Merge pull request #1152 from architkulkarni/status-codes

Add error codes for STATUS verb to `types.go` and `SPEC.md`
Merge pull request #1153 from xmulligan/patch-1
2025-06-02 17:11:33 +02:00 · 2025-05-16 10:30:26 +02:00 · 2025-04-22 23:46:17 +02:00 · 2025-04-22 11:20:07 -04:00 · 2025-04-15 00:40:04 +09:00 · 2025-04-14 17:31:05 +02:00
351 changed files with 15496 additions and 85498 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,2 @@
 # Don't rewrite line endings
 *.go -text
--- a/.github/actions/retest-action/Dockerfile
+++ b/.github/actions/retest-action/Dockerfile
@ -0,0 +1,7 @@
 FROM alpine:3.20
 RUN apk add --no-cache curl jq
 COPY entrypoint.sh /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
--- a/.github/actions/retest-action/action.yml
+++ b/.github/actions/retest-action/action.yml
@ -0,0 +1,11 @@
 name: 'Re-Test'
 description: 'Re-Runs the last workflow for a PR'
 inputs:
  token:
    description: 'GitHub API Token'
    required: true
 runs:
  using: 'docker'
  image: 'Dockerfile'
  env:
    GITHUB_TOKEN: ${{ inputs.token }}
--- a/.github/actions/retest-action/entrypoint.sh
+++ b/.github/actions/retest-action/entrypoint.sh
@ -0,0 +1,45 @@
 #!/bin/sh
 set -ex
 if ! jq -e '.issue.pull_request' ${GITHUB_EVENT_PATH}; then
    echo "Not a PR... Exiting."
    exit 0
 fi
 if [ "$(jq -r '.comment.body' ${GITHUB_EVENT_PATH})" != "/retest" ]; then
    echo "Nothing to do... Exiting."
    exit 0
 fi
 PR_URL=$(jq -r '.issue.pull_request.url' ${GITHUB_EVENT_PATH})
 curl --request GET \
    --url "${PR_URL}" \
    --header "authorization: Bearer ${GITHUB_TOKEN}" \
    --header "content-type: application/json" > pr.json
 ACTOR=$(jq -r '.user.login' pr.json)
 BRANCH=$(jq -r '.head.ref' pr.json)
 curl --request GET \
    --url "https://api.github.com/repos/${GITHUB_REPOSITORY}/actions/runs?event=pull_request&actor=${ACTOR}&branch=${BRANCH}" \
    --header "authorization: Bearer ${GITHUB_TOKEN}" \
    --header "content-type: application/json" | jq '.workflow_runs | max_by(.run_number)' > run.json
 RERUN_URL=$(jq -r '.rerun_url' run.json)
 curl --request POST \
    --url "${RERUN_URL}" \
    --header "authorization: Bearer ${GITHUB_TOKEN}" \
    --header "content-type: application/json"
 REACTION_URL="$(jq -r '.comment.url' ${GITHUB_EVENT_PATH})/reactions"
 curl --request POST \
    --url "${REACTION_URL}" \
    --header "authorization: Bearer ${GITHUB_TOKEN}" \
    --header "accept: application/vnd.github.squirrel-girl-preview+json" \
    --header "content-type: application/json" \
    --data '{ "content" : "rocket" }'
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,27 @@
 # To get started with Dependabot version updates, you'll need to specify which
 # package ecosystems to update and where the package manifests are located.
 # Please see the documentation for all configuration options:
 # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 version: 2
 updates:
  - package-ecosystem: "docker"
    directory: "/.github/actions/retest-action"
    schedule:
      interval: "weekly"
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
  - package-ecosystem: "gomod"
    directory: "/"
    schedule:
      interval: "weekly"
    groups:
      golang:
        patterns:
          - "*"
  - package-ecosystem: "gomod"
    directory: "/plugins/debug"
    schedule:
      interval: "weekly"
--- a/.github/workflows/commands.yml
+++ b/.github/workflows/commands.yml
@ -0,0 +1,17 @@
 name: commands
 on:
  issue_comment:
    types: [created]
 jobs:
  retest:
    if: github.repository == 'containernetworking/cni'
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
      - name: Re-Test Action
        uses: ./.github/actions/retest-action
        with:
          token: ${{ secrets.REPO_ACCESS_TOKEN }}
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -0,0 +1,40 @@
 name: Scorecard supply-chain security
 on:
  branch_protection_rule:
  push:
    branches:
      - main
  schedule:
    - cron: 29 15 * * 0
 permissions: read-all
 jobs:
  analysis:
    name: Scorecard analysis
    permissions:
      id-token: write
      security-events: write
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v4.1.1
        with:
          persist-credentials: false
      - name: Run analysis
        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736  # v2.3.1
        with:
          results_file: results.sarif
          results_format: sarif
          publish_results: true
      - name: Upload artifact
        uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db  # v3.pre.node20
        with:
          name: SARIF file
          path: results.sarif
          retention-days: 5
      - name: Upload to code-scanning
        uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d  # v3.26.7
        with:
          sarif_file: results.sarif
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@ -0,0 +1,96 @@
 ---
 name: test
 on: ["push", "pull_request"]
 env:
  GO_VERSION: "1.22"
  LINUX_ARCHES: "amd64 386 arm arm64 s390x mips64le ppc64le"
 jobs:
  lint:
    name: Lint
    permissions:
      contents: read
      pull-requests: read
    runs-on: ubuntu-latest
    steps:
      - name: setup go
        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
      - uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c  # v3.1.1
        with:
          format: auto
          config_file: .yamllint.yaml
      - uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86  # v6.1.0
        with:
          args: --verbose
          version: v1.57.1
  build:
    name: Build all linux architectures
    needs: lint
    runs-on: ubuntu-latest
    steps:
      - name: setup go
        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
      - name: Build on all supported architectures
        run: |
          set -e
          for arch in ${LINUX_ARCHES}; do
            echo "Building for arch $arch"
            GOARCH=$arch go build ./...
          done
  test-linux:
    name: Run tests on Linux amd64
    needs: build
    runs-on: ubuntu-latest
    steps:
      - name: setup go
        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
      - name: Install test binaries
        run: |
          go install github.com/mattn/goveralls@v0.0.12
          go install github.com/modocache/gover@latest
      - name: test
        run: COVERALLS=1 ./test.sh
      - env:
          COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        name: Send coverage to coveralls
        run: |
          PATH=$PATH:$(go env GOPATH)/bin
          gover
          goveralls -coverprofile=gover.coverprofile -service=github
  test-win:
    name: Build and run tests on Windows
    needs: build
    runs-on: windows-latest
    steps:
      - name: setup go
        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
      - name: test
        run: bash ./test.sh
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,5 @@
-bin/
+.idea/
 gopath/
 *.sw[ponm]
 .vagrant
 release-*
 cnitool/cnitool
--- a/.golangci.yml
+++ b/.golangci.yml
@ -0,0 +1,30 @@
 linters:
  enable:
    - contextcheck
    - errcheck
    - errorlint
    - gci
    - ginkgolinter
    - gocritic
    - gofumpt
    - govet
    - ineffassign
    - misspell
    - nolintlint
    - nonamedreturns
    - predeclared
    - staticcheck
    - typecheck
    - unconvert
    - unused
    - whitespace
 linters-settings:
  gci:
    sections:
      - standard
      - default
      - prefix(github.com/containernetworking)
 run:
  timeout: 5m
--- a/.yamllint.yaml
+++ b/.yamllint.yaml
@ -0,0 +1,10 @@
 ---
 extends: default
 rules:
  document-start: disable
  line-length: disable
  truthy:
    ignore: |
      .github/workflows/*.yml
      .github/workflows/*.yaml
--- a/CODE-OF-CONDUCT.md
+++ b/CODE-OF-CONDUCT.md
@ -0,0 +1,3 @@
 # Community Code of Conduct
 CNI follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -0,0 +1,128 @@
 # How to Contribute
 CNI is [Apache 2.0 licensed](LICENSE) and accepts contributions via GitHub
 pull requests. This document outlines some of the conventions on development
 workflow, commit message formatting, contact points and other resources to make
 it easier to get your contribution accepted.
 We gratefully welcome improvements to documentation as well as to code.
 ## Certificate of Origin
 By contributing to this project you agree to the Developer Certificate of
 Origin (DCO). This document was created by the Linux Kernel community and is a
 simple statement that you, as a contributor, have the legal right to make the
 contribution. See the [DCO](DCO) file for details.
 ## Email and Chat
 The project uses the cni-dev email list, IRC chat, and Slack:
 - Email: [cni-dev](https://groups.google.com/forum/#!forum/cni-dev)
 - IRC: #[containernetworking](irc://irc.freenode.net:6667/#containernetworking) channel on [freenode.net](https://freenode.net/)
 - Slack: #cni on the [CNCF slack](https://slack.cncf.io/).  NOTE: the previous CNI Slack (containernetworking.slack.com) has been sunsetted.
 Please avoid emailing maintainers found in the MAINTAINERS file directly. They
 are very busy and read the mailing lists.
 ## Getting Started
 - Fork the repository on GitHub
 - Read the [README](README.md) for build and test instructions
 - Play with the project, submit bugs, submit pull requests!
 ## Contribution workflow
 This is a rough outline of how to prepare a contribution:
 - Create a topic branch from where you want to base your work (usually branched from main).
 - Make commits of logical units.
 - Make sure your commit messages are in the proper format (see below).
 - Push your changes to a topic branch in your fork of the repository.
 - If you changed code:
  - add automated tests to cover your changes, using the [Ginkgo](https://onsi.github.io/ginkgo/) & [Gomega](https://onsi.github.io/gomega/) style
  - if the package did not previously have any test coverage, add it to the list
   of `TESTABLE` packages in the `test.sh` script.
  - run the full test script and ensure it passes
 - Make sure any new code files have a license header (this is now enforced by automated tests)
 - Submit a pull request to the original repository.
 ## How to run the test suite
 We generally require test coverage of any new features or bug fixes.
 Here's how you can run the test suite on any system (even Mac or Windows) using
 [Vagrant](https://www.vagrantup.com/) and a hypervisor of your choice:
 ```bash
 vagrant up
 vagrant ssh
 # you're now in a shell in a virtual machine
 sudo su
 cd /go/src/github.com/containernetworking/cni
 # to run the full test suite
 ./test.sh
 # to focus on a particular test suite
 cd libcni
 go test
 ```
 ## Acceptance policy
 These things will make a PR more likely to be accepted:
 - a well-described requirement
 - tests for new code
 - tests for old code!
 - new code and tests follow the conventions in old code and tests
 - a good commit message (see below)
 In general, we will merge a PR once two maintainers have endorsed it.
 Trivial changes (e.g., corrections to spelling) may get waved through.
 For substantial changes, more people may become involved, and you might get asked to resubmit the PR or divide the changes into more than one PR.
 ### Format of the Commit Message
 We follow a rough convention for commit messages that is designed to answer two
 questions: what changed and why. The subject line should feature the what and
 the body of the commit should describe the why.
 ```md
 scripts: add the test-cluster command
 this uses tmux to setup a test cluster that you can easily kill and
 start for debugging.
 Fixes #38
 ```
 The format can be described more formally as follows:
 ```md
 <subsystem>: <what changed>
 <BLANK LINE>
 <why this change was made>
 <BLANK LINE>
 <footer>
 ```
 The first line is the subject and should be no longer than 70 characters, the
 second line is always blank, and other lines should be wrapped at 80 characters.
 This allows the message to be easier to read on GitHub as well as in various
 git tools.
 ## 3rd party plugins
 So you've built a CNI plugin.  Where should it live?
 Short answer: We'd be happy to link to it from our [list of 3rd party plugins](README.md#3rd-party-plugins).
 But we'd rather you kept the code in your own repo.
 Long answer: An advantage of the CNI model is that independent plugins can be
 built, distributed and used without any code changes to this repository.  While
 some widely used plugins (and a few less-popular legacy ones) live in this repo,
 we're reluctant to add more.
 If you have a good reason why the CNI maintainers should take custody of your
 plugin, please open an issue or PR.
--- a/CONVENTIONS.md
+++ b/CONVENTIONS.md
@ -0,0 +1,120 @@
 # Extension conventions                                                        
 There are three ways of passing information to plugins using the Container Network Interface (CNI), none of which require the [spec](SPEC.md) to be updated. These are 
 - plugin specific fields in the JSON config
 - `args` field in the JSON config
 - `CNI_ARGS` environment variable 
 This document aims to provide guidance on which method should be used and to provide a convention for how common information should be passed.
 Establishing these conventions allows plugins to work across multiple runtimes. This helps both plugins and the runtimes.
 ## Plugins
 * Plugin authors should aim to support these conventions where it makes sense for their plugin. This means they are more likely to "just work" with a wider range of runtimes.
 * Plugins should accept arguments according to these conventions if they implement the same basic functionality as other plugins. If plugins have shared functionality that isn't covered by these conventions then a PR should be opened against this document.
 ## Runtimes
 * Runtime authors should follow these conventions if they want to pass additional information to plugins. This will allow the extra information to be consumed by the widest range of plugins.
 * These conventions serve as an abstraction for the runtime. For example, port forwarding is highly implementation specific, but users should be able to select the plugin of their choice without changing the runtime.
 # Current conventions
 Additional conventions can be created by creating PRs which modify this document.
 ## Dynamic Plugin specific fields (Capabilities / Runtime Configuration)
 [Plugin specific fields](SPEC.md#network-configuration) formed part of the original CNI spec and have been present since the initial release.
 > Plugins may define additional fields that they accept and may generate an error if called with unknown fields. The exception to this is the args field may be used to pass arbitrary data which may be ignored by plugins.
 A plugin can define any additional fields it needs to work properly. It should return an error if it can't act on fields that were expected or where the field values were malformed.
 This method of passing information to a plugin is recommended when the following conditions hold:
 * The configuration has specific meaning to the plugin (i.e. it's not just general meta data)
 * the plugin is expected to act on the configuration or return an error if it can't
 Dynamic information (i.e. data that a runtime fills out) should be placed in a `runtimeConfig` section. Plugins can request
 that the runtime insert this dynamic configuration by explicitly listing their `capabilities` in the network configuration.
 For example, the configuration for a port mapping plugin might look like this to an operator (it should be included as part of a [network configuration list](SPEC.md#network-configuration-lists).
 ```json
 {
  "name" : "ExamplePlugin",
  "type" : "port-mapper",
  "capabilities": {"portMappings": true}
 }
 ```
 But the runtime would fill in the mappings so the plugin itself would receive something like this.
 ```json
 {
  "name" : "ExamplePlugin",
  "type" : "port-mapper",
  "runtimeConfig": {
    "portMappings": [
      {"hostPort": 8080, "containerPort": 80, "protocol": "tcp"}
    ]
  }
 }
 ```
 ### Well-known Capabilities
 | Area  | Purpose | Capability | Spec and Example | Runtime implementations | Plugin Implementations |
 | ----- | ------- | -----------| ---------------- | ----------------------- | ---------------------  |
 | port mappings | Pass mapping from ports on the host to ports in the container network namespace. | `portMappings` | A list of portmapping entries.<br/>  <pre>[<br/>  { "hostPort": 8080, "containerPort": 80, "protocol": "tcp" },<br />  { "hostPort": 8000, "containerPort": 8001, "protocol": "udp" }<br />  ]<br /></pre> | kubernetes | CNI `portmap` plugin |
 | ip ranges | Dynamically configure the IP range(s) for address allocation. Runtimes that manage IP pools, but not individual IP addresses, can pass these to plugins. | `ipRanges` | The same as the `ranges` key for `host-local` - a list of lists of subnets. The outer list is the number of IPs to allocate, and the inner list is a pool of subnets for each allocation. <br/><pre>[<br/> [<br/>  { "subnet": "10.1.2.0/24", "rangeStart": "10.1.2.3", "rangeEnd": 10.1.2.99", "gateway": "10.1.2.254" } <br/>  ]<br/>]</pre> | none | CNI `host-local` plugin |
 | bandwidth limits | Dynamically configure interface bandwidth limits | `bandwidth` | Desired bandwidth limits. Rates are in bits per second, burst values are in bits. <pre> { "ingressRate": 2048, "ingressBurst": 1600, "egressRate": 4096, "egressBurst": 1600 } </pre> | none | CNI `bandwidth` plugin |
 | dns | Dynamically configure dns according to runtime | `dns` | Dictionary containing a list of `servers` (string entries), a list of `searches` (string entries), a list of `options` (string entries). <pre>{ <br> "searches" : [ "internal.yoyodyne.net", "corp.tyrell.net" ] <br> "servers": [ "8.8.8.8", "10.0.0.10" ] <br />} </pre> | kubernetes | CNI `win-bridge` plugin, CNI `win-overlay` plugin |
 | ips | Dynamically allocate IPs for container interface. Runtime which has the ability of address allocation can pass these to plugins.  | `ips` | A list of `IP` (\<ip\>\[/\<prefix\>\]). <pre> [ "192.168.0.1", 10.10.0.1/24", "3ffe:ffff:0:01ff::2", "3ffe:ffff:0:01ff::1/64" ] </pre> The plugin may require the IP address to include a prefix length. | none | CNI `static` plugin, CNI `host-local` plugin |
 | mac | Dynamically assign MAC. Runtime can pass this to plugins which need MAC as input. | `mac` | `MAC` (string entry). <pre> "c2:11:22:33:44:55" </pre> | none | CNI `tuning` plugin |
 | infiniband guid | Dynamically assign Infiniband GUID to network interface. Runtime can pass this to plugins which need Infiniband GUID as input. | `infinibandGUID` | `GUID` (string entry). <pre> "c2:11:22:33:44:55:66:77" </pre> | none | CNI [`ib-sriov-cni`](https://github.com/Mellanox/ib-sriov-cni) plugin |
 | device id | Provide device identifier which is associated with the network to allow the CNI plugin to perform device dependent network configurations. | `deviceID` | `deviceID` (string entry). <pre> "0000:04:00.5" </pre> | none | CNI `host-device` plugin |
 | aliases | Provide a list of names that will be mapped to the IP addresses assigned to this interface. Other containers on the same network may use one of these names to access the container.| `aliases` | List of `alias` (string entry). <pre> ["my-container", "primary-db"] </pre> | none | CNI `alias` plugin |
 | cgroup path | Provide the cgroup path for pod as requested by CNI plugins. | `cgroupPath` | `cgroupPath` (string entry). <pre>"/kubelet.slice/kubelet-kubepods.slice/kubelet-kubepods-burstable.slice/kubelet-kubepods-burstable-pod28ce45bc_63f8_48a3_a99b_cfb9e63c856c.slice" </pre> | none | CNI `host-local` plugin |
 ## "args" in network config
 `args` in [network config](SPEC.md#network-configuration) were reserved as a  field in the `0.2.0` release of the CNI spec.
 > args (dictionary): Optional additional arguments provided by the container runtime. For example a dictionary of labels could be passed to CNI plugins by adding them to a labels field under args.
 `args` provide a way of providing more structured data than the flat strings that CNI_ARGS can support.
 `args` should be used for _optional_ meta-data. Runtimes can place additional data in `args` and plugins that don't understand that data should just ignore it. Runtimes should not require that a plugin understands or consumes that data provided, and so a runtime should not expect to receive an error if the data could not be acted on.
 This method of passing information to a plugin is recommended when the information is optional and the plugin can choose to ignore it. It's often that case that such information is passed to all plugins by the runtime without regard for whether the plugin can understand it.
 The conventions documented here are all namespaced under `cni` so they don't conflict with any existing `args`.
 For example:
 ```jsonc
 {  
   "cniVersion":"0.2.0",
   "name":"net",
   "args":{  
      "cni":{  
         "labels": [{"key": "app", "value": "myapp"}]
      }
   },
   // <REST OF CNI CONFIG HERE>
   "ipam":{  
   //  <IPAM CONFIG HERE>
   }
 }
 ```
 | Area  | Purpose| Spec and Example | Runtime implementations | Plugin Implementations |
 | ----- | ------ | ------------     | ----------------------- | ---------------------- |
 | labels | Pass`key=value` labels to plugins | <pre>"labels" : [<br />  { "key" : "app", "value" : "myapp" },<br />  { "key" : "env", "value" : "prod" }<br />] </pre> | none | none |
 | ips   | Request specific IPs | Spec:<pre>"ips": ["\<ip\>[/\<prefix\>]", ...]</pre>Examples:<pre>"ips": ["10.2.2.42/24", "2001:db8::5"]</pre> The plugin may require the IP address to include a prefix length. | none | host-local, static |
 ## CNI_ARGS
 CNI_ARGS formed part of the original CNI spec and have been present since the initial release.
 > `CNI_ARGS`: Extra arguments passed in by the user at invocation time. Alphanumeric key-value pairs separated by semicolons; for example, "FOO=BAR;ABC=123"
 The use of `CNI_ARGS` is deprecated and "args" should be used instead. If a runtime passes an equivalent key via `args` (eg the `ips` `args` Area and the `CNI_ARGS` `IP` Field) and the plugin understands `args`, the plugin must ignore the CNI_ARGS Field.
 | Field  | Purpose| Spec and Example | Runtime implementations | Plugin Implementations |
 | ------ | ------ | ---------------- | ----------------------- | ---------------------- |
 | IP     | Request a specific IP from IPAM plugins | Spec:<pre>IP=\<ip\>[/\<prefix\>]</pre>Example: <pre>IP=192.168.10.4/24</pre> The plugin may require the IP addresses to include a prefix length. | *rkt* supports passing additional arguments to plugins and the [documentation](https://coreos.com/rkt/docs/latest/networking/overriding-defaults.html) suggests IP can be used. | host-local, static |
 ## Chained Plugins
 If plugins are agnostic about the type of interface created, they SHOULD work in a chained mode and configure existing interfaces. Plugins MAY also create the desired interface when not run in a chain.
