Use IpTables::ExecvNonRoot for adding user-traffic mark rules

Previously, the iptables function
IpTables::ApplyRuleForUserTrafficWithVersion used a brillo::ProcessImpl
for adding rules to mark user traffic during IpTables::ApplyVpnSetup.
This commit replaces the ProcessImpl with a call to ExecvNonRoot so that
all ip related commands are issued with this function. This makes
handling and testing command failures in ApplyVpnSetup easier.

TEST=Openvpn: Manually connect and disconnect to CrOS_NetgearAC_Platform-5GHz
using openvpn client on veyron_minnie-cheets board.
Third-Party: Install Cisco AnyConnect. Connect to test lab network
CrOS_NetgearAC_Platform-5GHz. Hit "Add New Connection" button in
AnyConnect home screen. Enter wifi test lab openconnect server IP
( Select test connection in system VPN menu. Run
`route` in cros shell to get the IP address assigned to tun0. Pinging
this IP was successful on veyron_minnie-cheets.

Change-Id: I16ea79cac09a30fecb750832a7646b6d20c01ba4
Commit-Ready: Kevin Cernekee <>
Tested-by: Ian Wyszynski <>
Reviewed-by: Ian Wyszynski <>
Reviewed-by: Kevin Cernekee <>
1 file changed