Use IpTables::ExecvNonRoot for adding user-traffic mark rules
Previously, the iptables function
IpTables::ApplyRuleForUserTrafficWithVersion used a brillo::ProcessImpl
for adding rules to mark user traffic during IpTables::ApplyVpnSetup.
This commit replaces the ProcessImpl with a call to ExecvNonRoot so that
all ip related commands are issued with this function. This makes
handling and testing command failures in ApplyVpnSetup easier.
TEST=Openvpn: Manually connect and disconnect to CrOS_NetgearAC_Platform-5GHz
using openvpn client on veyron_minnie-cheets board.
Third-Party: Install Cisco AnyConnect. Connect to test lab network
CrOS_NetgearAC_Platform-5GHz. Hit "Add New Connection" button in
AnyConnect home screen. Enter wifi test lab openconnect server IP
(172.18.10.12). Select test connection in system VPN menu. Run
`route` in cros shell to get the IP address assigned to tun0. Pinging
this IP was successful on veyron_minnie-cheets.
Commit-Ready: Kevin Cernekee <firstname.lastname@example.org>
Tested-by: Ian Wyszynski <email@example.com>
Reviewed-by: Ian Wyszynski <firstname.lastname@example.org>
Reviewed-by: Kevin Cernekee <email@example.com>
1 file changed