 For example, the `bridge` plugin adds the host-side interface to a bridge. So, it should accept any previous result that includes a host-side interface, including `tap` devices. If not called as a chained plugin, it creates a `veth` pair first.
 Plugins that meet this convention are usable by a larger set of runtimes and interfaces, including hypervisors and DPDK providers.
--- a/36
+++ b/36
@ -0,0 +1,36 @@
 Developer Certificate of Origin
 Version 1.1
 Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
 660 York Street, Suite 102,
 San Francisco, CA 94110 USA
 Everyone is permitted to copy and distribute verbatim copies of this
 license document, but changing it is not allowed.
 Developer's Certificate of Origin 1.1
 By making a contribution to this project, I certify that:
 (a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or
 (b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or
 (c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.
 (d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.
--- a/Documentation/bridge.md
+++ b/Documentation/bridge.md
@ -1,37 +0,0 @@
 # bridge plugin
 ## Overview
 With bridge plugin, all containers (on the same host) are plugged into a bridge (virtual switch) that resides in the host network namespace.
 The containers receive one end of the veth pair with the other end connected to the bridge.
 An IP address is only assigned to one end of the veth pair -- one residing in the container.
 The bridge itself can also be assigned an IP address, turning it into a gateway for the containers.
 Alternatively, the bridge can function purely in L2 mode and would need to be bridged to the host network interface (if other than container-to-container communication on the same host is desired).
 The network configuration specifies the name of the bridge to be used.
 If the bridge is missing, the plugin will create one on first use and, if gateway mode is used, assign it an IP that was returned by IPAM plugin via the gateway field.
 ## Example configuration
 ```
 {
 	"name": "mynet",
 	"type": "bridge",
 	"bridge": "mynet0",
 	"isGateway": true,
 	"ipMasq": true,
 	"ipam": {
 		"type": "host-local",
 		"subnet": "10.10.0.0/16"
 	}
 }
 ```
 ## Network configuration reference
 * `name` (string, required): the name of the network.
 * `type` (string, required): "bridge".
 * `bridge` (string, optional): name of the bridge to use/create. Defaults to "cni0".
 * `isGateway` (boolean, optional): assign an IP address to the bridge. Defaults to false.
 * `ipMasq` (boolean, optional): set up IP Masquerade on the host for traffic originating from this network and destined outside of it. Defaults to false.
 * `mtu` (integer, optional): explicitly set MTU to the specified value. Defaults to the value chosen by the kernel.
 * `ipam` (dictionary, required): IPAM configuration to be used for this network.
--- a/Documentation/cnitool.md
+++ b/Documentation/cnitool.md
@ -0,0 +1,19 @@
 # Overview
 The `cnitool` is a utility that can be used to test a CNI plugin
 without the need for a container runtime. The `cnitool` takes a
 `network name` and a `network namespace` and a command to `ADD` or
 `DEL`,.i.e, attach or detach containers from a network. The `cnitool`
 relies on the following environment variables to operate properly:
 * `NETCONFPATH`: This environment variable needs to be set to a
  directory. It defaults to `/etc/cni/net.d`. The `cnitool` searches
  for CNI configuration files in this directory with the extension
  `*.conf` or `*.json`. It loads all the CNI configuration files in
  this directory and if it finds a CNI configuration with the `network
  name` given to the cnitool it returns the corresponding CNI
  configuration, else it returns `nil`.
 * `CNI_PATH`: For a given CNI configuration `cnitool` will search for
  the corresponding CNI plugin in this path.
 For the full documentation of `cnitool` see the [cnitool docs](../cnitool/README.md)
--- a/Documentation/dhcp.md
+++ b/Documentation/dhcp.md
@ -1,35 +0,0 @@
 # dhcp plugin
 ## Overview
 With dhcp plugin the containers can get an IP allocated by a DHCP server already running on your network.
 This can be especially useful with plugin types such as [macvlan](https://github.com/appc/cni/blob/master/Documentation/macvlan.md).
 Because a DHCP lease must be periodically renewed for the duration of container lifetime, a separate daemon is required to be running.
 The same plugin binary can also be run in the daemon mode.
 ## Operation
 To use the dhcp IPAM plugin, first launch the dhcp daemon:
 ```
 # Make sure the unix socket has been removed
 $ rm -f /run/cni/dhcp.sock
 $ ./dhcp daemon
 ```
 Alternatively, you can use systemd socket activation protocol.
 Be sure that the .socket file uses /run/cni/dhcp.sock as the socket path.
 With the daemon running, containers using the dhcp plugin can be launched.
 ## Example configuration
 ```
 {
 	"ipam": {
 		"type": "dhcp",
 	}
 }
 ## Network configuration reference
 * `type` (string, required): "dhcp"
--- a/Documentation/flannel.md
+++ b/Documentation/flannel.md
@ -1,86 +0,0 @@
 # flannel plugin
 ## Overview
 This plugin is designed to work in conjunction with [flannel](https://github.com/coreos/flannel), a network fabric for containers.
 When flannel daemon is started, it outputs a `/run/flannel/subnet.env` file that looks like this:
 ```
 FLANNEL_SUBNET=10.1.17.0/24
 FLANNEL_MTU=1472
 FLANNEL_IPMASQ=true
 ```
 This information reflects the attributes of flannel network on the host.
 The flannel CNI plugin uses this information to configure another CNI plugin, such as bridge plugin.
 ## Operation
 Given the following network configuration file and the contents of `/run/flannel/subnet.env` above,
 ```
 {
 	"name": "mynet",
 	"type": "flannel"
 }
 ```
 the flannel plugin will generate another network configuration file:
 ```
 {
 	"name": "mynet",
 	"type": "bridge",
 	"mtu": 1472,
 	"ipMasq": false,
 	"isGateway": true,
 	"ipam": {
 		"type": "host-local",
 		"subnet": "10.1.17.0/24"
 	}
 }
 ```
 It will then invoke the bridge plugin, passing it the generated configuration.
 As can be seen from above, the flannel plugin, by default, will delegate to the bridge plugin.
 If additional configuration values need to be passed to the bridge plugin, it can be done so via the `delegate` field:
 ```
 {
 	"name": "mynet",
 	"type": "flannel",
 	"delegate": {
 		"bridge": "mynet0",
 		"mtu": 1400
 	}
 }
 ```
 This supplies a configuration parameter to the bridge plugin -- the created bridge will now be named `mynet0`.
 Notice that `mtu` has also been specified and this value will not be overwritten by flannel plugin.
 Additionally, the `delegate` field can be used to select a different kind of plugin altogether.
 To use `ipvlan` instead of `bridge`, the following configuratoin can be specified:
 ```
 {
 	"name": "mynet",
 	"type": "flannel",
 	"delegate": {
 		"type": "ipvlan",
 		"master": "eth0"
 	}
 }
 ```
 ## Network configuration reference
 * `name` (string, required): the name of the network
 * `type` (string, required): "flannel"
 * `subnetFile` (string, optional): full path to the subnet file written out by flanneld. Defaults to /run/flannel/subnet.env
 * `delegate` (dictionary, optional): specifies configuration options for the delegated plugin.
 flannel plugin will always set the following fields in the delegated plugin configuration:
 * `name`: value of its "name" field.
 * `ipam`: "host-local" type will be used with "subnet" set to `$FLANNEL_SUBNET`.
 flannel plugin will set the following fields in the delegated plugin configuration if they are not present:
 * `ipMasq`: the inverse of `$FLANNEL_IPMASQ`
 * `mtu`: `$FLANNEL_MTU`
 Additionally, for the bridge plugin, `isGateway` will be set to `true`, if not present.
--- a/Documentation/host-local.md
+++ b/Documentation/host-local.md
@ -1,36 +0,0 @@
 # host-local plugin
 ## Overview
 host-local IPAM plugin allocates IPv4 addresses out of a specified address range.
 It stores the state locally on the host filesystem, therefore ensuring uniqueness of IP addresses on a single host.
 ## Example configuration
 ```
 {
 	"ipam": {
 		"type": "host-local",
 		"subnet": "10.10.0.0/16",
 		"rangeStart": "10.10.1.20",
 		"rangeEnd": "10.10.3.50",
 		"gateway": "10.10.0.254",
 		"routes": [
 			{ "dst": "0.0.0.0/0" },
 			{ "dst": "192.168.0.0/16", "gw": "10.10.5.1" }
 		]
 	}
 }
 ```
 ## Network configuration reference
 * `type` (string, required): "host-local".
 * `subnet` (string, required): CIDR block to allocate out of.
 * `rangeStart` (string, optional): IP inside of "subnet" from which to start allocating addresses. Defaults to ".2" IP inside of the "subnet" block.
 * `rangeEnd` (string, optional): IP inside of "subnet" with which to end allocating addresses. Defaults to ".254" IP inside of the "subnet" block.
 * `gateway` (string, optional): IP inside of "subnet" to designate as the gateway. Defaults to ".1" IP inside of the "subnet" block.
 * `routes` (string, optional): list of routes to add to the container namespace. Each route is a dictionary with "dst" and optional "gw" fields. If "gw" is omitted, value of "gateway" will be used.
 ## Files
 Allocated IP addresses are stored as files in /var/lib/cni/networks/$NETWORK_NAME.
--- a/Documentation/ipvlan.md
+++ b/Documentation/ipvlan.md
@ -1,40 +0,0 @@
 # ipvlan plugin
 ## Overview
 ipvlan is a new [addition](https://lwn.net/Articles/620087/) to the Linux kernel.
 Like its cousin macvlan, it virtualizes the host interface.
 However unlike macvlan which generates a new MAC address for each interface, ipvlan devices all share the same MAC.
 The kernel driver inspects the IP address of each packet when making a decision about which virtual interface should process the packet.
 Because all ipvlan interfaces share the MAC address with the host interface, DHCP can only be used in conjunction with ClientID (currently not supported by DHCP plugin).
 ## Example configuration
 ```
 {
 	"name": "mynet",
 	"type": "ipvlan",
 	"master": "eth0",
 	"ipam": {
 		"type": "host-local",
 		"subnet": "10.1.2.0/24",
 	}
 }
 ```
 ## Network configuration reference
 * `name` (string, required): the name of the network.
 * `type` (string, required): "ipvlan".
 * `master` (string, required): name of the host interface to enslave.
 * `mode` (string, optional): one of "l2", "l3". Defaults to "l2".
 * `mtu` (integer, optional): explicitly set MTU to the specified value. Defaults to the value chosen by the kernel.
 * `ipam` (dictionary, required): IPAM configuration to be used for this network.
 ## Notes
 * `ipvlan` does not allow virtual interfaces to communicate with the master interface.
 Therefore the container will not be able to reach the host via `ipvlan` interface.
 Be sure to also have container join a network that provides connectivity to the host (e.g. `ptp`).
 * A single master interface can not be enslaved by both `macvlan` and `ipvlan`.
--- a/Documentation/macvlan.md
+++ b/Documentation/macvlan.md
@ -1,34 +0,0 @@
 # macvlan plugin
 ## Overview
 [macvlan](http://backreference.org/2014/03/20/some-notes-on-macvlanmacvtap/) functions like a switch that is already connected to the host interface.
 A host interface gets "enslaved" with the virtual interfaces sharing the physical device but having distinct MAC addresses.
 Since each macvlan interface has its own MAC address, it makes it easy to use with exising DHCP servers already present on the network.
 ## Example configuration
 ```
 {
 	"name": "mynet",
 	"type": "macvlan",
 	"master": "eth0",
 	"ipam": {
 		"type": "dhcp"
 	}
 }
 ```
 ## Network configuration reference
 * `name` (string, required): the name of the network
 * `type` (string, required): "macvlan"
 * `master` (string, required): name of the host interface to enslave
 * `mode` (string, optional): one of "bridge", "private", "vepa", "passthrough". Defaults to "bridge".
 * `mtu` (integer, optional): explicitly set MTU to the specified value. Defaults to the value chosen by the kernel.
 * `ipam` (dictionary, required): IPAM configuration to be used for this network.
 ## Notes
 * If are testing on a laptop, please remember that most wireless cards do not support being enslaved by macvlan.
 * A single master interface can not be enslaved by both `macvlan` and `ipvlan`.
--- a/Documentation/ptp.md
+++ b/Documentation/ptp.md
@ -1,28 +0,0 @@
 # ptp plugin
 ## Overview
 The ptp plugin creates a point-to-point link between a container and the host by using a veth device.
 One end of the veth pair is placed inside a container and the other end resides on the host.
 Both ends receive an IP address out of a /31 range.
 The IP of the host end becomes the gateway address inside the container.
 Because ptp plugin requires a pair of IP addresses for each container, it should be used in conjuction with host-local-ptp IPAM plugin.
 ## Example network configuration
 ```
 {
 	"name": "mynet",
 	"type": "ptp",
 	"ipam": {
 		"type": "host-local-ptp",
 		"subnet": "10.1.1.0/24"
 	}
 }
 ## Network configuration reference
 * `name` (string, required): the name of the network
 * `type` (string, required): "ptp"
 * `ipMasq` (boolean, optional): set up IP Masquerade on the host for traffic originating from this network and destined outside of it. Defaults to false.
 * `mtu` (integer, optional): explicitly set MTU to the specified value. Defaults to value chosen by the kernel.
 * `ipam` (dictionary, required): IPAM configuration to be used for this network.
--- a/Documentation/spec-upgrades.md
+++ b/Documentation/spec-upgrades.md
@ -0,0 +1,294 @@
 # How to Upgrade to CNI Specification v1.0
 CNI v1.0 has the following changes:
 - non-List configurations are removed
 - the `version` field in the `interfaces` array was redundant and is removed
 ## libcni Changes in CNI v1.0
 **`/pkg/types/current` no longer exists**
 This means that runtimes need to explicitly select a version they support.
 This reduces code breakage when revendoring cni into other projects and
 returns the decision on which CNI Spec versions a plugin supports to the
 plugin's authors.
 For example, your Go imports might look like
 ```go
 import (
    cniv1 "github.com/containernetworking/cni/pkg/types/100"
 )
 ```
 # Changes in CNI v0.4
 CNI v0.4 has the following important changes:
 - A new verb, "CHECK", was added. Runtimes can now ask plugins to verify the status of a container's attachment
 - A new configuration flag, `disableCheck`, which indicates to the runtime that configuration should not be CHECK'ed
 No changes were made to the result type.
 # How to upgrade to CNI Specification v0.3.0 and later
 The 0.3.0 specification contained a small error. The Result structure's `ip` field should have been renamed to `ips` to be consistent with the IPAM result structure definition; this rename was missed when updating the Result to accommodate multiple IP addresses and interfaces. All first-party CNI plugins (bridge, host-local, etc) were updated to use `ips` (and thus be inconsistent with the 0.3.0 specification) and most other plugins have not been updated to the 0.3.0 specification yet, so few (if any) users should be impacted by this change.
 The 0.3.1 specification corrects the `Result` structure to use the `ips` field name as originally intended.  This is the only change between 0.3.0 and 0.3.1.
 Version 0.3.0 of the [CNI Specification](https://github.com/containernetworking/cni/blob/spec-v0.3.0/SPEC.md) provides rich information
 about container network configuration, including details of network interfaces
 and support for multiple IP addresses.
 To support this new data, the specification changed in a couple significant
 ways that will impact CNI users, plugin authors, and runtime authors.
 This document provides guidance for how to upgrade:
 - [For CNI Users](#for-cni-users)
 - [For Plugin Authors](#for-plugin-authors)
 - [For Runtime Authors](#for-runtime-authors)
 **Note**: the CNI Spec is versioned independently from the GitHub releases
 for this repo.  For example, Release v0.4.0 supports Spec version v0.2.0,
 and Release v0.5.0 supports Spec v0.3.0.
 ----
 ## For CNI Users
 If you maintain CNI configuration files for a container runtime that uses CNI,
 ensure that the configuration files specify a `cniVersion` field and that the
 version there is supported by your container runtime and CNI plugins.
 Configuration files without a version field should be given version 0.2.0. 
 The CNI spec includes example configuration files for 
 [single plugins](SPEC.md#example-configurations)
 and for [lists of chained plugins](SPEC.md#example-configurations).
 Consult the documentation for your runtime and plugins to determine what
 CNI spec versions they support. Test any plugin upgrades before deploying to 
 production. You may find [cnitool](https://github.com/containernetworking/cni/tree/main/cnitool)
 useful. Specifically, your configuration version should be the lowest common
 version supported by your plugins.
 ## For Plugin Authors
 This section provides guidance for upgrading plugins to CNI Spec Version 0.3.0.
 ### General guidance for all plugins (language agnostic)
 To provide the smoothest upgrade path, **existing plugins should support
 multiple versions of the CNI spec**.  In particular, plugins with existing
 installed bases should add support for CNI spec version 1.0.0 while maintaining
 compatibility with older versions.
 To do this, two changes are required.  First, a plugin should advertise which
 CNI spec versions it supports.  It does this by responding to the `VERSION`
 command with the following JSON data:
 ```json
 {
  "cniVersion": "1.0.0",
  "supportedVersions": [ "0.1.0", "0.2.0", "0.3.0", "0.3.1", "0.4.0", "1.0.0" ]
 }
 ```
 Second, for the `ADD` command, a plugin must respect the `cniVersion` field
 provided in the [network configuration JSON](SPEC.md#network-configuration). 
 That field is a request for the plugin to return results of a particular format:
 - If the `cniVersion` field is not present, then spec v0.2.0 should be assumed
 	and v0.2.0 format result JSON returned.
 - If the plugin doesn't support the version, the plugin must error.
 - Otherwise, the plugin must return a [CNI Result](SPEC.md#result)
 	in the format requested.
 Result formats for older CNI spec versions are available in the
 [git history for SPEC.md](https://github.com/containernetworking/cni/commits/main/SPEC.md).
 For example, suppose a plugin, via its `VERSION` response, advertises CNI specification
 support for v0.2.0 and v0.3.0.  When it receives `cniVersion` key of `0.2.0`,
 the plugin must return result JSON conforming to CNI spec version 0.2.0.
 ### Specific guidance for plugins written in Go
 Plugins written in Go may leverage the Go language packages in this repository
 to ease the process of upgrading and supporting multiple versions.  CNI 
 [Library and Plugins Release v0.5.0](https://github.com/containernetworking/cni/releases/tag/v0.5.0)
 includes important changes to the Golang APIs.  Plugins using these APIs will
 require some changes now, but should more-easily handle spec changes and
 new features going forward.
 For plugin authors, the biggest change is that `types.Result` is now an
 interface implemented by concrete struct types in the `types/100`,
 `types/040`, and `types/020` subpackages.
 Internally, plugins should use the latest spec version (eg `types/100`) structs,
 and convert to or from specific versions when required.  A typical plugin will
 only need to do a single conversion when it is about to complete and
 needs to print the result JSON in the requested `cniVersion` format to stdout.
 The library function `types.PrintResult()` simplifies this by converting and
 printing in a single call.
 Additionally, the plugin should advertise which CNI Spec versions it supports
 via the 3rd argument to `skel.PluginMain()`.
 Here is some example code
 ```go
 import (
 	 "github.com/containernetworking/cni/pkg/skel"
 	 "github.com/containernetworking/cni/pkg/types"
 	 current "github.com/containernetworking/cni/pkg/types/100"
 	 "github.com/containernetworking/cni/pkg/version"
 )
 func cmdAdd(args *skel.CmdArgs) error {
 	// determine spec version to use
 	var netConf struct {
 		types.NetConf
 		// other plugin-specific configuration goes here
 	}
 	err := json.Unmarshal(args.StdinData, &netConf)
 	cniVersion := netConf.CNIVersion
 	// plugin does its work...
 	//   set up interfaces
 	//   assign addresses, etc
 	// construct the result
 	result := &current.Result{
 		Interfaces: []*current.Interface{ ... },
 		IPs: []*current.IPs{ ... },
 		...
 	}
 	// print result to stdout, in the format defined by the requested cniVersion
 	return types.PrintResult(result, cniVersion)
 }
 func main() {
 	skel.PluginMain(cmdAdd, cmdDel, version.All)
 }
 ```
 Alternately, to use the result from a delegated IPAM plugin, the `result`
 value might be formed like this:
 ```go
 ipamResult, err := ipam.ExecAdd(netConf.IPAM.Type, args.StdinData)
 result, err := current.NewResultFromResult(ipamResult)
 ```
 Other examples of spec v0.3.0-compatible plugins are the
 [main plugins in this repo](https://github.com/containernetworking/plugins/)
 ## For Runtime Authors
 This section provides guidance for upgrading container runtimes to support
 CNI Spec Version 0.3.0 and later.
 ### General guidance for all runtimes (language agnostic)
 #### Support multiple CNI spec versions
 To provide the smoothest upgrade path and support the broadest range of CNI
 plugins, **container runtimes should support multiple versions of the CNI spec**.
 In particular, runtimes with existing installed bases should add support for CNI
 spec version 0.3.0 and later while maintaining compatibility with older versions.
 To support multiple versions of the CNI spec, runtimes should be able to
 call both new and legacy plugins, and handle the results from either.
 When calling a plugin, the runtime must request that the plugin respond in a
 particular format by specifying the `cniVersion` field in the
 [Network Configuration](SPEC.md#network-configuration)
 JSON block.  The plugin will then respond with
 a [Result](SPEC.md#result)
 in the format defined by that CNI spec version, and the runtime must parse
 and handle this result.
 #### Handle errors due to version incompatibility
 Plugins may respond with error indicating that they don't support the requested
 CNI version (see [Well-known Error Codes](SPEC.md#well-known-error-codes)),
 e.g.
 ```json
 {
  "cniVersion": "0.2.0",
  "code": 1,
  "msg": "CNI version not supported"
 }
 ```
 In that case, the runtime may retry with a lower CNI spec version, or take
 some other action.
