libnetwork/iptables: deprecate Passthrough

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d688389)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

libnetwork/iptables/firewalld.go

@@ -174,8 +174,15 @@ func checkRunning() bool {
 	return err == nil
 }
 
-// Passthrough method simply passes args through to iptables/ip6tables
+// Passthrough method simply passes args through to iptables/ip6tables.
+//
+// Deprecated: this function is only used internally and will be removed in the next release.
 func Passthrough(ipv IPVersion, args ...string) ([]byte, error) {
+	return passthrough(ipv, args...)
+}
+
+// passthrough method simply passes args through to iptables/ip6tables
+func passthrough(ipv IPVersion, args ...string) ([]byte, error) {
 	var output string
 	log.G(context.TODO()).Debugf("Firewalld passthrough: %s, %s", ipv, args)
 	if err := connection.sysObj.Call(dbusInterface+".direct.passthrough", 0, ipv, args).Store(&output); err != nil {

libnetwork/iptables/firewalld_test.go

@@ -93,7 +93,7 @@ func TestPassthrough(t *testing.T) {
 		"-j", "ACCEPT",
 	}
 
-	_, err := Passthrough(IPv4, append([]string{"-A"}, rule1...)...)
+	_, err := passthrough(IPv4, append([]string{"-A"}, rule1...)...)
 	if err != nil {
 		t.Fatal(err)
 	}

libnetwork/iptables/iptables.go

@@ -444,7 +444,7 @@ func filterOutput(start time.Time, output []byte, args ...string) []byte {
 func (iptable IPTable) Raw(args ...string) ([]byte, error) {
 	if firewalldRunning {
 		startTime := time.Now()
-		output, err := Passthrough(iptable.ipVersion, args...)
+		output, err := passthrough(iptable.ipVersion, args...)
 		if err == nil || !strings.Contains(err.Error(), "was not provided by any .service files") {
 			return filterOutput(startTime, output, args...), err
 		}