pkg/link/spoofcheck_test.go
@@ -254,7 +254,6 @@ func assertExpectedRulesInSetupConfig(c configurerStub) {
                     "comment":"macspoofchk-container99-net1"}},
                 {"rule":{"family":"bridge","table":"nat","chain":"cni-br-iface-container99-net1-mac",
                     "expr":[{"drop":null}],
-                    "index":0,
                     "comment":"macspoofchk-container99-net1"}}
             ]}`
 	ExpectWithOffset(1, string(jsonConfig)).To(MatchJSON(expectedConfig))