 #### (optional) Discover plugin version support
 Runtimes may discover which CNI spec versions are supported by a plugin, by
 calling the plugin with the `VERSION` command.  The `VERSION` command was
 added in CNI spec v0.2.0, so older plugins may not respect it.  In the absence
 of a successful response to `VERSION`, assume that the plugin only supports
 CNI spec v0.1.0.
 #### Handle missing data in v0.3.0 and later results
 The Result for the `ADD` command in CNI spec version 0.3.0 and later includes
 a new field `interfaces`.  An IP address in the `ip` field may describe which
 interface it is assigned to, by placing a numeric index in the `interface`
 subfield.
 However, some plugins which are v0.3.0 and later compatible may nonetheless
 omit the `interfaces` field and/or set the `interface` index value to `-1`.
 Runtimes should gracefully handle this situation, unless they have good reason
 to rely on the existence of the interface data.  In that case, provide the user
 an error message that helps diagnose the issue.
 ### Specific guidance for container runtimes written in Go
 Container runtimes written in Go may leverage the Go language packages in this
 repository to ease the process of upgrading and supporting multiple versions.
 CNI [Library and Plugins Release v0.5.0](https://github.com/containernetworking/cni/releases)
 includes important changes to the Golang APIs.  Runtimes using these APIs will
 require some changes now, but should more-easily handle spec changes and
 new features going forward.
 For runtimes, the biggest changes to the Go libraries are in the `types` package.
 It has been refactored to make working with versioned results simpler. The top-level 
 `types.Result` is now an opaque interface instead of a struct, and APIs exposed by
 other packages, such as the high-level `libcni` package, have been updated to use 
 this interface.  Concrete types are now per-version subpackages. The `types/current`
 subpackage contains the latest (spec v0.3.0) types.
 When up-converting older result types to spec v0.3.0 and later, fields new in
 spec v0.3.0 and later (like `interfaces`) may be empty.  Conversely, when
 down-converting v0.3.0 and later results to an older version, any data in
 those fields will be lost.
 | From   | 0.1 | 0.2 | 0.3 | 0.4 | 1.0 |
 |--------|-----|-----|-----|-----|-----|
 | To 0.1 |  ✔  |  ✔  |  x  |  x  |  x  |
 | To 0.2 |  ✔  |  ✔  |  x  |  x  |  x  |
 | To 0.3 |  ✴  |  ✴  |  ✔  |  ✔  |  ✔  |
 | To 0.4 |  ✴  |  ✴  |  ✔  |  ✔  |  ✔  |
 | To 1.0 |  ✴  |  ✴  |  ✔  |  ✔  |  ✔  |
 Key:
 > ✔ : lossless conversion <br>
 > ✴ : higher-version output may have empty fields <br>
 > x : lower-version output is missing some data <br>
 A container runtime should use `current.NewResultFromResult()` to convert the
 opaque  `types.Result` to a concrete `current.Result` struct.  It may then
 work with the fields exposed by that struct:
 ```go
 // runtime invokes the plugin to get the opaque types.Result
 // this may conform to any CNI spec version
 resultInterface, err := libcni.AddNetwork(ctx, netConf, runtimeConf)
 // upconvert result to the current 0.3.0 spec
 result, err := current.NewResultFromResult(resultInterface)
 // use the result fields ....
 for _, ip := range result.IPs { ... }
 ```
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@ -0,0 +1,44 @@
 # CNI Governance
 This document defines project governance for the project.
 ## Voting
 The CNI project employs "organization voting" to ensure no single organization can dominate the project.
 Individuals not associated with or employed by a company or organization are allowed one organization vote.
 Each company or organization (regardless of the number of maintainers associated with or employed by that company/organization) receives one organization vote.
 In other words, if two maintainers are employed by Company X, two by Company Y, two by Company Z, and one maintainer is an un-affiliated individual, a total of four "organization votes" are possible; one for X, one for Y, one for Z, and one for the un-affiliated individual.
 Any maintainer from an organization may cast the vote for that organization.
 For formal votes, a specific statement of what is being voted on should be added to the relevant github issue or PR, and a link to that issue or PR added to the maintainers meeting agenda document.
 Maintainers should indicate their yes/no vote on that issue or PR, and after a suitable period of time, the votes will be tallied and the outcome noted.
 ## Changes in Maintainership
 New maintainers are proposed by an existing maintainer and are elected by a 2/3 majority organization vote.
 Maintainers can be removed by a 2/3 majority organization vote.
 ## Approving PRs
 Non-specification-related PRs may be merged after receiving at least two organization votes.
 Changes to the CNI Specification also follow the normal PR approval process (eg, 2 organization votes), but any maintainer can request that the approval require a 2/3 majority organization vote.
 ## Github Project Administration
 Maintainers will be added to the containernetworking GitHub organization and added to the GitHub cni-maintainers team, and made a GitHub maintainer of that team.
 After 6 months a maintainer will be made an "owner" of the GitHub organization.
 ## Changes in Governance
 All changes in Governance require a 2/3 majority organization vote.
 ## Other Changes
 Unless specified above, all other changes to the project require a 2/3 majority organization vote.
 Additionally, any maintainer may request that any change require a 2/3 majority organization vote.
--- a/Godeps/Godeps.json
+++ b/Godeps/Godeps.json
@ -1,34 +0,0 @@
 {
 	"ImportPath": "github.com/appc/cni",
 	"GoVersion": "go1.4.2",
 	"Packages": [
 		"./..."
 	],
 	"Deps": [
 		{
 			"ImportPath": "github.com/coreos/go-iptables/iptables",
 			"Rev": "83dfad0f13fd7310fb3c1cb8563248d8d604b95b"
 		},
 		{
 			"ImportPath": "github.com/coreos/go-systemd/activation",
 			"Comment": "v2-53-g2688e91",
 			"Rev": "2688e91251d9d8e404e86dd8f096e23b2f086958"
 		},
 		{
 			"ImportPath": "github.com/d2g/dhcp4",
 			"Rev": "f0e4d29ff0231dce36e250b2ed9ff08412584bca"
 		},
 		{
 			"ImportPath": "github.com/d2g/dhcp4client",
 			"Rev": "bed07e1bc5b85f69c6f0fd73393aa35ec68ed892"
 		},
 		{
 			"ImportPath": "github.com/vishvananda/netlink",
 			"Rev": "ae3e7dba57271b4e976c4f91637861ee477135e2"
 		},
 		{
 			"ImportPath": "golang.org/x/sys/unix",
 			"Rev": "e11762ca30adc5b39fdbfd8c4250dabeb8e456d3"
 		}
 	]
 }
--- a/Godeps/Readme
+++ b/Godeps/Readme
@ -1,5 +0,0 @@
 This directory tree is generated automatically by godep.
 Please do not edit.
 See https://github.com/tools/godep for more information.
--- a/Godeps/_workspace/.gitignore
+++ b/Godeps/_workspace/.gitignore
@ -1,2 +0,0 @@
 /pkg
 /bin
--- a/Godeps/_workspace/src/github.com/coreos/go-iptables/iptables/iptables.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-iptables/iptables/iptables.go
@ -1,255 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package iptables
 import (
 	"bytes"
 	"fmt"
 	"log"
 	"os/exec"
 	"regexp"
 	"strconv"
 	"strings"
 	"syscall"
 )
 // Adds the output of stderr to exec.ExitError
 type Error struct {
 	exec.ExitError
 	msg string
 }
 func (e *Error) ExitStatus() int {
 	return e.Sys().(syscall.WaitStatus).ExitStatus()
 }
 func (e *Error) Error() string {
 	return fmt.Sprintf("exit status %v: %v", e.ExitStatus(), e.msg)
 }
 type IPTables struct {
 	path string
 }
 func New() (*IPTables, error) {
 	path, err := exec.LookPath("iptables")
 	if err != nil {
 		return nil, err
 	}
 	return &IPTables{path}, nil
 }
 // Exists checks if given rulespec in specified table/chain exists
 func (ipt *IPTables) Exists(table, chain string, rulespec...string) (bool, error) {
 	checkPresent, err := getIptablesHasCheckCommand()
 	if err != nil {
 		log.Printf("Error checking iptables version, assuming version at least 1.4.11: %v", err)
 		checkPresent = true
 	}
 	if !checkPresent {
 		cmd := append([]string{"-A", chain}, rulespec...)
 		return existsForOldIpTables(table, strings.Join(cmd, " "))
 	} else {
 		cmd := append([]string{"-t", table, "-C", chain}, rulespec...)
 		err := ipt.run(cmd...)
 		switch {
 		case err == nil:
 			return true, nil
 		case err.(*Error).ExitStatus() == 1:
 			return false, nil
 		default:
 			return false, err
 		}
 	}
 }
 // Insert inserts rulespec to specified table/chain (in specified pos)
 func (ipt *IPTables) Insert(table, chain string, pos int, rulespec ...string) error {
 	cmd := append([]string{"-t", table, "-I", chain, strconv.Itoa(pos)}, rulespec...)
 	return ipt.run(cmd...)
 }
 // Append appends rulespec to specified table/chain
 func (ipt *IPTables) Append(table, chain string, rulespec ...string) error {
 	cmd := append([]string{"-t", table, "-A", chain}, rulespec...)
 	return ipt.run(cmd...)
 }
 // AppendUnique acts like Append except that it won't add a duplicate
 func (ipt *IPTables) AppendUnique(table, chain string, rulespec ...string) error {
 	exists, err := ipt.Exists(table, chain, rulespec...)
 	if err != nil {
 		return err
 	}
 	if !exists {
 		return ipt.Append(table, chain, rulespec...)
 	}
 	return nil
 }
 // Delete removes rulespec in specified table/chain
 func (ipt *IPTables) Delete(table, chain string, rulespec ...string) error {
 	cmd := append([]string{"-t", table, "-D", chain}, rulespec...)
 	return ipt.run(cmd...)
 }
 // List rules in specified table/chain
 func (ipt *IPTables) List(table, chain string) ([]string, error) {
 	var stdout, stderr bytes.Buffer
 	cmd := exec.Cmd{
 		Path: ipt.path,
 		Args: []string{ipt.path, "-t", table, "-S", chain},
 		Stdout: &stdout,
 		Stderr: &stderr,
 	}
 	if err := cmd.Run(); err != nil {
 		return nil, &Error{*(err.(*exec.ExitError)), stderr.String()}
 	}
 	rules := strings.Split(stdout.String(), "\n")
 	if len(rules) > 0 && rules[len(rules)-1] == "" {
 		rules = rules[:len(rules)-1]
 	}
 	return rules, nil
 }
 func (ipt *IPTables) NewChain(table, chain string) error {
 	return ipt.run("-t", table, "-N", chain)
 }
 // ClearChain flushed (deletes all rules) in the specifed table/chain.
 // If the chain does not exist, new one will be created
 func (ipt *IPTables) ClearChain(table, chain string) error {
 	err := ipt.NewChain(table, chain)
 	switch {
 	case err == nil:
 		return nil
 	case err.(*Error).ExitStatus() == 1:
 		// chain already exists. Flush (clear) it.
 		return ipt.run("-t", table, "-F", chain)
 	default:
 		return err
 	}
 }
 // DeleteChain deletes the chain in the specified table.
 // The chain must be empty
 func (ipt *IPTables) DeleteChain(table, chain string) error {
 	return ipt.run("-t", table, "-X", chain)
 }
 func (ipt *IPTables) run(args... string) error {
 	var stderr bytes.Buffer
 	cmd := exec.Cmd{
 		Path: ipt.path,
 		Args: append([]string{ipt.path}, args...),
 		Stderr: &stderr,
 	}
 	if err := cmd.Run(); err != nil {
 		return &Error{*(err.(*exec.ExitError)), stderr.String()}
 	}
 	return nil
 }
 // Checks if iptables has the "-C" flag
 func getIptablesHasCheckCommand() (bool, error) {
 	vstring, err := getIptablesVersionString()
 	if err != nil {
 		return false, err
 	}
 	v1, v2, v3, err := extractIptablesVersion(vstring)
 	if err != nil {
 		return false, err
 	}
 	return iptablesHasCheckCommand(v1, v2, v3), nil
 }
 // getIptablesVersion returns the first three components of the iptables version.
 // e.g. "iptables v1.3.66" would return (1, 3, 66, nil)
 func extractIptablesVersion(str string) (int, int, int, error) {
 	versionMatcher := regexp.MustCompile("v([0-9]+)\\.([0-9]+)\\.([0-9]+)")
 	result := versionMatcher.FindStringSubmatch(str)
 	if result == nil {
 		return 0, 0, 0, fmt.Errorf("no iptables version found in string: %s", str)
 	}
 	v1, err := strconv.Atoi(result[1])
 	if err != nil {
 		return 0, 0, 0, err
 	}
 	v2, err := strconv.Atoi(result[2])
 	if err != nil {
 		return 0, 0, 0, err
 	}
 	v3, err := strconv.Atoi(result[3])
 	if err != nil {
 		return 0, 0, 0, err
 	}
 	return v1, v2, v3, nil
 }
 // Runs "iptables --version" to get the version string
 func getIptablesVersionString() (string, error) {
 	cmd := exec.Command("iptables", "--version")
 	var out bytes.Buffer
 	cmd.Stdout = &out
 	err := cmd.Run()
 	if err != nil {
 		return "", err
 	}
 	return out.String(), nil
 }
 // Checks if an iptables version is after 1.4.11, when --check was added
 func iptablesHasCheckCommand(v1 int, v2 int, v3 int) bool {
 	if v1 > 1 {
 		return true
 	}
 	if v1 == 1 && v2 > 4 {
 		return true
 	}
 	if v1 == 1 && v2 == 4 && v3 >= 11 {
 		return true
 	}
 	return false
 }
 // Checks if a rule specification exists for a table
 func existsForOldIpTables(table string, ruleSpec string) (bool, error) {
 	cmd := exec.Command("iptables", "-t", table, "-S")
 	var out bytes.Buffer
 	cmd.Stdout = &out
 	err := cmd.Run()
 	if err != nil {
 		return false, err
 	}
 	rules := out.String()
 	return strings.Contains(rules, ruleSpec), nil
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-iptables/iptables/iptables_test.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-iptables/iptables/iptables_test.go
@ -1,136 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package iptables
 import (
 	"crypto/rand"
 	"math/big"
 	"reflect"
 	"testing"
 )
 func randChain(t *testing.T) string {
 	n, err := rand.Int(rand.Reader, big.NewInt(1000000))
 	if err != nil {
 		t.Fatalf("Failed to generate random chain name: %v", err)
 	}
 	return "TEST-" + n.String()
 }
 func TestChain(t *testing.T) {
 	chain := randChain(t)
 	ipt, err := New()
 	if err != nil {
 		t.Fatalf("New failed: %v", err)
 	}
 	// chain shouldn't exist, this will create new
 	err = ipt.ClearChain("filter", chain)
 	if err != nil {
 		t.Fatalf("ClearChain (of missing) failed: %v", err)
 	}
 	// chain now exists
 	err = ipt.ClearChain("filter", chain)
 	if err != nil {
 		t.Fatalf("ClearChain (of empty) failed: %v", err)
 	}
 	// put a simple rule in
 	err = ipt.Append("filter", chain, "-s", "0.0.0.0/0", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("Append failed: %v", err)
 	}
 	// can't delete non-empty chain
 	err = ipt.DeleteChain("filter", chain)
 	if err == nil {
 		t.Fatalf("DeleteChain of non-empty chain did not fail")
 	}
 	err = ipt.ClearChain("filter", chain)
 	if err != nil {
 		t.Fatalf("ClearChain (of non-empty) failed: %v", err)
 	}
 	// chain empty, should be ok
 	err = ipt.DeleteChain("filter", chain)
 	if err != nil {
 		t.Fatalf("DeleteChain of empty chain failed: %v", err)
 	}
 }
 func TestRules(t *testing.T) {
 	chain := randChain(t)
 	ipt, err := New()
 	if err != nil {
 		t.Fatalf("New failed: %v", err)
 	}
 	// chain shouldn't exist, this will create new
 	err = ipt.ClearChain("filter", chain)
 	if err != nil {
 		t.Fatalf("ClearChain (of missing) failed: %v", err)
 	}
 	err = ipt.Append("filter", chain, "-s", "10.1.0.0/16", "-d", "8.8.8.8/32", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("Append failed: %v", err)
 	}
 	err = ipt.AppendUnique("filter", chain, "-s", "10.1.0.0/16", "-d", "8.8.8.8/32", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("AppendUnique failed: %v", err)
 	}
 	err = ipt.Append("filter", chain, "-s", "10.2.0.0/16", "-d", "8.8.8.8/32", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("Append failed: %v", err)
 	}
 	err = ipt.Insert("filter", chain, 2, "-s", "10.2.0.0/16", "-d", "9.9.9.9/32", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("Insert failed: %v", err)
 	}
 	err = ipt.Insert("filter", chain, 1, "-s", "10.1.0.0/16", "-d", "9.9.9.9/32", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("Insert failed: %v", err)
 	}
 	err = ipt.Delete("filter", chain, "-s", "10.1.0.0/16", "-d", "9.9.9.9/32", "-j", "ACCEPT")
 	if err != nil {
 		t.Fatalf("Insert failed: %v", err)
 	}
 	rules, err := ipt.List("filter", chain)
 	if err != nil {
 		t.Fatalf("List failed: %v", err)
 	}
 	expected := []string{
 		"-N " + chain,
 		"-A " + chain + " -s 10.1.0.0/16 -d 8.8.8.8/32 -j ACCEPT",
 		"-A " + chain + " -s 10.2.0.0/16 -d 9.9.9.9/32 -j ACCEPT",
 		"-A " + chain + " -s 10.2.0.0/16 -d 8.8.8.8/32 -j ACCEPT",
 	}
 	if !reflect.DeepEqual(rules, expected) {
 		t.Fatalf("List mismatch: \ngot  %#v \nneed %#v", rules, expected)
 	}
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/files.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/files.go
@ -1,52 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 // Package activation implements primitives for systemd socket activation.
 package activation
 import (
 	"os"
 	"strconv"
 	"syscall"
 )
 // based on: https://gist.github.com/alberts/4640792
 const (
 	listenFdsStart = 3
 )
 func Files(unsetEnv bool) []*os.File {
 	if unsetEnv {
 		defer os.Unsetenv("LISTEN_PID")
 		defer os.Unsetenv("LISTEN_FDS")
 	}
 	pid, err := strconv.Atoi(os.Getenv("LISTEN_PID"))
 	if err != nil || pid != os.Getpid() {
 		return nil
 	}
 	nfds, err := strconv.Atoi(os.Getenv("LISTEN_FDS"))
 	if err != nil || nfds == 0 {
 		return nil
 	}
 	files := make([]*os.File, 0, nfds)
 	for fd := listenFdsStart; fd < listenFdsStart+nfds; fd++ {
 		syscall.CloseOnExec(fd)
 		files = append(files, os.NewFile(uintptr(fd), "LISTEN_FD_"+strconv.Itoa(fd)))
 	}
 	return files
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/files_test.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/files_test.go
@ -1,82 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package activation
 import (
 	"bytes"
 	"io"
 	"os"
 	"os/exec"
 	"testing"
 )
 // correctStringWritten fails the text if the correct string wasn't written
 // to the other side of the pipe.
 func correctStringWritten(t *testing.T, r *os.File, expected string) bool {
 	bytes := make([]byte, len(expected))
 	io.ReadAtLeast(r, bytes, len(expected))
 	if string(bytes) != expected {
 		t.Fatalf("Unexpected string %s", string(bytes))
 	}
 	return true
 }
 // TestActivation forks out a copy of activation.go example and reads back two
 // strings from the pipes that are passed in.
 func TestActivation(t *testing.T) {
 	cmd := exec.Command("go", "run", "../examples/activation/activation.go")
 	r1, w1, _ := os.Pipe()
 	r2, w2, _ := os.Pipe()
 	cmd.ExtraFiles = []*os.File{
 		w1,
 		w2,
 	}
 	cmd.Env = os.Environ()
 	cmd.Env = append(cmd.Env, "LISTEN_FDS=2", "FIX_LISTEN_PID=1")
 	err := cmd.Run()
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	correctStringWritten(t, r1, "Hello world")
 	correctStringWritten(t, r2, "Goodbye world")
 }
 func TestActivationNoFix(t *testing.T) {
 	cmd := exec.Command("go", "run", "../examples/activation/activation.go")
 	cmd.Env = os.Environ()
 	cmd.Env = append(cmd.Env, "LISTEN_FDS=2")
 	out, _ := cmd.CombinedOutput()
 	if bytes.Contains(out, []byte("No files")) == false {
 		t.Fatalf("Child didn't error out as expected")
 	}
 }
 func TestActivationNoFiles(t *testing.T) {
 	cmd := exec.Command("go", "run", "../examples/activation/activation.go")
 	cmd.Env = os.Environ()
 	cmd.Env = append(cmd.Env, "LISTEN_FDS=0", "FIX_LISTEN_PID=1")
 	out, _ := cmd.CombinedOutput()
 	if bytes.Contains(out, []byte("No files")) == false {
 		t.Fatalf("Child didn't error out as expected")
 	}
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/listeners.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/listeners.go
@ -1,37 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package activation
 import (
 	"net"
 )
 // Listeners returns a slice containing a net.Listener for each matching socket type
 // passed to this process.
 //
 // The order of the file descriptors is preserved in the returned slice.
 // Nil values are used to fill any gaps. For example if systemd were to return file descriptors
 // corresponding with "udp, tcp, tcp", then the slice would contain {nil, net.Listener, net.Listener}
 func Listeners(unsetEnv bool) ([]net.Listener, error) {
 	files := Files(unsetEnv)
 	listeners := make([]net.Listener, len(files))
 	for i, f := range files {
 		if pc, err := net.FileListener(f); err == nil {
 			listeners[i] = pc
 		}
 	}
 	return listeners, nil
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/listeners_test.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/listeners_test.go
@ -1,86 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package activation
 import (
 	"io"
 	"net"
 	"os"
 	"os/exec"
 	"testing"
 )
 // correctStringWritten fails the text if the correct string wasn't written
 // to the other side of the pipe.
 func correctStringWrittenNet(t *testing.T, r net.Conn, expected string) bool {
 	bytes := make([]byte, len(expected))
 	io.ReadAtLeast(r, bytes, len(expected))
 	if string(bytes) != expected {
 		t.Fatalf("Unexpected string %s", string(bytes))
 	}
 	return true
 }
 // TestActivation forks out a copy of activation.go example and reads back two
 // strings from the pipes that are passed in.
 func TestListeners(t *testing.T) {
 	cmd := exec.Command("go", "run", "../examples/activation/listen.go")
 	l1, err := net.Listen("tcp", ":9999")
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	l2, err := net.Listen("tcp", ":1234")
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	t1 := l1.(*net.TCPListener)
 	t2 := l2.(*net.TCPListener)
 	f1, _ := t1.File()
 	f2, _ := t2.File()
 	cmd.ExtraFiles = []*os.File{
 		f1,
 		f2,
 	}
 	r1, err := net.Dial("tcp", "127.0.0.1:9999")
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	r1.Write([]byte("Hi"))
 	r2, err := net.Dial("tcp", "127.0.0.1:1234")
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	r2.Write([]byte("Hi"))
 	cmd.Env = os.Environ()
 	cmd.Env = append(cmd.Env, "LISTEN_FDS=2", "FIX_LISTEN_PID=1")
 	out, err := cmd.Output()
 	if err != nil {
 		println(string(out))
 		t.Fatalf(err.Error())
 	}
 	correctStringWrittenNet(t, r1, "Hello world")
 	correctStringWrittenNet(t, r2, "Goodbye world")
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/packetconns.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/packetconns.go
@ -1,37 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package activation
 import (
 	"net"
 )
 // PacketConns returns a slice containing a net.PacketConn for each matching socket type
 // passed to this process.
 //
 // The order of the file descriptors is preserved in the returned slice.
 // Nil values are used to fill any gaps. For example if systemd were to return file descriptors
 // corresponding with "udp, tcp, udp", then the slice would contain {net.PacketConn, nil, net.PacketConn}
 func PacketConns(unsetEnv bool) ([]net.PacketConn, error) {
 	files := Files(unsetEnv)
 	conns := make([]net.PacketConn, len(files))
 	for i, f := range files {
 		if pc, err := net.FilePacketConn(f); err == nil {
 			conns[i] = pc
 		}
 	}
 	return conns, nil
 }
--- a/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/packetconns_test.go
+++ b/Godeps/_workspace/src/github.com/coreos/go-systemd/activation/packetconns_test.go
@ -1,68 +0,0 @@
 // Copyright 2015 CoreOS, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package activation
 import (
 	"net"
 	"os"
 	"os/exec"
 	"testing"
 )
 // TestActivation forks out a copy of activation.go example and reads back two
 // strings from the pipes that are passed in.
 func TestPacketConns(t *testing.T) {
 	cmd := exec.Command("go", "run", "../examples/activation/udpconn.go")
 	u1, err := net.ListenUDP("udp", &net.UDPAddr{Port: 9999})
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	u2, err := net.ListenUDP("udp", &net.UDPAddr{Port: 1234})
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	f1, _ := u1.File()
 	f2, _ := u2.File()
 	cmd.ExtraFiles = []*os.File{
 		f1,
 		f2,
 	}
 	r1, err := net.Dial("udp", "127.0.0.1:9999")
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	r1.Write([]byte("Hi"))
 	r2, err := net.Dial("udp", "127.0.0.1:1234")
 	if err != nil {
 		t.Fatalf(err.Error())
 	}
 	r2.Write([]byte("Hi"))
 	cmd.Env = os.Environ()
 	cmd.Env = append(cmd.Env, "LISTEN_FDS=2", "FIX_LISTEN_PID=1")
 	out, err := cmd.CombinedOutput()
 	if err != nil {
 		t.Fatalf("Cmd output '%s', err: '%s'\n", out, err)
 	}
 	correctStringWrittenNet(t, r1, "Hello world")
 	correctStringWrittenNet(t, r2, "Goodbye world")
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4/LICENSE
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4/LICENSE
@ -1,27 +0,0 @@
 Copyright (c) 2013 Skagerrak Software Limited. All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
   * Redistributions of source code must retain the above copyright
 notice, this list of conditions and the following disclaimer.
   * Redistributions in binary form must reproduce the above
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
   * Neither the name of Skagerrak Software Limited nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4/README.md
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4/README.md
@ -1,5 +0,0 @@
 # DHCP4 - A DHCP library written in Go.
 Warning: This library is still being developed.  Function calls will change.
 I've removed Server Functionality, for me this project supports the underlying DHCP format not the implementation.
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4/constants.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4/constants.go
@ -1,121 +0,0 @@
 package dhcp4
 // OpCodes
 const (
 	BootRequest OpCode = 1 // From Client
 	BootReply   OpCode = 2 // From Server
 )
 // DHCP Message Type 53
 const (
 	Discover MessageType = 1 // Broadcast Packet From Client - Can I have an IP?
 	Offer    MessageType = 2 // Broadcast From Server - Here's an IP
 	Request  MessageType = 3 // Broadcast From Client - I'll take that IP (Also start for renewals)
 	Decline  MessageType = 4 // Broadcast From Client - Sorry I can't use that IP
 	ACK      MessageType = 5 // From Server, Yes you can have that IP
 	NAK      MessageType = 6 // From Server, No you cannot have that IP
 	Release  MessageType = 7 // From Client, I don't need that IP anymore
 	Inform   MessageType = 8 // From Client, I have this IP and there's nothing you can do about it
 )
 // DHCP Options
 const (
 	End                          OptionCode = 255
 	Pad                          OptionCode = 0
 	OptionSubnetMask             OptionCode = 1
 	OptionTimeOffset             OptionCode = 2
 	OptionRouter                 OptionCode = 3
 	OptionTimeServer             OptionCode = 4
 	OptionNameServer             OptionCode = 5
 	OptionDomainNameServer       OptionCode = 6
 	OptionLogServer              OptionCode = 7
 	OptionCookieServer           OptionCode = 8
 	OptionLPRServer              OptionCode = 9
 	OptionImpressServer          OptionCode = 10
 	OptionResourceLocationServer OptionCode = 11
 	OptionHostName               OptionCode = 12
 	OptionBootFileSize           OptionCode = 13
 	OptionMeritDumpFile          OptionCode = 14
 	OptionDomainName             OptionCode = 15
 	OptionSwapServer             OptionCode = 16
 	OptionRootPath               OptionCode = 17
 	OptionExtensionsPath         OptionCode = 18
 	// IP Layer Parameters per Host
 	OptionIPForwardingEnableDisable          OptionCode = 19
 	OptionNonLocalSourceRoutingEnableDisable OptionCode = 20
 	OptionPolicyFilter                       OptionCode = 21
 	OptionMaximumDatagramReassemblySize      OptionCode = 22
 	OptionDefaultIPTimeToLive                OptionCode = 23
 	OptionPathMTUAgingTimeout                OptionCode = 24
 	OptionPathMTUPlateauTable                OptionCode = 25
 	// IP Layer Parameters per Interface
 	OptionInterfaceMTU              OptionCode = 26
 	OptionAllSubnetsAreLocal        OptionCode = 27
 	OptionBroadcastAddress          OptionCode = 28
 	OptionPerformMaskDiscovery      OptionCode = 29
 	OptionMaskSupplier              OptionCode = 30
 	OptionPerformRouterDiscovery    OptionCode = 31
 	OptionRouterSolicitationAddress OptionCode = 32
 	OptionStaticRoute               OptionCode = 33
 	// Link Layer Parameters per Interface
 	OptionTrailerEncapsulation  OptionCode = 34
 	OptionARPCacheTimeout       OptionCode = 35
 	OptionEthernetEncapsulation OptionCode = 36
 	// TCP Parameters
 	OptionTCPDefaultTTL        OptionCode = 37
 	OptionTCPKeepaliveInterval OptionCode = 38
 	OptionTCPKeepaliveGarbage  OptionCode = 39
 	// Application and Service Parameters
 	OptionNetworkInformationServiceDomain            OptionCode = 40
 	OptionNetworkInformationServers                  OptionCode = 41
 	OptionNetworkTimeProtocolServers                 OptionCode = 42
 	OptionVendorSpecificInformation                  OptionCode = 43
 	OptionNetBIOSOverTCPIPNameServer                 OptionCode = 44
 	OptionNetBIOSOverTCPIPDatagramDistributionServer OptionCode = 45
 	OptionNetBIOSOverTCPIPNodeType                   OptionCode = 46
 	OptionNetBIOSOverTCPIPScope                      OptionCode = 47
 	OptionXWindowSystemFontServer                    OptionCode = 48
 	OptionXWindowSystemDisplayManager                OptionCode = 49
 	OptionNetworkInformationServicePlusDomain        OptionCode = 64
 	OptionNetworkInformationServicePlusServers       OptionCode = 65
 	OptionMobileIPHomeAgent                          OptionCode = 68
 	OptionSimpleMailTransportProtocol                OptionCode = 69
 	OptionPostOfficeProtocolServer                   OptionCode = 70
 	OptionNetworkNewsTransportProtocol               OptionCode = 71
 	OptionDefaultWorldWideWebServer                  OptionCode = 72
 	OptionDefaultFingerServer                        OptionCode = 73
 	OptionDefaultInternetRelayChatServer             OptionCode = 74
 	OptionStreetTalkServer                           OptionCode = 75
 	OptionStreetTalkDirectoryAssistance              OptionCode = 76
 	// DHCP Extensions
 	OptionRequestedIPAddress     OptionCode = 50
 	OptionIPAddressLeaseTime     OptionCode = 51
 	OptionOverload               OptionCode = 52
 	OptionDHCPMessageType        OptionCode = 53
 	OptionServerIdentifier       OptionCode = 54
 	OptionParameterRequestList   OptionCode = 55
 	OptionMessage                OptionCode = 56
 	OptionMaximumDHCPMessageSize OptionCode = 57
 	OptionRenewalTimeValue       OptionCode = 58
 	OptionRebindingTimeValue     OptionCode = 59
 	OptionVendorClassIdentifier  OptionCode = 60
 	OptionClientIdentifier       OptionCode = 61
 	OptionTFTPServerName OptionCode = 66
 	OptionBootFileName   OptionCode = 67
 	OptionUserClass OptionCode = 77
 	OptionClientArchitecture OptionCode = 93
 	OptionTZPOSIXString    OptionCode = 100
 	OptionTZDatabaseString OptionCode = 101
 	OptionClasslessRouteFormat OptionCode = 121
 )
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4/helpers.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4/helpers.go
@ -1,58 +0,0 @@
 package dhcp4
 import (
 	"encoding/binary"
 	"net"
 	"time"
 )
 // IPRange returns how many ips in the ip range from start to stop (inclusive)
 func IPRange(start, stop net.IP) int {
 	//return int(Uint([]byte(stop))-Uint([]byte(start))) + 1
 	return int(binary.BigEndian.Uint32(stop.To4())) - int(binary.BigEndian.Uint32(start.To4())) + 1
 }
 // IPAdd returns a copy of start + add.
 // IPAdd(net.IP{192,168,1,1},30) returns net.IP{192.168.1.31}
 func IPAdd(start net.IP, add int) net.IP { // IPv4 only
 	start = start.To4()
 	//v := Uvarint([]byte(start))
 	result := make(net.IP, 4)
 	binary.BigEndian.PutUint32(result, binary.BigEndian.Uint32(start)+uint32(add))
 	//PutUint([]byte(result), v+uint64(add))
 	return result
 }
 // IPLess returns where IP a is less than IP b.
 func IPLess(a, b net.IP) bool {
 	b = b.To4()
 	for i, ai := range a.To4() {
 		if ai != b[i] {
 			return ai < b[i]
 		}
 	}
 	return false
 }
 // IPInRange returns true if ip is between (inclusive) start and stop.
 func IPInRange(start, stop, ip net.IP) bool {
 	return !(IPLess(ip, start) || IPLess(stop, ip))
 }
 // OptionsLeaseTime - converts a time.Duration to a 4 byte slice, compatible
 // with OptionIPAddressLeaseTime.
 func OptionsLeaseTime(d time.Duration) []byte {
 	leaseBytes := make([]byte, 4)
 	binary.BigEndian.PutUint32(leaseBytes, uint32(d/time.Second))
 	//PutUvarint(leaseBytes, uint64(d/time.Second))
 	return leaseBytes
 }
 // JoinIPs returns a byte slice of IP addresses, one immediately after the other
 // This may be useful for creating multiple IP options such as OptionRouter.
 func JoinIPs(ips []net.IP) (b []byte) {
 	for _, v := range ips {
 		b = append(b, v.To4()...)
 	}
 	return
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4/option.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4/option.go
@ -1,40 +0,0 @@
 package dhcp4
 type OptionCode byte
 type Option struct {
 	Code  OptionCode
 	Value []byte
 }
 // Map of DHCP options
 type Options map[OptionCode][]byte
 // SelectOrderOrAll has same functionality as SelectOrder, except if the order
 // param is nil, whereby all options are added (in arbitary order).
 func (o Options) SelectOrderOrAll(order []byte) []Option {
 	if order == nil {
 		opts := make([]Option, 0, len(o))
 		for i, v := range o {
 			opts = append(opts, Option{Code: i, Value: v})
 		}
 		return opts
 	}
 	return o.SelectOrder(order)
 }
 // SelectOrder returns a slice of options ordered and selected by a byte array
 // usually defined by OptionParameterRequestList.  This result is expected to be
 // used in ReplyPacket()'s []Option parameter.
 func (o Options) SelectOrder(order []byte) []Option {
 	opts := make([]Option, 0, len(order))
 	for _, v := range order {
 		if data, ok := o[OptionCode(v)]; ok {
 			opts = append(opts, Option{Code: OptionCode(v), Value: data})
 		}
 	}
 	return opts
 }
 type OpCode byte
 type MessageType byte // Option 53
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4/packet.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4/packet.go
@ -1,149 +0,0 @@
 package dhcp4
 import (
 	"net"
 	"time"
 )
 // A DHCP packet
 type Packet []byte
 func (p Packet) OpCode() OpCode { return OpCode(p[0]) }
 func (p Packet) HType() byte    { return p[1] }
 func (p Packet) HLen() byte     { return p[2] }
 func (p Packet) Hops() byte     { return p[3] }
 func (p Packet) XId() []byte    { return p[4:8] }
 func (p Packet) Secs() []byte   { return p[8:10] } // Never Used?
 func (p Packet) Flags() []byte  { return p[10:12] }
 func (p Packet) CIAddr() net.IP { return net.IP(p[12:16]) }
 func (p Packet) YIAddr() net.IP { return net.IP(p[16:20]) }
 func (p Packet) SIAddr() net.IP { return net.IP(p[20:24]) }
 func (p Packet) GIAddr() net.IP { return net.IP(p[24:28]) }
 func (p Packet) CHAddr() net.HardwareAddr {
 	hLen := p.HLen()
 	if hLen > 16 { // Prevent chaddr exceeding p boundary
 		hLen = 16
 	}
 	return net.HardwareAddr(p[28 : 28+hLen]) // max endPos 44
 }
 // 192 bytes of zeros BOOTP legacy
 func (p Packet) Cookie() []byte { return p[236:240] }
 func (p Packet) Options() []byte {
 	if len(p) > 240 {
 		return p[240:]
 	}
 	return nil
 }
 func (p Packet) Broadcast() bool { return p.Flags()[0] > 127 }
 func (p Packet) SetBroadcast(broadcast bool) {
 	if p.Broadcast() != broadcast {
 		p.Flags()[0] ^= 128
 	}
 }
 func (p Packet) SetOpCode(c OpCode) { p[0] = byte(c) }
 func (p Packet) SetCHAddr(a net.HardwareAddr) {
 	copy(p[28:44], a)
 	p[2] = byte(len(a))
 }
 func (p Packet) SetHType(hType byte)     { p[1] = hType }
 func (p Packet) SetCookie(cookie []byte) { copy(p.Cookie(), cookie) }
 func (p Packet) SetHops(hops byte)       { p[3] = hops }
 func (p Packet) SetXId(xId []byte)       { copy(p.XId(), xId) }
 func (p Packet) SetSecs(secs []byte)     { copy(p.Secs(), secs) }
 func (p Packet) SetFlags(flags []byte)   { copy(p.Flags(), flags) }
 func (p Packet) SetCIAddr(ip net.IP)     { copy(p.CIAddr(), ip.To4()) }
 func (p Packet) SetYIAddr(ip net.IP)     { copy(p.YIAddr(), ip.To4()) }
 func (p Packet) SetSIAddr(ip net.IP)     { copy(p.SIAddr(), ip.To4()) }
 func (p Packet) SetGIAddr(ip net.IP)     { copy(p.GIAddr(), ip.To4()) }
 // Parses the packet's options into an Options map
 func (p Packet) ParseOptions() Options {
 	opts := p.Options()
 	options := make(Options, 10)
 	for len(opts) >= 2 && OptionCode(opts[0]) != End {
 		if OptionCode(opts[0]) == Pad {
 			opts = opts[1:]
 			continue
 		}
 		size := int(opts[1])
 		if len(opts) < 2+size {
 			break
 		}
 		options[OptionCode(opts[0])] = opts[2 : 2+size]
 		opts = opts[2+size:]
 	}
 	return options
 }
 func NewPacket(opCode OpCode) Packet {
 	p := make(Packet, 241)
 	p.SetOpCode(opCode)
 	p.SetHType(1) // Ethernet
 	p.SetCookie([]byte{99, 130, 83, 99})
 	p[240] = byte(End)
 	return p
 }
 // Appends a DHCP option to the end of a packet
 func (p *Packet) AddOption(o OptionCode, value []byte) {
 	*p = append((*p)[:len(*p)-1], []byte{byte(o), byte(len(value))}...) // Strip off End, Add OptionCode and Length
 	*p = append(*p, value...)                                           // Add Option Value
 	*p = append(*p, byte(End))                                          // Add on new End
 }
 // Removes all options from packet.
 func (p *Packet) StripOptions() {
 	*p = append((*p)[:240], byte(End))
 }
 // Creates a request packet that a Client would send to a server.
 func RequestPacket(mt MessageType, chAddr net.HardwareAddr, cIAddr net.IP, xId []byte, broadcast bool, options []Option) Packet {
 	p := NewPacket(BootRequest)
 	p.SetCHAddr(chAddr)
 	p.SetXId(xId)
 	if cIAddr != nil {
 		p.SetCIAddr(cIAddr)
 	}
 	p.SetBroadcast(broadcast)
 	p.AddOption(OptionDHCPMessageType, []byte{byte(mt)})
 	for _, o := range options {
 		p.AddOption(o.Code, o.Value)
 	}
 	p.PadToMinSize()
 	return p
 }
 // ReplyPacket creates a reply packet that a Server would send to a client.
 // It uses the req Packet param to copy across common/necessary fields to
 // associate the reply the request.
 func ReplyPacket(req Packet, mt MessageType, serverId, yIAddr net.IP, leaseDuration time.Duration, options []Option) Packet {
 	p := NewPacket(BootReply)
 	p.SetXId(req.XId())
 	p.SetFlags(req.Flags())
 	p.SetYIAddr(yIAddr)
 	p.SetGIAddr(req.GIAddr())
 	p.SetCHAddr(req.CHAddr())
 	p.SetSecs(req.Secs())
 	p.AddOption(OptionDHCPMessageType, []byte{byte(mt)})
 	p.AddOption(OptionServerIdentifier, []byte(serverId))
 	p.AddOption(OptionIPAddressLeaseTime, OptionsLeaseTime(leaseDuration))
 	for _, o := range options {
 		p.AddOption(o.Code, o.Value)
 	}
 	p.PadToMinSize()
 	return p
 }
 // PadToMinSize pads a packet so that when sent over UDP, the entire packet,
 // is 300 bytes (BOOTP min), to be compatible with really old devices.
 var padder [272]byte
 func (p *Packet) PadToMinSize() {
 	if n := len(*p); n < 272 {
 		*p = append(*p, padder[:272-n]...)
 	}
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/LICENSE
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/LICENSE
@ -1,354 +0,0 @@
 Mozilla Public License, version 2.0
 1. Definitions
 1.1. “Contributor”
     means each individual or legal entity that creates, contributes to the
     creation of, or owns Covered Software.
 1.2. “Contributor Version”
     means the combination of the Contributions of others (if any) used by a
     Contributor and that particular Contributor’s Contribution.
 1.3. “Contribution”
     means Covered Software of a particular Contributor.
 1.4. “Covered Software”
     means Source Code Form to which the initial Contributor has attached the
     notice in Exhibit A, the Executable Form of such Source Code Form, and
     Modifications of such Source Code Form, in each case including portions
     thereof.
 1.5. “Incompatible With Secondary Licenses”
     means
     a. that the initial Contributor has attached the notice described in
        Exhibit B to the Covered Software; or
     b. that the Covered Software was made available under the terms of version
        1.1 or earlier of the License, but not also under the terms of a
        Secondary License.
 1.6. “Executable Form”
     means any form of the work other than Source Code Form.
 1.7. “Larger Work”
     means a work that combines Covered Software with other material, in a separate
     file or files, that is not Covered Software.
 1.8. “License”
     means this document.
 1.9. “Licensable”
     means having the right to grant, to the maximum extent possible, whether at the
     time of the initial grant or subsequently, any and all of the rights conveyed by
     this License.
 1.10. “Modifications”
     means any of the following:
     a. any file in Source Code Form that results from an addition to, deletion
        from, or modification of the contents of Covered Software; or
     b. any new file in Source Code Form that contains any Covered Software.
 1.11. “Patent Claims” of a Contributor
      means any patent claim(s), including without limitation, method, process,
      and apparatus claims, in any patent Licensable by such Contributor that
      would be infringed, but for the grant of the License, by the making,
      using, selling, offering for sale, having made, import, or transfer of
      either its Contributions or its Contributor Version.
 1.12. “Secondary License”
      means either the GNU General Public License, Version 2.0, the GNU Lesser
      General Public License, Version 2.1, the GNU Affero General Public
      License, Version 3.0, or any later versions of those licenses.
 1.13. “Source Code Form”
      means the form of the work preferred for making modifications.
 1.14. “You” (or “Your”)
      means an individual or a legal entity exercising rights under this
      License. For legal entities, “You” includes any entity that controls, is
      controlled by, or is under common control with You. For purposes of this
      definition, “control” means (a) the power, direct or indirect, to cause
      the direction or management of such entity, whether by contract or
      otherwise, or (b) ownership of more than fifty percent (50%) of the
      outstanding shares or beneficial ownership of such entity.
 2. License Grants and Conditions
 2.1. Grants
     Each Contributor hereby grants You a world-wide, royalty-free,
     non-exclusive license:
     a. under intellectual property rights (other than patent or trademark)
        Licensable by such Contributor to use, reproduce, make available,
        modify, display, perform, distribute, and otherwise exploit its
        Contributions, either on an unmodified basis, with Modifications, or as
        part of a Larger Work; and
     b. under Patent Claims of such Contributor to make, use, sell, offer for
        sale, have made, import, and otherwise transfer either its Contributions
        or its Contributor Version.
 2.2. Effective Date
     The licenses granted in Section 2.1 with respect to any Contribution become
     effective for each Contribution on the date the Contributor first distributes
     such Contribution.
 2.3. Limitations on Grant Scope
     The licenses granted in this Section 2 are the only rights granted under this
     License. No additional rights or licenses will be implied from the distribution
     or licensing of Covered Software under this License. Notwithstanding Section
     2.1(b) above, no patent license is granted by a Contributor:
     a. for any code that a Contributor has removed from Covered Software; or
     b. for infringements caused by: (i) Your and any other third party’s
        modifications of Covered Software, or (ii) the combination of its
        Contributions with other software (except as part of its Contributor
        Version); or
     c. under Patent Claims infringed by Covered Software in the absence of its
        Contributions.
     This License does not grant any rights in the trademarks, service marks, or
     logos of any Contributor (except as may be necessary to comply with the
     notice requirements in Section 3.4).
 2.4. Subsequent Licenses
     No Contributor makes additional grants as a result of Your choice to
     distribute the Covered Software under a subsequent version of this License
     (see Section 10.2) or under the terms of a Secondary License (if permitted
     under the terms of Section 3.3).
 2.5. Representation
     Each Contributor represents that the Contributor believes its Contributions
     are its original creation(s) or it has sufficient rights to grant the
     rights to its Contributions conveyed by this License.
 2.6. Fair Use
     This License is not intended to limit any rights You have under applicable
     copyright doctrines of fair use, fair dealing, or other equivalents.
 2.7. Conditions
     Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in
     Section 2.1.
 3. Responsibilities
 3.1. Distribution of Source Form
     All distribution of Covered Software in Source Code Form, including any
     Modifications that You create or to which You contribute, must be under the
     terms of this License. You must inform recipients that the Source Code Form
     of the Covered Software is governed by the terms of this License, and how
     they can obtain a copy of this License. You may not attempt to alter or
     restrict the recipients’ rights in the Source Code Form.
 3.2. Distribution of Executable Form
     If You distribute Covered Software in Executable Form then:
     a. such Covered Software must also be made available in Source Code Form,
        as described in Section 3.1, and You must inform recipients of the
        Executable Form how they can obtain a copy of such Source Code Form by
        reasonable means in a timely manner, at a charge no more than the cost
        of distribution to the recipient; and
     b. You may distribute such Executable Form under the terms of this License,
        or sublicense it under different terms, provided that the license for
        the Executable Form does not attempt to limit or alter the recipients’
        rights in the Source Code Form under this License.
 3.3. Distribution of a Larger Work
     You may create and distribute a Larger Work under terms of Your choice,
     provided that You also comply with the requirements of this License for the
     Covered Software. If the Larger Work is a combination of Covered Software
     with a work governed by one or more Secondary Licenses, and the Covered
     Software is not Incompatible With Secondary Licenses, this License permits
     You to additionally distribute such Covered Software under the terms of
     such Secondary License(s), so that the recipient of the Larger Work may, at
     their option, further distribute the Covered Software under the terms of
     either this License or such Secondary License(s).
 3.4. Notices
     You may not remove or alter the substance of any license notices (including
     copyright notices, patent notices, disclaimers of warranty, or limitations
     of liability) contained within the Source Code Form of the Covered
     Software, except that You may alter any license notices to the extent
     required to remedy known factual inaccuracies.
 3.5. Application of Additional Terms
     You may choose to offer, and to charge a fee for, warranty, support,
     indemnity or liability obligations to one or more recipients of Covered
     Software. However, You may do so only on Your own behalf, and not on behalf
     of any Contributor. You must make it absolutely clear that any such
     warranty, support, indemnity, or liability obligation is offered by You
     alone, and You hereby agree to indemnify every Contributor for any
     liability incurred by such Contributor as a result of warranty, support,
     indemnity or liability terms You offer. You may include additional
     disclaimers of warranty and limitations of liability specific to any
     jurisdiction.
 4. Inability to Comply Due to Statute or Regulation
   If it is impossible for You to comply with any of the terms of this License
   with respect to some or all of the Covered Software due to statute, judicial
   order, or regulation then You must: (a) comply with the terms of this License
   to the maximum extent possible; and (b) describe the limitations and the code
   they affect. Such description must be placed in a text file included with all
   distributions of the Covered Software under this License. Except to the
   extent prohibited by statute or regulation, such description must be
   sufficiently detailed for a recipient of ordinary skill to be able to
   understand it.
 5. Termination
 5.1. The rights granted under this License will terminate automatically if You
     fail to comply with any of its terms. However, if You become compliant,
     then the rights granted under this License from a particular Contributor
     are reinstated (a) provisionally, unless and until such Contributor
     explicitly and finally terminates Your grants, and (b) on an ongoing basis,
     if such Contributor fails to notify You of the non-compliance by some
     reasonable means prior to 60 days after You have come back into compliance.
     Moreover, Your grants from a particular Contributor are reinstated on an
     ongoing basis if such Contributor notifies You of the non-compliance by
     some reasonable means, this is the first time You have received notice of
     non-compliance with this License from such Contributor, and You become
     compliant prior to 30 days after Your receipt of the notice.
 5.2. If You initiate litigation against any entity by asserting a patent
     infringement claim (excluding declaratory judgment actions, counter-claims,
     and cross-claims) alleging that a Contributor Version directly or
     indirectly infringes any patent, then the rights granted to You by any and
     all Contributors for the Covered Software under Section 2.1 of this License
     shall terminate.
 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user
     license agreements (excluding distributors and resellers) which have been
     validly granted by You or Your distributors under this License prior to
     termination shall survive termination.
 6. Disclaimer of Warranty
   Covered Software is provided under this License on an “as is” basis, without
   warranty of any kind, either expressed, implied, or statutory, including,
   without limitation, warranties that the Covered Software is free of defects,
   merchantable, fit for a particular purpose or non-infringing. The entire
   risk as to the quality and performance of the Covered Software is with You.
   Should any Covered Software prove defective in any respect, You (not any
   Contributor) assume the cost of any necessary servicing, repair, or
   correction. This disclaimer of warranty constitutes an essential part of this
   License. No use of  any Covered Software is authorized under this License
   except under this disclaimer.
 7. Limitation of Liability
   Under no circumstances and under no legal theory, whether tort (including
   negligence), contract, or otherwise, shall any Contributor, or anyone who
   distributes Covered Software as permitted above, be liable to You for any
   direct, indirect, special, incidental, or consequential damages of any
   character including, without limitation, damages for lost profits, loss of
   goodwill, work stoppage, computer failure or malfunction, or any and all
   other commercial damages or losses, even if such party shall have been
   informed of the possibility of such damages. This limitation of liability
   shall not apply to liability for death or personal injury resulting from such
   party’s negligence to the extent applicable law prohibits such limitation.
   Some jurisdictions do not allow the exclusion or limitation of incidental or
   consequential damages, so this exclusion and limitation may not apply to You.
 8. Litigation
   Any litigation relating to this License may be brought only in the courts of
   a jurisdiction where the defendant maintains its principal place of business
   and such litigation shall be governed by laws of that jurisdiction, without
   reference to its conflict-of-law provisions. Nothing in this Section shall
   prevent a party’s ability to bring cross-claims or counter-claims.
 9. Miscellaneous
   This License represents the complete agreement concerning the subject matter
   hereof. If any provision of this License is held to be unenforceable, such
   provision shall be reformed only to the extent necessary to make it
   enforceable. Any law or regulation which provides that the language of a
   contract shall be construed against the drafter shall not be used to construe
   this License against a Contributor.
 10. Versions of the License
 10.1. New Versions
      Mozilla Foundation is the license steward. Except as provided in Section
      10.3, no one other than the license steward has the right to modify or
      publish new versions of this License. Each version will be given a
      distinguishing version number.
 10.2. Effect of New Versions
      You may distribute the Covered Software under the terms of the version of
      the License under which You originally received the Covered Software, or
      under the terms of any subsequent version published by the license
      steward.
 10.3. Modified Versions
      If you create software not governed by this License, and you want to
      create a new license for such software, you may create and use a modified
      version of this License if you rename the license and remove any
      references to the name of the license steward (except to note that such
      modified license differs from this License).
 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses
      If You choose to distribute Source Code Form that is Incompatible With
      Secondary Licenses under the terms of this version of the License, the
      notice described in Exhibit B of this License must be attached.
 Exhibit A - Source Code Form License Notice
      This Source Code Form is subject to the
      terms of the Mozilla Public License, v.
      2.0. If a copy of the MPL was not
      distributed with this file, You can
      obtain one at
      http://mozilla.org/MPL/2.0/.
 If it is not possible or desirable to put the notice in a particular file, then
 You may include the notice in a location (such as a LICENSE file in a relevant
 directory) where a recipient would be likely to look for such a notice.
 You may add additional accurate notices of copyright ownership.
 Exhibit B - “Incompatible With Secondary Licenses” Notice
      This Source Code Form is “Incompatible
      With Secondary Licenses”, as defined by
      the Mozilla Public License, v. 2.0.
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/README.md
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/README.md
@ -1,8 +0,0 @@
 dhcp4client [![GoDoc](https://godoc.org/github.com/d2g/dhcp4client?status.svg)](http://godoc.org/github.com/d2g/dhcp4client) [![Coverage Status](https://coveralls.io/repos/d2g/dhcp4client/badge.svg?branch=HEAD)](https://coveralls.io/r/d2g/dhcp4client?branch=HEAD) [![Codeship Status for d2g/dhcp4client](https://codeship.com/projects/d75d9860-b364-0132-bc79-7e1d8cf367b9/status?branch=master)](https://codeship.com/projects/70187)
 ===========
 DHCP Client
 ###### Thanks to:
@eyakubovich For AF_PACKET support.
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/client.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/client.go
@ -1,366 +0,0 @@
 package dhcp4client
 import (
 	"bytes"
 	"crypto/rand"
 	"net"
 	"time"
 	"github.com/d2g/dhcp4"
 )
 const (
 	MaxDHCPLen = 576
 )
 type Client struct {
 	hardwareAddr  net.HardwareAddr //The HardwareAddr to send in the request.
 	ignoreServers []net.IP         //List of Servers to Ignore requests from.
 	timeout       time.Duration    //Time before we timeout.
 	broadcast     bool             //Set the Bcast flag in BOOTP Flags
 	connection    connection       //The Connection Method to use
 }
 /*
 * Abstracts the type of underlying socket used
 */
 type connection interface {
 	Close() error
 	Write(packet []byte) error
 	ReadFrom() ([]byte, net.IP, error)
 	SetReadTimeout(t time.Duration) error
 }
 func New(options ...func(*Client) error) (*Client, error) {
 	c := Client{
 		timeout:   time.Second * 10,
 		broadcast: true,
 	}
 	err := c.SetOption(options...)
 	if err != nil {
 		return nil, err
 	}
 	//if connection hasn't been set as an option create the default.
 	if c.connection == nil {
 		conn, err := NewInetSock()
 		if err != nil {
 			return nil, err
 		}
 		c.connection = conn
 	}
 	return &c, nil
 }
 func (c *Client) SetOption(options ...func(*Client) error) error {
 	for _, opt := range options {
 		if err := opt(c); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func Timeout(t time.Duration) func(*Client) error {
 	return func(c *Client) error {
 		c.timeout = t
 		return nil
 	}
 }
 func IgnoreServers(s []net.IP) func(*Client) error {
 	return func(c *Client) error {
 		c.ignoreServers = s
 		return nil
 	}
 }
 func HardwareAddr(h net.HardwareAddr) func(*Client) error {
 	return func(c *Client) error {
 		c.hardwareAddr = h
 		return nil
 	}
 }
 func Broadcast(b bool) func(*Client) error {
 	return func(c *Client) error {
 		c.broadcast = b
 		return nil
 	}
 }
 func Connection(conn connection) func(*Client) error {
 	return func(c *Client) error {
 		c.connection = conn
 		return nil
 	}
 }
 /*
 * Close Connections
 */
 func (c *Client) Close() error {
 	if c.connection != nil {
 		return c.connection.Close()
 	}
 	return nil
 }
 /*
 * Send the Discovery Packet to the Broadcast Channel
 */
 func (c *Client) SendDiscoverPacket() (dhcp4.Packet, error) {
 	discoveryPacket := c.DiscoverPacket()
 	discoveryPacket.PadToMinSize()
 	return discoveryPacket, c.SendPacket(discoveryPacket)
 }
 /*
 * Retreive Offer...
 * Wait for the offer for a specific Discovery Packet.
 */
 func (c *Client) GetOffer(discoverPacket *dhcp4.Packet) (dhcp4.Packet, error) {
 	for {
 		c.connection.SetReadTimeout(c.timeout)
 		readBuffer, source, err := c.connection.ReadFrom()
 		if err != nil {
 			return dhcp4.Packet{}, err
 		}
 		offerPacket := dhcp4.Packet(readBuffer)
 		offerPacketOptions := offerPacket.ParseOptions()
 		// Ignore Servers in my Ignore list
 		for _, ignoreServer := range c.ignoreServers {
 			if source.Equal(ignoreServer) {
 				continue
 			}
 			if offerPacket.SIAddr().Equal(ignoreServer) {
 				continue
 			}
 		}
 		if len(offerPacketOptions[dhcp4.OptionDHCPMessageType]) < 1 || dhcp4.MessageType(offerPacketOptions[dhcp4.OptionDHCPMessageType][0]) != dhcp4.Offer || !bytes.Equal(discoverPacket.XId(), offerPacket.XId()) {
 			continue
 		}
 		return offerPacket, nil
 	}
 }
 /*
 * Send Request Based On the offer Received.
 */
 func (c *Client) SendRequest(offerPacket *dhcp4.Packet) (dhcp4.Packet, error) {
 	requestPacket := c.RequestPacket(offerPacket)
 	requestPacket.PadToMinSize()
 	return requestPacket, c.SendPacket(requestPacket)
 }
 /*
 * Retreive Acknowledgement
 * Wait for the offer for a specific Request Packet.
 */
 func (c *Client) GetAcknowledgement(requestPacket *dhcp4.Packet) (dhcp4.Packet, error) {
 	for {
 		c.connection.SetReadTimeout(c.timeout)
 		readBuffer, source, err := c.connection.ReadFrom()
 		if err != nil {
 			return dhcp4.Packet{}, err
 		}
 		acknowledgementPacket := dhcp4.Packet(readBuffer)
 		acknowledgementPacketOptions := acknowledgementPacket.ParseOptions()
 		// Ignore Servers in my Ignore list
 		for _, ignoreServer := range c.ignoreServers {
 			if source.Equal(ignoreServer) {
 				continue
 			}
 			if acknowledgementPacket.SIAddr().Equal(ignoreServer) {
 				continue
 			}
 		}
 		if !bytes.Equal(requestPacket.XId(), acknowledgementPacket.XId()) || len(acknowledgementPacketOptions[dhcp4.OptionDHCPMessageType]) < 1 || (dhcp4.MessageType(acknowledgementPacketOptions[dhcp4.OptionDHCPMessageType][0]) != dhcp4.ACK && dhcp4.MessageType(acknowledgementPacketOptions[dhcp4.OptionDHCPMessageType][0]) != dhcp4.NAK) {
 			continue
 		}
 		return acknowledgementPacket, nil
 	}
 }
 /*
 * Send a DHCP Packet.
 */
 func (c *Client) SendPacket(packet dhcp4.Packet) error {
 	return c.connection.Write(packet)
 }
 /*
 * Create Discover Packet
 */
 func (c *Client) DiscoverPacket() dhcp4.Packet {
 	messageid := make([]byte, 4)
 	if _, err := rand.Read(messageid); err != nil {
 		panic(err)
 	}
 	packet := dhcp4.NewPacket(dhcp4.BootRequest)
 	packet.SetCHAddr(c.hardwareAddr)
 	packet.SetXId(messageid)
 	packet.SetBroadcast(c.broadcast)
 	packet.AddOption(dhcp4.OptionDHCPMessageType, []byte{byte(dhcp4.Discover)})
 	//packet.PadToMinSize()
 	return packet
 }
 /*
 * Create Request Packet
 */
 func (c *Client) RequestPacket(offerPacket *dhcp4.Packet) dhcp4.Packet {
 	offerOptions := offerPacket.ParseOptions()
 	packet := dhcp4.NewPacket(dhcp4.BootRequest)
 	packet.SetCHAddr(c.hardwareAddr)
 	packet.SetXId(offerPacket.XId())
 	packet.SetCIAddr(offerPacket.CIAddr())
 	packet.SetSIAddr(offerPacket.SIAddr())
 	packet.SetBroadcast(c.broadcast)
 	packet.AddOption(dhcp4.OptionDHCPMessageType, []byte{byte(dhcp4.Request)})
 	packet.AddOption(dhcp4.OptionRequestedIPAddress, (offerPacket.YIAddr()).To4())
 	packet.AddOption(dhcp4.OptionServerIdentifier, offerOptions[dhcp4.OptionServerIdentifier])
 	//packet.PadToMinSize()
 	return packet
 }
 /*
 * Create Request Packet For a Renew
 */
 func (c *Client) RenewalRequestPacket(acknowledgement *dhcp4.Packet) dhcp4.Packet {
 	messageid := make([]byte, 4)
 	if _, err := rand.Read(messageid); err != nil {
 		panic(err)
 	}
 	acknowledgementOptions := acknowledgement.ParseOptions()
 	packet := dhcp4.NewPacket(dhcp4.BootRequest)
 	packet.SetCHAddr(acknowledgement.CHAddr())
 	packet.SetXId(messageid)
 	packet.SetCIAddr(acknowledgement.YIAddr())
 	packet.SetSIAddr(acknowledgement.SIAddr())
 	packet.SetBroadcast(c.broadcast)
 	packet.AddOption(dhcp4.OptionDHCPMessageType, []byte{byte(dhcp4.Request)})
 	packet.AddOption(dhcp4.OptionRequestedIPAddress, (acknowledgement.YIAddr()).To4())
 	packet.AddOption(dhcp4.OptionServerIdentifier, acknowledgementOptions[dhcp4.OptionServerIdentifier])
 	//packet.PadToMinSize()
 	return packet
 }
 /*
 * Create Release Packet For a Release
 */
 func (c *Client) ReleasePacket(acknowledgement *dhcp4.Packet) dhcp4.Packet {
 	messageid := make([]byte, 4)
 	if _, err := rand.Read(messageid); err != nil {
 		panic(err)
 	}
 	acknowledgementOptions := acknowledgement.ParseOptions()
 	packet := dhcp4.NewPacket(dhcp4.BootRequest)
 	packet.SetCHAddr(acknowledgement.CHAddr())
 	packet.SetXId(messageid)
 	packet.SetCIAddr(acknowledgement.YIAddr())
 	packet.AddOption(dhcp4.OptionDHCPMessageType, []byte{byte(dhcp4.Release)})
 	packet.AddOption(dhcp4.OptionServerIdentifier, acknowledgementOptions[dhcp4.OptionServerIdentifier])
 	//packet.PadToMinSize()
 	return packet
 }
 /*
 * Lets do a Full DHCP Request.
 */
 func (c *Client) Request() (bool, dhcp4.Packet, error) {
 	discoveryPacket, err := c.SendDiscoverPacket()
 	if err != nil {
 		return false, discoveryPacket, err
 	}
 	offerPacket, err := c.GetOffer(&discoveryPacket)
 	if err != nil {
 		return false, offerPacket, err
 	}
 	requestPacket, err := c.SendRequest(&offerPacket)
 	if err != nil {
 		return false, requestPacket, err
 	}
 	acknowledgement, err := c.GetAcknowledgement(&requestPacket)
 	if err != nil {
 		return false, acknowledgement, err
 	}
 	acknowledgementOptions := acknowledgement.ParseOptions()
 	if dhcp4.MessageType(acknowledgementOptions[dhcp4.OptionDHCPMessageType][0]) != dhcp4.ACK {
 		return false, acknowledgement, nil
 	}
 	return true, acknowledgement, nil
 }
 /*
 * Renew a lease backed on the Acknowledgement Packet.
 * Returns Sucessfull, The AcknoledgementPacket, Any Errors
 */
 func (c *Client) Renew(acknowledgement dhcp4.Packet) (bool, dhcp4.Packet, error) {
 	renewRequest := c.RenewalRequestPacket(&acknowledgement)
 	renewRequest.PadToMinSize()
 	err := c.SendPacket(renewRequest)
 	if err != nil {
 		return false, renewRequest, err
 	}
 	newAcknowledgement, err := c.GetAcknowledgement(&renewRequest)
 	if err != nil {
 		return false, newAcknowledgement, err
 	}
 	newAcknowledgementOptions := newAcknowledgement.ParseOptions()
 	if dhcp4.MessageType(newAcknowledgementOptions[dhcp4.OptionDHCPMessageType][0]) != dhcp4.ACK {
 		return false, newAcknowledgement, nil
 	}
 	return true, newAcknowledgement, nil
 }
 /*
 * Release a lease backed on the Acknowledgement Packet.
 * Returns Any Errors
 */
 func (c *Client) Release(acknowledgement dhcp4.Packet) error {
 	release := c.ReleasePacket(&acknowledgement)
 	release.PadToMinSize()
 	return c.SendPacket(release)
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/client_test.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/client_test.go
@ -1,69 +0,0 @@
 package dhcp4client
 import (
 	"log"
 	"net"
 	"testing"
 )
 /*
 * Example Client
 */
 func Test_ExampleClient(test *testing.T) {
 	var err error
 	m, err := net.ParseMAC("08-00-27-00-A8-E8")
 	if err != nil {
 		log.Printf("MAC Error:%v\n", err)
 	}
 	//Create a connection to use
 	//We need to set the connection ports to 1068 and 1067 so we don't need root access
 	c, err := NewInetSock(SetLocalAddr(net.UDPAddr{IP: net.IPv4(0, 0, 0, 0), Port: 1068}), SetRemoteAddr(net.UDPAddr{IP: net.IPv4bcast, Port: 1067}))
 	if err != nil {
 		test.Error("Client Conection Generation:" + err.Error())
 	}
 	exampleClient, err := New(HardwareAddr(m), Connection(c))
 	if err != nil {
 		test.Fatalf("Error:%v\n", err)
 	}
 	success, acknowledgementpacket, err := exampleClient.Request()
 	test.Logf("Success:%v\n", success)
 	test.Logf("Packet:%v\n", acknowledgementpacket)
 	if err != nil {
 		networkError, ok := err.(*net.OpError)
 		if ok && networkError.Timeout() {
 			test.Log("Test Skipping as it didn't find a DHCP Server")
 			test.SkipNow()
 		}
 		test.Fatalf("Error:%v\n", err)
 	}
 	if !success {
 		test.Error("We didn't sucessfully get a DHCP Lease?")
 	} else {
 		log.Printf("IP Received:%v\n", acknowledgementpacket.YIAddr().String())
 	}
 	test.Log("Start Renewing Lease")
 	success, acknowledgementpacket, err = exampleClient.Renew(acknowledgementpacket)
 	if err != nil {
 		networkError, ok := err.(*net.OpError)
 		if ok && networkError.Timeout() {
 			test.Log("Renewal Failed! Because it didn't find the DHCP server very Strange")
 			test.Errorf("Error" + err.Error())
 		}
 		test.Fatalf("Error:%v\n", err)
 	}
 	if !success {
 		test.Error("We didn't sucessfully Renew a DHCP Lease?")
 	} else {
 		log.Printf("IP Received:%v\n", acknowledgementpacket.YIAddr().String())
 	}
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/inetsock.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/inetsock.go
@ -1,75 +0,0 @@
 package dhcp4client
 import (
 	"net"
 	"time"
 )
 type inetSock struct {
 	*net.UDPConn
 	laddr net.UDPAddr
 	raddr net.UDPAddr
 }
 func NewInetSock(options ...func(*inetSock) error) (*inetSock, error) {
 	c := &inetSock{
 		laddr: net.UDPAddr{IP: net.IPv4(0, 0, 0, 0), Port: 68},
 		raddr: net.UDPAddr{IP: net.IPv4bcast, Port: 67},
 	}
 	err := c.setOption(options...)
 	if err != nil {
 		return nil, err
 	}
 	conn, err := net.ListenUDP("udp4", &c.laddr)
 	if err != nil {
 		return nil, err
 	}
 	c.UDPConn = conn
 	return c, err
 }
 func (c *inetSock) setOption(options ...func(*inetSock) error) error {
 	for _, opt := range options {
 		if err := opt(c); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func SetLocalAddr(l net.UDPAddr) func(*inetSock) error {
 	return func(c *inetSock) error {
 		c.laddr = l
 		return nil
 	}
 }
 func SetRemoteAddr(r net.UDPAddr) func(*inetSock) error {
 	return func(c *inetSock) error {
 		c.raddr = r
 		return nil
 	}
 }
 func (c *inetSock) Write(packet []byte) error {
 	_, err := c.WriteToUDP(packet, &c.raddr)
 	return err
 }
 func (c *inetSock) ReadFrom() ([]byte, net.IP, error) {
 	readBuffer := make([]byte, MaxDHCPLen)
 	n, source, err := c.ReadFromUDP(readBuffer)
 	if source != nil {
 		return readBuffer[:n], source.IP, err
 	} else {
 		return readBuffer[:n], net.IP{}, err
 	}
 }
 func (c *inetSock) SetReadTimeout(t time.Duration) error {
 	return c.SetReadDeadline(time.Now().Add(t))
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/init.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/init.go
@ -1,10 +0,0 @@
 package dhcp4client
 import (
 	"math/rand"
 	"time"
 )
 func init() {
 	rand.Seed(time.Now().Unix())
 }
--- a/Godeps/_workspace/src/github.com/d2g/dhcp4client/pktsock_linux.go
+++ b/Godeps/_workspace/src/github.com/d2g/dhcp4client/pktsock_linux.go
@ -1,147 +0,0 @@
 package dhcp4client
 import (
 	"crypto/rand"
 	"encoding/binary"
 	"net"
 	"time"
 	"golang.org/x/sys/unix"
 )
 const (
 	minIPHdrLen = 20
 	maxIPHdrLen = 60
 	udpHdrLen   = 8
 	ip4Ver      = 0x40
 	ttl         = 16
 	srcPort     = 68
 	dstPort     = 67
 )
 var (
 	bcastMAC = []byte{255, 255, 255, 255, 255, 255}
 )
 // abstracts AF_PACKET
 type packetSock struct {
 	fd      int
 	ifindex int
 }
 func NewPacketSock(ifindex int) (*packetSock, error) {
 	fd, err := unix.Socket(unix.AF_PACKET, unix.SOCK_DGRAM, int(swap16(unix.ETH_P_IP)))
 	if err != nil {
 		return nil, err
 	}
 	addr := unix.SockaddrLinklayer{
 		Ifindex:  ifindex,
 		Protocol: swap16(unix.ETH_P_IP),
 	}
 	if err = unix.Bind(fd, &addr); err != nil {
 		return nil, err
 	}
 	return &packetSock{
 		fd:      fd,
 		ifindex: ifindex,
 	}, nil
 }
 func (pc *packetSock) Close() error {
 	return unix.Close(pc.fd)
 }
 func (pc *packetSock) Write(packet []byte) error {
 	lladdr := unix.SockaddrLinklayer{
 		Ifindex:  pc.ifindex,
 		Protocol: swap16(unix.ETH_P_IP),
 		Halen:    uint8(len(bcastMAC)),
 	}
 	copy(lladdr.Addr[:], bcastMAC)
 	pkt := make([]byte, minIPHdrLen+udpHdrLen+len(packet))
 	fillIPHdr(pkt[0:minIPHdrLen], udpHdrLen+uint16(len(packet)))
 	fillUDPHdr(pkt[minIPHdrLen:minIPHdrLen+udpHdrLen], uint16(len(packet)))
 	// payload
 	copy(pkt[minIPHdrLen+udpHdrLen:len(pkt)], packet)
 	return unix.Sendto(pc.fd, pkt, 0, &lladdr)
 }
 func (pc *packetSock) ReadFrom() ([]byte, net.IP, error) {
 	pkt := make([]byte, maxIPHdrLen+udpHdrLen+MaxDHCPLen)
 	n, _, err := unix.Recvfrom(pc.fd, pkt, 0)
 	if err != nil {
 		return nil, nil, err
 	}
 	// IP hdr len
 	ihl := int(pkt[0]&0x0F) * 4
 	// Source IP address
 	src := net.IP(pkt[12:16])
 	return pkt[ihl+udpHdrLen : n], src, nil
 }
 func (pc *packetSock) SetReadTimeout(t time.Duration) error {
 	tv := unix.NsecToTimeval(t.Nanoseconds())
 	return unix.SetsockoptTimeval(pc.fd, unix.SOL_SOCKET, unix.SO_RCVTIMEO, &tv)
 }
 // compute's 1's complement checksum
 func chksum(p []byte, csum []byte) {
 	cklen := len(p)
 	s := uint32(0)
 	for i := 0; i < (cklen - 1); i += 2 {
 		s += uint32(p[i+1])<<8 | uint32(p[i])
 	}
 	if cklen&1 == 1 {
 		s += uint32(p[cklen-1])
 	}
 	s = (s >> 16) + (s & 0xffff)
 	s = s + (s >> 16)
 	s = ^s
 	csum[0] = uint8(s & 0xff)
 	csum[1] = uint8(s >> 8)
 }
 func fillIPHdr(hdr []byte, payloadLen uint16) {
 	// version + IHL
 	hdr[0] = ip4Ver | (minIPHdrLen / 4)
 	// total length
 	binary.BigEndian.PutUint16(hdr[2:4], uint16(len(hdr))+payloadLen)
 	// identification
 	if _, err := rand.Read(hdr[4:5]); err != nil {
 		panic(err)
 	}
 	// TTL
 	hdr[8] = 16
 	// Protocol
 	hdr[9] = unix.IPPROTO_UDP
 	// dst IP
 	copy(hdr[16:20], net.IPv4bcast.To4())
 	// compute IP hdr checksum
 	chksum(hdr[0:len(hdr)], hdr[10:12])
 }
 func fillUDPHdr(hdr []byte, payloadLen uint16) {
 	// src port
 	binary.BigEndian.PutUint16(hdr[0:2], srcPort)
 	// dest port
 	binary.BigEndian.PutUint16(hdr[2:4], dstPort)
 	// length
 	binary.BigEndian.PutUint16(hdr[4:6], udpHdrLen+payloadLen)
 }
 func swap16(x uint16) uint16 {
 	var b [2]byte
 	binary.BigEndian.PutUint16(b[:], x)
 	return binary.LittleEndian.Uint16(b[:])
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/.travis.yml
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/.travis.yml
@ -1,3 +0,0 @@
 language: go
 install:
      - go get github.com/vishvananda/netns
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/LICENSE
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/LICENSE
@ -1,192 +0,0 @@
                                 Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/
   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
   1. Definitions.
      "License" shall mean the terms and conditions for use, reproduction,
      and distribution as defined by Sections 1 through 9 of this document.
      "Licensor" shall mean the copyright owner or entity authorized by
      the copyright owner that is granting the License.
      "Legal Entity" shall mean the union of the acting entity and all
      other entities that control, are controlled by, or are under common
      control with that entity. For the purposes of this definition,
      "control" means (i) the power, direct or indirect, to cause the
      direction or management of such entity, whether by contract or
      otherwise, or (ii) ownership of fifty percent (50%) or more of the
      outstanding shares, or (iii) beneficial ownership of such entity.
      "You" (or "Your") shall mean an individual or Legal Entity
      exercising permissions granted by this License.
      "Source" form shall mean the preferred form for making modifications,
      including but not limited to software source code, documentation
      source, and configuration files.
      "Object" form shall mean any form resulting from mechanical
      transformation or translation of a Source form, including but
      not limited to compiled object code, generated documentation,
      and conversions to other media types.
      "Work" shall mean the work of authorship, whether in Source or
      Object form, made available under the License, as indicated by a
      copyright notice that is included in or attached to the work
      (an example is provided in the Appendix below).
      "Derivative Works" shall mean any work, whether in Source or Object
      form, that is based on (or derived from) the Work and for which the
      editorial revisions, annotations, elaborations, or other modifications
      represent, as a whole, an original work of authorship. For the purposes
      of this License, Derivative Works shall not include works that remain
      separable from, or merely link (or bind by name) to the interfaces of,
      the Work and Derivative Works thereof.
      "Contribution" shall mean any work of authorship, including
      the original version of the Work and any modifications or additions
      to that Work or Derivative Works thereof, that is intentionally
      submitted to Licensor for inclusion in the Work by the copyright owner
      or by an individual or Legal Entity authorized to submit on behalf of
      the copyright owner. For the purposes of this definition, "submitted"
      means any form of electronic, verbal, or written communication sent
      to the Licensor or its representatives, including but not limited to
      communication on electronic mailing lists, source code control systems,
      and issue tracking systems that are managed by, or on behalf of, the
      Licensor for the purpose of discussing and improving the Work, but
      excluding communication that is conspicuously marked or otherwise
      designated in writing by the copyright owner as "Not a Contribution."
      "Contributor" shall mean Licensor and any individual or Legal Entity
      on behalf of whom a Contribution has been received by Licensor and
      subsequently incorporated within the Work.
   2. Grant of Copyright License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      copyright license to reproduce, prepare Derivative Works of,
      publicly display, publicly perform, sublicense, and distribute the
      Work and such Derivative Works in Source or Object form.
   3. Grant of Patent License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      (except as stated in this section) patent license to make, have made,
      use, offer to sell, sell, import, and otherwise transfer the Work,
      where such license applies only to those patent claims licensable
      by such Contributor that are necessarily infringed by their
      Contribution(s) alone or by combination of their Contribution(s)
      with the Work to which such Contribution(s) was submitted. If You
      institute patent litigation against any entity (including a
      cross-claim or counterclaim in a lawsuit) alleging that the Work
      or a Contribution incorporated within the Work constitutes direct
      or contributory patent infringement, then any patent licenses
      granted to You under this License for that Work shall terminate
      as of the date such litigation is filed.
   4. Redistribution. You may reproduce and distribute copies of the
      Work or Derivative Works thereof in any medium, with or without
      modifications, and in Source or Object form, provided that You
      meet the following conditions:
      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and
      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and
      (c) You must retain, in the Source form of any Derivative Works
          that You distribute, all copyright, patent, trademark, and
          attribution notices from the Source form of the Work,
          excluding those notices that do not pertain to any part of
          the Derivative Works; and
      (d) If the Work includes a "NOTICE" text file as part of its
          distribution, then any Derivative Works that You distribute must
          include a readable copy of the attribution notices contained
          within such NOTICE file, excluding those notices that do not
          pertain to any part of the Derivative Works, in at least one
          of the following places: within a NOTICE text file distributed
          as part of the Derivative Works; within the Source form or
          documentation, if provided along with the Derivative Works; or,
          within a display generated by the Derivative Works, if and
          wherever such third-party notices normally appear. The contents
          of the NOTICE file are for informational purposes only and
          do not modify the License. You may add Your own attribution
          notices within Derivative Works that You distribute, alongside
          or as an addendum to the NOTICE text from the Work, provided
          that such additional attribution notices cannot be construed
          as modifying the License.
      You may add Your own copyright statement to Your modifications and
      may provide additional or different license terms and conditions
      for use, reproduction, or distribution of Your modifications, or
      for any such Derivative Works as a whole, provided Your use,
      reproduction, and distribution of the Work otherwise complies with
      the conditions stated in this License.
   5. Submission of Contributions. Unless You explicitly state otherwise,
      any Contribution intentionally submitted for inclusion in the Work
      by You to the Licensor shall be under the terms and conditions of
      this License, without any additional terms or conditions.
      Notwithstanding the above, nothing herein shall supersede or modify
      the terms of any separate license agreement you may have executed
      with Licensor regarding such Contributions.
   6. Trademarks. This License does not grant permission to use the trade
      names, trademarks, service marks, or product names of the Licensor,
      except as required for reasonable and customary use in describing the
      origin of the Work and reproducing the content of the NOTICE file.
   7. Disclaimer of Warranty. Unless required by applicable law or
      agreed to in writing, Licensor provides the Work (and each
      Contributor provides its Contributions) on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
      implied, including, without limitation, any warranties or conditions
      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
      PARTICULAR PURPOSE. You are solely responsible for determining the
      appropriateness of using or redistributing the Work and assume any
      risks associated with Your exercise of permissions under this License.
   8. Limitation of Liability. In no event and under no legal theory,
      whether in tort (including negligence), contract, or otherwise,
      unless required by applicable law (such as deliberate and grossly
      negligent acts) or agreed to in writing, shall any Contributor be
      liable to You for damages, including any direct, indirect, special,
      incidental, or consequential damages of any character arising as a
      result of this License or out of the use or inability to use the
      Work (including but not limited to damages for loss of goodwill,
      work stoppage, computer failure or malfunction, or any and all
      other commercial damages or losses), even if such Contributor
      has been advised of the possibility of such damages.
   9. Accepting Warranty or Additional Liability. While redistributing
      the Work or Derivative Works thereof, You may choose to offer,
      and charge a fee for, acceptance of support, warranty, indemnity,
      or other liability obligations and/or rights consistent with this
      License. However, in accepting such obligations, You may act only
      on Your own behalf and on Your sole responsibility, not on behalf
      of any other Contributor, and only if You agree to indemnify,
      defend, and hold each Contributor harmless for any liability
      incurred by, or claims asserted against, such Contributor by reason
      of your accepting any such warranty or additional liability.
   END OF TERMS AND CONDITIONS
   Copyright 2014 Vishvananda Ishaya.
   Copyright 2014 Docker, Inc.
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at
       http://www.apache.org/licenses/LICENSE-2.0
   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/Makefile
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/Makefile
@ -1,29 +0,0 @@
 DIRS := \
 	. \
 	nl
 DEPS = \
 	github.com/vishvananda/netns
 uniq = $(if $1,$(firstword $1) $(call uniq,$(filter-out $(firstword $1),$1)))
 testdirs = $(call uniq,$(foreach d,$(1),$(dir $(wildcard $(d)/*_test.go))))
 goroot = $(addprefix ../../../,$(1))
 unroot = $(subst ../../../,,$(1))
 fmt = $(addprefix fmt-,$(1))
 all: fmt
 $(call goroot,$(DEPS)):
 	go get $(call unroot,$@)
 .PHONY: $(call testdirs,$(DIRS))
 $(call testdirs,$(DIRS)):
 	sudo -E go test -v github.com/vishvananda/netlink/$@
 $(call fmt,$(call testdirs,$(DIRS))):
 	! gofmt -l $(subst fmt-,,$@)/*.go | grep ''
 .PHONY: fmt
 fmt: $(call fmt,$(call testdirs,$(DIRS)))
 test: fmt $(call goroot,$(DEPS)) $(call testdirs,$(DIRS))
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/README.md
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/README.md
@ -1,83 +0,0 @@
 # netlink - netlink library for go #
 [![Build Status](https://travis-ci.org/vishvananda/netlink.png?branch=master)](https://travis-ci.org/vishvananda/netlink) [![GoDoc](https://godoc.org/github.com/vishvananda/netlink?status.svg)](https://godoc.org/github.com/vishvananda/netlink)
 The netlink package provides a simple netlink library for go. Netlink
 is the interface a user-space program in linux uses to communicate with
 the kernel. It can be used to add and remove interfaces, set ip addresses
 and routes, and configure ipsec. Netlink communication requires elevated
 privileges, so in most cases this code needs to be run as root. Since
 low-level netlink messages are inscrutable at best, the library attempts
 to provide an api that is loosely modeled on the CLI provied by iproute2.
 Actions like `ip link add` will be accomplished via a similarly named
 function like AddLink(). This library began its life as a fork of the
 netlink functionality in
 [docker/libcontainer](https://github.com/docker/libcontainer) but was
 heavily rewritten to improve testability, performance, and to add new
 functionality like ipsec xfrm handling.
 ## Local Build and Test ##
 You can use go get command:
    go get github.com/vishvananda/netlink
 Testing dependencies:
    go get github.com/vishvananda/netns
 Testing (requires root):
    sudo -E go test github.com/vishvananda/netlink
 ## Examples ##
 Add a new bridge and add eth1 into it:
 ```go
 package main
 import (
    "net"
    "github.com/vishvananda/netlink"
 )
 func main() {
    mybridge := &netlink.Bridge{netlink.LinkAttrs{Name: "foo"}}
    _ := netlink.LinkAdd(mybridge)
    eth1, _ := netlink.LinkByName("eth1")
    netlink.LinkSetMaster(eth1, mybridge)
 }
 ```
 Add a new ip address to loopback:
 ```go
 package main
 import (
    "net"
    "github.com/vishvananda/netlink"
 )
 func main() {
    lo, _ := netlink.LinkByName("lo")
    addr, _ := netlink.ParseAddr("169.254.169.254/32")
    netlink.AddrAdd(lo, addr)
 }
 ```
 ## Future Work ##
 Many pieces of netlink are not yet fully supported in the high-level
 interface. Aspects of virtually all of the high-level objects don't exist.
 Many of the underlying primitives are there, so its a matter of putting
 the right fields into the high-level objects and making sure that they
 are serialized and deserialized correctly in the Add and List methods.
 There are also a few pieces of low level netlink functionality that still
 need to be implemented. Routing rules are not in place and some of the
 more advanced link types. Hopefully there is decent structure and testing
 in place to make these fairly straightforward to add.
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/addr.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/addr.go
@ -1,43 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"net"
 	"strings"
 )
 // Addr represents an IP address from netlink. Netlink ip addresses
 // include a mask, so it stores the address as a net.IPNet.
 type Addr struct {
 	*net.IPNet
 	Label string
 }
 // String returns $ip/$netmask $label
 func (addr Addr) String() string {
 	return fmt.Sprintf("%s %s", addr.IPNet, addr.Label)
 }
 // ParseAddr parses the string representation of an address in the
 // form $ip/$netmask $label. The label portion is optional
 func ParseAddr(s string) (*Addr, error) {
 	label := ""
 	parts := strings.Split(s, " ")
 	if len(parts) > 1 {
 		s = parts[0]
 		label = parts[1]
 	}
 	m, err := ParseIPNet(s)
 	if err != nil {
 		return nil, err
 	}
 	return &Addr{IPNet: m, Label: label}, nil
 }
 // Equal returns true if both Addrs have the same net.IPNet value.
 func (a Addr) Equal(x Addr) bool {
 	sizea, _ := a.Mask.Size()
 	sizeb, _ := x.Mask.Size()
 	// ignore label for comparison
 	return a.IP.Equal(x.IP) && sizea == sizeb
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/addr_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/addr_linux.go
@ -1,114 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"net"
 	"strings"
 	"syscall"
 	"github.com/vishvananda/netlink/nl"
 )
 // AddrAdd will add an IP address to a link device.
 // Equivalent to: `ip addr add $addr dev $link`
 func AddrAdd(link Link, addr *Addr) error {
 	req := nl.NewNetlinkRequest(syscall.RTM_NEWADDR, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
 	return addrHandle(link, addr, req)
 }
 // AddrDel will delete an IP address from a link device.
 // Equivalent to: `ip addr del $addr dev $link`
 func AddrDel(link Link, addr *Addr) error {
 	req := nl.NewNetlinkRequest(syscall.RTM_DELADDR, syscall.NLM_F_ACK)
 	return addrHandle(link, addr, req)
 }
 func addrHandle(link Link, addr *Addr, req *nl.NetlinkRequest) error {
 	base := link.Attrs()
 	if addr.Label != "" && !strings.HasPrefix(addr.Label, base.Name) {
 		return fmt.Errorf("label must begin with interface name")
 	}
 	ensureIndex(base)
 	family := nl.GetIPFamily(addr.IP)
 	msg := nl.NewIfAddrmsg(family)
 	msg.Index = uint32(base.Index)
 	prefixlen, _ := addr.Mask.Size()
 	msg.Prefixlen = uint8(prefixlen)
 	req.AddData(msg)
 	var addrData []byte
 	if family == FAMILY_V4 {
 		addrData = addr.IP.To4()
 	} else {
 		addrData = addr.IP.To16()
 	}
 	localData := nl.NewRtAttr(syscall.IFA_LOCAL, addrData)
 	req.AddData(localData)
 	addressData := nl.NewRtAttr(syscall.IFA_ADDRESS, addrData)
 	req.AddData(addressData)
 	if addr.Label != "" {
 		labelData := nl.NewRtAttr(syscall.IFA_LABEL, nl.ZeroTerminated(addr.Label))
 		req.AddData(labelData)
 	}
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // AddrList gets a list of IP addresses in the system.
 // Equivalent to: `ip addr show`.
 // The list can be filtered by link and ip family.
 func AddrList(link Link, family int) ([]Addr, error) {
 	req := nl.NewNetlinkRequest(syscall.RTM_GETADDR, syscall.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWADDR)
 	if err != nil {
 		return nil, err
 	}
 	index := 0
 	if link != nil {
 		base := link.Attrs()
 		ensureIndex(base)
 		index = base.Index
 	}
 	res := make([]Addr, 0)
 	for _, m := range msgs {
 		msg := nl.DeserializeIfAddrmsg(m)
 		if link != nil && msg.Index != uint32(index) {
 			// Ignore messages from other interfaces
 			continue
 		}
 		attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 		if err != nil {
 			return nil, err
 		}
 		var addr Addr
 		for _, attr := range attrs {
 			switch attr.Attr.Type {
 			case syscall.IFA_ADDRESS:
 				addr.IPNet = &net.IPNet{
 					IP:   attr.Value,
 					Mask: net.CIDRMask(int(msg.Prefixlen), 8*len(attr.Value)),
 				}
 			case syscall.IFA_LABEL:
 				addr.Label = string(attr.Value[:len(attr.Value)-1])
 			}
 		}
 		res = append(res, addr)
 	}
 	return res, nil
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/addr_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/addr_test.go
@ -1,45 +0,0 @@
 package netlink
 import (
 	"testing"
 )
 func TestAddrAddDel(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	link, err := LinkByName("lo")
 	if err != nil {
 		t.Fatal(err)
 	}
 	addr, err := ParseAddr("127.1.1.1/24 local")
 	if err != nil {
 		t.Fatal(err)
 	}
 	if err = AddrAdd(link, addr); err != nil {
 		t.Fatal(err)
 	}
 	addrs, err := AddrList(link, FAMILY_ALL)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(addrs) != 1 || !addr.Equal(addrs[0]) || addrs[0].Label != addr.Label {
 		t.Fatal("Address not added properly")
 	}
 	if err = AddrDel(link, addr); err != nil {
 		t.Fatal(err)
 	}
 	addrs, err = AddrList(link, FAMILY_ALL)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(addrs) != 0 {
 		t.Fatal("Address not removed properly")
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/link.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/link.go
@ -1,193 +0,0 @@
 package netlink
 import "net"
 // Link represents a link device from netlink. Shared link attributes
 // like name may be retrieved using the Attrs() method. Unique data
 // can be retrieved by casting the object to the proper type.
 type Link interface {
 	Attrs() *LinkAttrs
 	Type() string
 }
 type (
 	NsPid int
 	NsFd  int
 )
 // LinkAttrs represents data shared by most link types
 type LinkAttrs struct {
 	Index        int
 	MTU          int
 	TxQLen       uint32 // Transmit Queue Length
 	Name         string
 	HardwareAddr net.HardwareAddr
 	Flags        net.Flags
 	ParentIndex  int         // index of the parent link device
 	MasterIndex  int         // must be the index of a bridge
 	Namespace    interface{} // nil | NsPid | NsFd
 }
 // Device links cannot be created via netlink. These links
 // are links created by udev like 'lo' and 'etho0'
 type Device struct {
 	LinkAttrs
 }
 func (device *Device) Attrs() *LinkAttrs {
 	return &device.LinkAttrs
 }
 func (device *Device) Type() string {
 	return "device"
 }
 // Dummy links are dummy ethernet devices
 type Dummy struct {
 	LinkAttrs
 }
 func (dummy *Dummy) Attrs() *LinkAttrs {
 	return &dummy.LinkAttrs
 }
 func (dummy *Dummy) Type() string {
 	return "dummy"
 }
 // Bridge links are simple linux bridges
 type Bridge struct {
 	LinkAttrs
 }
 func (bridge *Bridge) Attrs() *LinkAttrs {
 	return &bridge.LinkAttrs
 }
 func (bridge *Bridge) Type() string {
 	return "bridge"
 }
 // Vlan links have ParentIndex set in their Attrs()
 type Vlan struct {
 	LinkAttrs
 	VlanId int
 }
 func (vlan *Vlan) Attrs() *LinkAttrs {
 	return &vlan.LinkAttrs
 }
 func (vlan *Vlan) Type() string {
 	return "vlan"
 }
 type MacvlanMode uint16
 const (
 	MACVLAN_MODE_DEFAULT MacvlanMode = iota
 	MACVLAN_MODE_PRIVATE
 	MACVLAN_MODE_VEPA
 	MACVLAN_MODE_BRIDGE
 	MACVLAN_MODE_PASSTHRU
 	MACVLAN_MODE_SOURCE
 )
 // Macvlan links have ParentIndex set in their Attrs()
 type Macvlan struct {
 	LinkAttrs
 	Mode MacvlanMode
 }
 func (macvlan *Macvlan) Attrs() *LinkAttrs {
 	return &macvlan.LinkAttrs
 }
 func (macvlan *Macvlan) Type() string {
 	return "macvlan"
 }
 // Veth devices must specify PeerName on create
 type Veth struct {
 	LinkAttrs
 	PeerName string // veth on create only
 }
 func (veth *Veth) Attrs() *LinkAttrs {
 	return &veth.LinkAttrs
 }
 func (veth *Veth) Type() string {
 	return "veth"
 }
 // Generic links represent types that are not currently understood
 // by this netlink library.
 type Generic struct {
 	LinkAttrs
 	LinkType string
 }
 func (generic *Generic) Attrs() *LinkAttrs {
 	return &generic.LinkAttrs
 }
 func (generic *Generic) Type() string {
 	return generic.LinkType
 }
 type Vxlan struct {
 	LinkAttrs
 	VxlanId      int
 	VtepDevIndex int
 	SrcAddr      net.IP
 	Group        net.IP
 	TTL          int
 	TOS          int
 	Learning     bool
 	Proxy        bool
 	RSC          bool
 	L2miss       bool
 	L3miss       bool
 	NoAge        bool
 	Age          int
 	Limit        int
 	Port         int
 	PortLow      int
 	PortHigh     int
 }
 func (vxlan *Vxlan) Attrs() *LinkAttrs {
 	return &vxlan.LinkAttrs
 }
 func (vxlan *Vxlan) Type() string {
 	return "vxlan"
 }
 type IPVlanMode uint16
 const (
 	IPVLAN_MODE_L2 IPVlanMode = iota
 	IPVLAN_MODE_L3
 	IPVLAN_MODE_MAX
 )
 type IPVlan struct {
 	LinkAttrs
 	Mode IPVlanMode
 }
 func (ipvlan *IPVlan) Attrs() *LinkAttrs {
 	return &ipvlan.LinkAttrs
 }
 func (ipvlan *IPVlan) Type() string {
 	return "ipvlan"
 }
 // iproute2 supported devices;
 // vlan | veth | vcan | dummy | ifb | macvlan | macvtap |
 // bridge | bond | ipoib | ip6tnl | ipip | sit | vxlan |
 // gre | gretap | ip6gre | ip6gretap | vti | nlmon |
 // bond_slave | ipvlan
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/link_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/link_linux.go
@ -1,749 +0,0 @@
 package netlink
 import (
 	"bytes"
 	"encoding/binary"
 	"fmt"
 	"net"
 	"syscall"
 	"github.com/vishvananda/netlink/nl"
 )
 var native = nl.NativeEndian()
 var lookupByDump = false
 var macvlanModes = [...]uint32{
 	0,
 	nl.MACVLAN_MODE_PRIVATE,
 	nl.MACVLAN_MODE_VEPA,
 	nl.MACVLAN_MODE_BRIDGE,
 	nl.MACVLAN_MODE_PASSTHRU,
 	nl.MACVLAN_MODE_SOURCE,
 }
 func ensureIndex(link *LinkAttrs) {
 	if link != nil && link.Index == 0 {
 		newlink, _ := LinkByName(link.Name)
 		if newlink != nil {
 			link.Index = newlink.Attrs().Index
 		}
 	}
 }
 // LinkSetUp enables the link device.
 // Equivalent to: `ip link set $link up`
 func LinkSetUp(link Link) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_NEWLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Change = syscall.IFF_UP
 	msg.Flags = syscall.IFF_UP
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetUp disables link device.
 // Equivalent to: `ip link set $link down`
 func LinkSetDown(link Link) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_NEWLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Change = syscall.IFF_UP
 	msg.Flags = 0 & ^syscall.IFF_UP
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetMTU sets the mtu of the link device.
 // Equivalent to: `ip link set $link mtu $mtu`
 func LinkSetMTU(link Link, mtu int) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(mtu))
 	data := nl.NewRtAttr(syscall.IFLA_MTU, b)
 	req.AddData(data)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetName sets the name of the link device.
 // Equivalent to: `ip link set $link name $name`
 func LinkSetName(link Link, name string) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	data := nl.NewRtAttr(syscall.IFLA_IFNAME, []byte(name))
 	req.AddData(data)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetHardwareAddr sets the hardware address of the link device.
 // Equivalent to: `ip link set $link address $hwaddr`
 func LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	data := nl.NewRtAttr(syscall.IFLA_ADDRESS, []byte(hwaddr))
 	req.AddData(data)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetMaster sets the master of the link device.
 // Equivalent to: `ip link set $link master $master`
 func LinkSetMaster(link Link, master *Bridge) error {
 	index := 0
 	if master != nil {
 		masterBase := master.Attrs()
 		ensureIndex(masterBase)
 		index = masterBase.Index
 	}
 	return LinkSetMasterByIndex(link, index)
 }
 // LinkSetMasterByIndex sets the master of the link device.
 // Equivalent to: `ip link set $link master $master`
 func LinkSetMasterByIndex(link Link, masterIndex int) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(masterIndex))
 	data := nl.NewRtAttr(syscall.IFLA_MASTER, b)
 	req.AddData(data)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetNsPid puts the device into a new network namespace. The
 // pid must be a pid of a running process.
 // Equivalent to: `ip link set $link netns $pid`
 func LinkSetNsPid(link Link, nspid int) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(nspid))
 	data := nl.NewRtAttr(syscall.IFLA_NET_NS_PID, b)
 	req.AddData(data)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // LinkSetNsPid puts the device into a new network namespace. The
 // fd must be an open file descriptor to a network namespace.
 // Similar to: `ip link set $link netns $ns`
 func LinkSetNsFd(link Link, fd int) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(fd))
 	data := nl.NewRtAttr(nl.IFLA_NET_NS_FD, b)
 	req.AddData(data)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 func boolAttr(val bool) []byte {
 	var v uint8
 	if val {
 		v = 1
 	}
 	return nl.Uint8Attr(v)
 }
 type vxlanPortRange struct {
 	Lo, Hi uint16
 }
 func addVxlanAttrs(vxlan *Vxlan, linkInfo *nl.RtAttr) {
 	data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_ID, nl.Uint32Attr(uint32(vxlan.VxlanId)))
 	if vxlan.VtepDevIndex != 0 {
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_LINK, nl.Uint32Attr(uint32(vxlan.VtepDevIndex)))
 	}
 	if vxlan.SrcAddr != nil {
 		ip := vxlan.SrcAddr.To4()
 		if ip != nil {
 			nl.NewRtAttrChild(data, nl.IFLA_VXLAN_LOCAL, []byte(ip))
 		} else {
 			ip = vxlan.SrcAddr.To16()
 			if ip != nil {
 				nl.NewRtAttrChild(data, nl.IFLA_VXLAN_LOCAL6, []byte(ip))
 			}
 		}
 	}
 	if vxlan.Group != nil {
 		group := vxlan.Group.To4()
 		if group != nil {
 			nl.NewRtAttrChild(data, nl.IFLA_VXLAN_GROUP, []byte(group))
 		} else {
 			group = vxlan.Group.To16()
 			if group != nil {
 				nl.NewRtAttrChild(data, nl.IFLA_VXLAN_GROUP6, []byte(group))
 			}
 		}
 	}
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_TTL, nl.Uint8Attr(uint8(vxlan.TTL)))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_TOS, nl.Uint8Attr(uint8(vxlan.TOS)))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_LEARNING, boolAttr(vxlan.Learning))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_PROXY, boolAttr(vxlan.Proxy))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_RSC, boolAttr(vxlan.RSC))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_L2MISS, boolAttr(vxlan.L2miss))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_L3MISS, boolAttr(vxlan.L3miss))
 	if vxlan.NoAge {
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_AGEING, nl.Uint32Attr(0))
 	} else if vxlan.Age > 0 {
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_AGEING, nl.Uint32Attr(uint32(vxlan.Age)))
 	}
 	if vxlan.Limit > 0 {
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_LIMIT, nl.Uint32Attr(uint32(vxlan.Limit)))
 	}
 	if vxlan.Port > 0 {
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_PORT, nl.Uint16Attr(uint16(vxlan.Port)))
 	}
 	if vxlan.PortLow > 0 || vxlan.PortHigh > 0 {
 		pr := vxlanPortRange{uint16(vxlan.PortLow), uint16(vxlan.PortHigh)}
 		buf := new(bytes.Buffer)
 		binary.Write(buf, binary.BigEndian, &pr)
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_PORT_RANGE, buf.Bytes())
 	}
 }
 // LinkAdd adds a new link device. The type and features of the device
 // are taken fromt the parameters in the link object.
 // Equivalent to: `ip link add $link`
 func LinkAdd(link Link) error {
 	// TODO: set mtu and hardware address
 	// TODO: support extra data for macvlan
 	base := link.Attrs()
 	if base.Name == "" {
 		return fmt.Errorf("LinkAttrs.Name cannot be empty!")
 	}
 	req := nl.NewNetlinkRequest(syscall.RTM_NEWLINK, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	req.AddData(msg)
 	if base.ParentIndex != 0 {
 		b := make([]byte, 4)
 		native.PutUint32(b, uint32(base.ParentIndex))
 		data := nl.NewRtAttr(syscall.IFLA_LINK, b)
 		req.AddData(data)
 	} else if link.Type() == "ipvlan" {
 		return fmt.Errorf("Can't create ipvlan link without ParentIndex")
 	}
 	nameData := nl.NewRtAttr(syscall.IFLA_IFNAME, nl.ZeroTerminated(base.Name))
 	req.AddData(nameData)
 	if base.MTU > 0 {
 		mtu := nl.NewRtAttr(syscall.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))
 		req.AddData(mtu)
 	}
 	if base.Namespace != nil {
 		var attr *nl.RtAttr
 		switch base.Namespace.(type) {
 		case NsPid:
 			val := nl.Uint32Attr(uint32(base.Namespace.(NsPid)))
 			attr = nl.NewRtAttr(syscall.IFLA_NET_NS_PID, val)
 		case NsFd:
 			val := nl.Uint32Attr(uint32(base.Namespace.(NsFd)))
 			attr = nl.NewRtAttr(nl.IFLA_NET_NS_FD, val)
 		}
 		req.AddData(attr)
 	}
 	linkInfo := nl.NewRtAttr(syscall.IFLA_LINKINFO, nil)
 	nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_KIND, nl.NonZeroTerminated(link.Type()))
 	nl.NewRtAttrChild(linkInfo, syscall.IFLA_TXQLEN, nl.Uint32Attr(base.TxQLen))
 	if vlan, ok := link.(*Vlan); ok {
 		b := make([]byte, 2)
 		native.PutUint16(b, uint16(vlan.VlanId))
 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 		nl.NewRtAttrChild(data, nl.IFLA_VLAN_ID, b)
 	} else if veth, ok := link.(*Veth); ok {
 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 		peer := nl.NewRtAttrChild(data, nl.VETH_INFO_PEER, nil)
 		nl.NewIfInfomsgChild(peer, syscall.AF_UNSPEC)
 		nl.NewRtAttrChild(peer, syscall.IFLA_IFNAME, nl.ZeroTerminated(veth.PeerName))
 		nl.NewRtAttrChild(peer, syscall.IFLA_TXQLEN, nl.Uint32Attr(base.TxQLen))
 		if base.MTU > 0 {
 			nl.NewRtAttrChild(peer, syscall.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))
 		}
 	} else if vxlan, ok := link.(*Vxlan); ok {
 		addVxlanAttrs(vxlan, linkInfo)
 	} else if ipv, ok := link.(*IPVlan); ok {
 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 		nl.NewRtAttrChild(data, nl.IFLA_IPVLAN_MODE, nl.Uint16Attr(uint16(ipv.Mode)))
 	} else if macv, ok := link.(*Macvlan); ok {
 		if macv.Mode != MACVLAN_MODE_DEFAULT {
 			data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 			nl.NewRtAttrChild(data, nl.IFLA_MACVLAN_MODE, nl.Uint32Attr(macvlanModes[macv.Mode]))
 		}
 	}
 	req.AddData(linkInfo)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	if err != nil {
 		return err
 	}
 	ensureIndex(base)
 	// can't set master during create, so set it afterwards
 	if base.MasterIndex != 0 {
 		// TODO: verify MasterIndex is actually a bridge?
 		return LinkSetMasterByIndex(link, base.MasterIndex)
 	}
 	return nil
 }
 // LinkDel deletes link device. Either Index or Name must be set in
 // the link object for it to be deleted. The other values are ignored.
 // Equivalent to: `ip link del $link`
 func LinkDel(link Link) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_DELLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 func linkByNameDump(name string) (Link, error) {
 	links, err := LinkList()
 	if err != nil {
 		return nil, err
 	}
 	for _, link := range links {
 		if link.Attrs().Name == name {
 			return link, nil
 		}
 	}
 	return nil, fmt.Errorf("Link %s not found", name)
 }
 // LinkByName finds a link by name and returns a pointer to the object.
 func LinkByName(name string) (Link, error) {
 	if lookupByDump {
 		return linkByNameDump(name)
 	}
 	req := nl.NewNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	req.AddData(msg)
 	nameData := nl.NewRtAttr(syscall.IFLA_IFNAME, nl.ZeroTerminated(name))
 	req.AddData(nameData)
 	link, err := execGetLink(req)
 	if err == syscall.EINVAL {
 		// older kernels don't support looking up via IFLA_IFNAME
 		// so fall back to dumping all links
 		lookupByDump = true
 		return linkByNameDump(name)
 	}
 	return link, err
 }
 // LinkByIndex finds a link by index and returns a pointer to the object.
 func LinkByIndex(index int) (Link, error) {
 	req := nl.NewNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	msg.Index = int32(index)
 	req.AddData(msg)
 	return execGetLink(req)
 }
 func execGetLink(req *nl.NetlinkRequest) (Link, error) {
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	if err != nil {
 		if errno, ok := err.(syscall.Errno); ok {
 			if errno == syscall.ENODEV {
 				return nil, fmt.Errorf("Link not found")
 			}
 		}
 		return nil, err
 	}
 	switch {
 	case len(msgs) == 0:
 		return nil, fmt.Errorf("Link not found")
 	case len(msgs) == 1:
 		return linkDeserialize(msgs[0])
 	default:
 		return nil, fmt.Errorf("More than one link found")
 	}
 }
 // linkDeserialize deserializes a raw message received from netlink into
 // a link object.
 func linkDeserialize(m []byte) (Link, error) {
 	msg := nl.DeserializeIfInfomsg(m)
 	attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 	if err != nil {
 		return nil, err
 	}
 	base := LinkAttrs{Index: int(msg.Index), Flags: linkFlags(msg.Flags)}
 	var link Link
 	linkType := ""
 	for _, attr := range attrs {
 		switch attr.Attr.Type {
 		case syscall.IFLA_LINKINFO:
 			infos, err := nl.ParseRouteAttr(attr.Value)
 			if err != nil {
 				return nil, err
 			}
 			for _, info := range infos {
 				switch info.Attr.Type {
 				case nl.IFLA_INFO_KIND:
 					linkType = string(info.Value[:len(info.Value)-1])
 					switch linkType {
 					case "dummy":
 						link = &Dummy{}
 					case "bridge":
 						link = &Bridge{}
 					case "vlan":
 						link = &Vlan{}
 					case "veth":
 						link = &Veth{}
 					case "vxlan":
 						link = &Vxlan{}
 					case "ipvlan":
 						link = &IPVlan{}
 					case "macvlan":
 						link = &Macvlan{}
 					default:
 						link = &Generic{LinkType: linkType}
 					}
 				case nl.IFLA_INFO_DATA:
 					data, err := nl.ParseRouteAttr(info.Value)
 					if err != nil {
 						return nil, err
 					}
 					switch linkType {
 					case "vlan":
 						parseVlanData(link, data)
 					case "vxlan":
 						parseVxlanData(link, data)
 					case "ipvlan":
 						parseIPVlanData(link, data)
 					case "macvlan":
 						parseMacvlanData(link, data)
 					}
 				}
 			}
 		case syscall.IFLA_ADDRESS:
 			var nonzero bool
 			for _, b := range attr.Value {
 				if b != 0 {
 					nonzero = true
 				}
 			}
 			if nonzero {
 				base.HardwareAddr = attr.Value[:]
 			}
 		case syscall.IFLA_IFNAME:
 			base.Name = string(attr.Value[:len(attr.Value)-1])
 		case syscall.IFLA_MTU:
 			base.MTU = int(native.Uint32(attr.Value[0:4]))
 		case syscall.IFLA_LINK:
 			base.ParentIndex = int(native.Uint32(attr.Value[0:4]))
 		case syscall.IFLA_MASTER:
 			base.MasterIndex = int(native.Uint32(attr.Value[0:4]))
 		case syscall.IFLA_TXQLEN:
 			base.TxQLen = native.Uint32(attr.Value[0:4])
 		}
 	}
 	// Links that don't have IFLA_INFO_KIND are hardware devices
 	if link == nil {
 		link = &Device{}
 	}
 	*link.Attrs() = base
 	return link, nil
 }
 // LinkList gets a list of link devices.
 // Equivalent to: `ip link show`
 func LinkList() ([]Link, error) {
 	// NOTE(vish): This duplicates functionality in net/iface_linux.go, but we need
 	//             to get the message ourselves to parse link type.
 	req := nl.NewNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
 	req.AddData(msg)
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWLINK)
 	if err != nil {
 		return nil, err
 	}
 	res := make([]Link, 0)
 	for _, m := range msgs {
 		link, err := linkDeserialize(m)
 		if err != nil {
 			return nil, err
 		}
 		res = append(res, link)
 	}
 	return res, nil
 }
 func LinkSetHairpin(link Link, mode bool) error {
 	return setProtinfoAttr(link, mode, nl.IFLA_BRPORT_MODE)
 }
 func LinkSetGuard(link Link, mode bool) error {
 	return setProtinfoAttr(link, mode, nl.IFLA_BRPORT_GUARD)
 }
 func LinkSetFastLeave(link Link, mode bool) error {
 	return setProtinfoAttr(link, mode, nl.IFLA_BRPORT_FAST_LEAVE)
 }
 func LinkSetLearning(link Link, mode bool) error {
 	return setProtinfoAttr(link, mode, nl.IFLA_BRPORT_LEARNING)
 }
 func LinkSetRootBlock(link Link, mode bool) error {
 	return setProtinfoAttr(link, mode, nl.IFLA_BRPORT_PROTECT)
 }
 func LinkSetFlood(link Link, mode bool) error {
 	return setProtinfoAttr(link, mode, nl.IFLA_BRPORT_UNICAST_FLOOD)
 }
 func setProtinfoAttr(link Link, mode bool, attr int) error {
 	base := link.Attrs()
 	ensureIndex(base)
 	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
 	msg := nl.NewIfInfomsg(syscall.AF_BRIDGE)
 	msg.Type = syscall.RTM_SETLINK
 	msg.Flags = syscall.NLM_F_REQUEST
 	msg.Index = int32(base.Index)
 	msg.Change = nl.DEFAULT_CHANGE
 	req.AddData(msg)
 	br := nl.NewRtAttr(syscall.IFLA_PROTINFO|syscall.NLA_F_NESTED, nil)
 	nl.NewRtAttrChild(br, attr, boolToByte(mode))
 	req.AddData(br)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func parseVlanData(link Link, data []syscall.NetlinkRouteAttr) {
 	vlan := link.(*Vlan)
 	for _, datum := range data {
 		switch datum.Attr.Type {
 		case nl.IFLA_VLAN_ID:
 			vlan.VlanId = int(native.Uint16(datum.Value[0:2]))
 		}
 	}
 }
 func parseVxlanData(link Link, data []syscall.NetlinkRouteAttr) {
 	vxlan := link.(*Vxlan)
 	for _, datum := range data {
 		switch datum.Attr.Type {
 		case nl.IFLA_VXLAN_ID:
 			vxlan.VxlanId = int(native.Uint32(datum.Value[0:4]))
 		case nl.IFLA_VXLAN_LINK:
 			vxlan.VtepDevIndex = int(native.Uint32(datum.Value[0:4]))
 		case nl.IFLA_VXLAN_LOCAL:
 			vxlan.SrcAddr = net.IP(datum.Value[0:4])
 		case nl.IFLA_VXLAN_LOCAL6:
 			vxlan.SrcAddr = net.IP(datum.Value[0:16])
 		case nl.IFLA_VXLAN_GROUP:
 			vxlan.Group = net.IP(datum.Value[0:4])
 		case nl.IFLA_VXLAN_GROUP6:
 			vxlan.Group = net.IP(datum.Value[0:16])
 		case nl.IFLA_VXLAN_TTL:
 			vxlan.TTL = int(datum.Value[0])
 		case nl.IFLA_VXLAN_TOS:
 			vxlan.TOS = int(datum.Value[0])
 		case nl.IFLA_VXLAN_LEARNING:
 			vxlan.Learning = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_PROXY:
 			vxlan.Proxy = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_RSC:
 			vxlan.RSC = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_L2MISS:
 			vxlan.L2miss = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_L3MISS:
 			vxlan.L3miss = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_AGEING:
 			vxlan.Age = int(native.Uint32(datum.Value[0:4]))
 			vxlan.NoAge = vxlan.Age == 0
 		case nl.IFLA_VXLAN_LIMIT:
 			vxlan.Limit = int(native.Uint32(datum.Value[0:4]))
 		case nl.IFLA_VXLAN_PORT:
 			vxlan.Port = int(native.Uint16(datum.Value[0:2]))
 		case nl.IFLA_VXLAN_PORT_RANGE:
 			buf := bytes.NewBuffer(datum.Value[0:4])
 			var pr vxlanPortRange
 			if binary.Read(buf, binary.BigEndian, &pr) != nil {
 				vxlan.PortLow = int(pr.Lo)
 				vxlan.PortHigh = int(pr.Hi)
 			}
 		}
 	}
 }
 func parseIPVlanData(link Link, data []syscall.NetlinkRouteAttr) {
 	ipv := link.(*IPVlan)
 	for _, datum := range data {
 		if datum.Attr.Type == nl.IFLA_IPVLAN_MODE {
 			ipv.Mode = IPVlanMode(native.Uint32(datum.Value[0:4]))
 			return
 		}
 	}
 }
 func parseMacvlanData(link Link, data []syscall.NetlinkRouteAttr) {
 	macv := link.(*Macvlan)
 	for _, datum := range data {
 		if datum.Attr.Type == nl.IFLA_MACVLAN_MODE {
 			switch native.Uint32(datum.Value[0:4]) {
 			case nl.MACVLAN_MODE_PRIVATE:
 				macv.Mode = MACVLAN_MODE_PRIVATE
 			case nl.MACVLAN_MODE_VEPA:
 				macv.Mode = MACVLAN_MODE_VEPA
 			case nl.MACVLAN_MODE_BRIDGE:
 				macv.Mode = MACVLAN_MODE_BRIDGE
 			case nl.MACVLAN_MODE_PASSTHRU:
 				macv.Mode = MACVLAN_MODE_PASSTHRU
 			case nl.MACVLAN_MODE_SOURCE:
 				macv.Mode = MACVLAN_MODE_SOURCE
 			}
 			return
 		}
 	}
 }
 // copied from pkg/net_linux.go
 func linkFlags(rawFlags uint32) net.Flags {
 	var f net.Flags
 	if rawFlags&syscall.IFF_UP != 0 {
 		f |= net.FlagUp
 	}
 	if rawFlags&syscall.IFF_BROADCAST != 0 {
 		f |= net.FlagBroadcast
 	}
 	if rawFlags&syscall.IFF_LOOPBACK != 0 {
 		f |= net.FlagLoopback
 	}
 	if rawFlags&syscall.IFF_POINTOPOINT != 0 {
 		f |= net.FlagPointToPoint
 	}
 	if rawFlags&syscall.IFF_MULTICAST != 0 {
 		f |= net.FlagMulticast
 	}
 	return f
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/link_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/link_test.go
@ -1,544 +0,0 @@
 package netlink
 import (
 	"bytes"
 	"net"
 	"testing"
 	"github.com/vishvananda/netns"
 )
 const testTxQLen uint32 = 100
 func testLinkAddDel(t *testing.T, link Link) {
 	links, err := LinkList()
 	if err != nil {
 		t.Fatal(err)
 	}
 	num := len(links)
 	if err := LinkAdd(link); err != nil {
 		t.Fatal(err)
 	}
 	base := link.Attrs()
 	result, err := LinkByName(base.Name)
 	if err != nil {
 		t.Fatal(err)
 	}
 	rBase := result.Attrs()
 	if vlan, ok := link.(*Vlan); ok {
 		other, ok := result.(*Vlan)
 		if !ok {
 			t.Fatal("Result of create is not a vlan")
 		}
 		if vlan.VlanId != other.VlanId {
 			t.Fatal("Link.VlanId id doesn't match")
 		}
 	}
 	if rBase.ParentIndex == 0 && base.ParentIndex != 0 {
 		t.Fatal("Created link doesn't have a Parent but it should")
 	} else if rBase.ParentIndex != 0 && base.ParentIndex == 0 {
 		t.Fatal("Created link has a Parent but it shouldn't")
 	} else if rBase.ParentIndex != 0 && base.ParentIndex != 0 {
 		if rBase.ParentIndex != base.ParentIndex {
 			t.Fatal("Link.ParentIndex doesn't match")
 		}
 	}
 	if veth, ok := link.(*Veth); ok {
 		if veth.TxQLen != testTxQLen {
 			t.Fatalf("TxQLen is %d, should be %d", veth.TxQLen, testTxQLen)
 		}
 		if rBase.MTU != base.MTU {
 			t.Fatalf("MTU is %d, should be %d", rBase.MTU, base.MTU)
 		}
 		if veth.PeerName != "" {
 			var peer *Veth
 			other, err := LinkByName(veth.PeerName)
 			if err != nil {
 				t.Fatalf("Peer %s not created", veth.PeerName)
 			}
 			if peer, ok = other.(*Veth); !ok {
 				t.Fatalf("Peer %s is incorrect type", veth.PeerName)
 			}
 			if peer.TxQLen != testTxQLen {
 				t.Fatalf("TxQLen of peer is %d, should be %d", peer.TxQLen, testTxQLen)
 			}
 		}
 	}
 	if vxlan, ok := link.(*Vxlan); ok {
 		other, ok := result.(*Vxlan)
 		if !ok {
 			t.Fatal("Result of create is not a vxlan")
 		}
 		compareVxlan(t, vxlan, other)
 	}
 	if ipv, ok := link.(*IPVlan); ok {
 		other, ok := result.(*IPVlan)
 		if !ok {
 			t.Fatal("Result of create is not a ipvlan")
 		}
 		if ipv.Mode != other.Mode {
 			t.Fatalf("Got unexpected mode: %d, expected: %d", other.Mode, ipv.Mode)
 		}
 	}
 	if macv, ok := link.(*Macvlan); ok {
 		other, ok := result.(*Macvlan)
 		if !ok {
 			t.Fatal("Result of create is not a macvlan")
 		}
 		if macv.Mode != other.Mode {
 			t.Fatalf("Got unexpected mode: %d, expected: %d", other.Mode, macv.Mode)
 		}
 	}
 	if err = LinkDel(link); err != nil {
 		t.Fatal(err)
 	}
 	links, err = LinkList()
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(links) != num {
 		t.Fatal("Link not removed properly")
 	}
 }
 func compareVxlan(t *testing.T, expected, actual *Vxlan) {
 	if actual.VxlanId != expected.VxlanId {
 		t.Fatal("Vxlan.VxlanId doesn't match")
 	}
 	if expected.SrcAddr != nil && !actual.SrcAddr.Equal(expected.SrcAddr) {
 		t.Fatal("Vxlan.SrcAddr doesn't match")
 	}
 	if expected.Group != nil && !actual.Group.Equal(expected.Group) {
 		t.Fatal("Vxlan.Group doesn't match")
 	}
 	if expected.TTL != -1 && actual.TTL != expected.TTL {
 		t.Fatal("Vxlan.TTL doesn't match")
 	}
 	if expected.TOS != -1 && actual.TOS != expected.TOS {
 		t.Fatal("Vxlan.TOS doesn't match")
 	}
 	if actual.Learning != expected.Learning {
 		t.Fatal("Vxlan.Learning doesn't match")
 	}
 	if actual.Proxy != expected.Proxy {
 		t.Fatal("Vxlan.Proxy doesn't match")
 	}
 	if actual.RSC != expected.RSC {
 		t.Fatal("Vxlan.RSC doesn't match")
 	}
 	if actual.L2miss != expected.L2miss {
 		t.Fatal("Vxlan.L2miss doesn't match")
 	}
 	if actual.L3miss != expected.L3miss {
 		t.Fatal("Vxlan.L3miss doesn't match")
 	}
 	if expected.NoAge {
 		if !actual.NoAge {
 			t.Fatal("Vxlan.NoAge doesn't match")
 		}
 	} else if expected.Age > 0 && actual.Age != expected.Age {
 		t.Fatal("Vxlan.Age doesn't match")
 	}
 	if expected.Limit > 0 && actual.Limit != expected.Limit {
 		t.Fatal("Vxlan.Limit doesn't match")
 	}
 	if expected.Port > 0 && actual.Port != expected.Port {
 		t.Fatal("Vxlan.Port doesn't match")
 	}
 	if expected.PortLow > 0 || expected.PortHigh > 0 {
 		if actual.PortLow != expected.PortLow {
 			t.Fatal("Vxlan.PortLow doesn't match")
 		}
 		if actual.PortHigh != expected.PortHigh {
 			t.Fatal("Vxlan.PortHigh doesn't match")
 		}
 	}
 }
 func TestLinkAddDelDummy(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	testLinkAddDel(t, &Dummy{LinkAttrs{Name: "foo"}})
 }
 func TestLinkAddDelBridge(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	testLinkAddDel(t, &Bridge{LinkAttrs{Name: "foo", MTU: 1400}})
 }
 func TestLinkAddDelVlan(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	parent := &Dummy{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(parent); err != nil {
 		t.Fatal(err)
 	}
 	testLinkAddDel(t, &Vlan{LinkAttrs{Name: "bar", ParentIndex: parent.Attrs().Index}, 900})
 	if err := LinkDel(parent); err != nil {
 		t.Fatal(err)
 	}
 }
 func TestLinkAddDelMacvlan(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	parent := &Dummy{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(parent); err != nil {
 		t.Fatal(err)
 	}
 	testLinkAddDel(t, &Macvlan{
 		LinkAttrs: LinkAttrs{Name: "bar", ParentIndex: parent.Attrs().Index},
 		Mode:      MACVLAN_MODE_PRIVATE,
 	})
 	if err := LinkDel(parent); err != nil {
 		t.Fatal(err)
 	}
 }
 func TestLinkAddDelVeth(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	testLinkAddDel(t, &Veth{LinkAttrs{Name: "foo", TxQLen: testTxQLen, MTU: 1400}, "bar"})
 }
 func TestLinkAddDelBridgeMaster(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	master := &Bridge{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(master); err != nil {
 		t.Fatal(err)
 	}
 	testLinkAddDel(t, &Dummy{LinkAttrs{Name: "bar", MasterIndex: master.Attrs().Index}})
 	if err := LinkDel(master); err != nil {
 		t.Fatal(err)
 	}
 }
 func TestLinkSetUnsetResetMaster(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	master := &Bridge{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(master); err != nil {
 		t.Fatal(err)
 	}
 	newmaster := &Bridge{LinkAttrs{Name: "bar"}}
 	if err := LinkAdd(newmaster); err != nil {
 		t.Fatal(err)
 	}
 	slave := &Dummy{LinkAttrs{Name: "baz"}}
 	if err := LinkAdd(slave); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkSetMaster(slave, master); err != nil {
 		t.Fatal(err)
 	}
 	link, err := LinkByName("baz")
 	if err != nil {
 		t.Fatal(err)
 	}
 	if link.Attrs().MasterIndex != master.Attrs().Index {
 		t.Fatal("Master not set properly")
 	}
 	if err := LinkSetMaster(slave, newmaster); err != nil {
 		t.Fatal(err)
 	}
 	link, err = LinkByName("baz")
 	if err != nil {
 		t.Fatal(err)
 	}
 	if link.Attrs().MasterIndex != newmaster.Attrs().Index {
 		t.Fatal("Master not reset properly")
 	}
 	if err := LinkSetMaster(slave, nil); err != nil {
 		t.Fatal(err)
 	}
 	link, err = LinkByName("baz")
 	if err != nil {
 		t.Fatal(err)
 	}
 	if link.Attrs().MasterIndex != 0 {
 		t.Fatal("Master not unset properly")
 	}
 	if err := LinkDel(slave); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkDel(newmaster); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkDel(master); err != nil {
 		t.Fatal(err)
 	}
 }
 func TestLinkSetNs(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	basens, err := netns.Get()
 	if err != nil {
 		t.Fatal("Failed to get basens")
 	}
 	defer basens.Close()
 	newns, err := netns.New()
 	if err != nil {
 		t.Fatal("Failed to create newns")
 	}
 	defer newns.Close()
 	link := &Veth{LinkAttrs{Name: "foo"}, "bar"}
 	if err := LinkAdd(link); err != nil {
 		t.Fatal(err)
 	}
 	peer, err := LinkByName("bar")
 	if err != nil {
 		t.Fatal(err)
 	}
 	LinkSetNsFd(peer, int(basens))
 	if err != nil {
 		t.Fatal("Failed to set newns for link")
 	}
 	_, err = LinkByName("bar")
 	if err == nil {
 		t.Fatal("Link bar is still in newns")
 	}
 	err = netns.Set(basens)
 	if err != nil {
 		t.Fatal("Failed to set basens")
 	}
 	peer, err = LinkByName("bar")
 	if err != nil {
 		t.Fatal("Link is not in basens")
 	}
 	if err := LinkDel(peer); err != nil {
 		t.Fatal(err)
 	}
 	err = netns.Set(newns)
 	if err != nil {
 		t.Fatal("Failed to set newns")
 	}
 	_, err = LinkByName("foo")
 	if err == nil {
 		t.Fatal("Other half of veth pair not deleted")
 	}
 }
 func TestLinkAddDelVxlan(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	parent := &Dummy{
 		LinkAttrs{Name: "foo"},
 	}
 	if err := LinkAdd(parent); err != nil {
 		t.Fatal(err)
 	}
 	vxlan := Vxlan{
 		LinkAttrs: LinkAttrs{
 			Name: "bar",
 		},
 		VxlanId:      10,
 		VtepDevIndex: parent.Index,
 		Learning:     true,
 		L2miss:       true,
 		L3miss:       true,
 	}
 	testLinkAddDel(t, &vxlan)
 	if err := LinkDel(parent); err != nil {
 		t.Fatal(err)
 	}
 }
 func TestLinkAddDelIPVlanL2(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	parent := &Dummy{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(parent); err != nil {
 		t.Fatal(err)
 	}
 	ipv := IPVlan{
 		LinkAttrs: LinkAttrs{
 			Name:        "bar",
 			ParentIndex: parent.Index,
 		},
 		Mode: IPVLAN_MODE_L2,
 	}
 	testLinkAddDel(t, &ipv)
 }
 func TestLinkAddDelIPVlanL3(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	parent := &Dummy{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(parent); err != nil {
 		t.Fatal(err)
 	}
 	ipv := IPVlan{
 		LinkAttrs: LinkAttrs{
 			Name:        "bar",
 			ParentIndex: parent.Index,
 		},
 		Mode: IPVLAN_MODE_L3,
 	}
 	testLinkAddDel(t, &ipv)
 }
 func TestLinkAddDelIPVlanNoParent(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	ipv := IPVlan{
 		LinkAttrs: LinkAttrs{
 			Name: "bar",
 		},
 		Mode: IPVLAN_MODE_L3,
 	}
 	err := LinkAdd(&ipv)
 	if err == nil {
 		t.Fatal("Add should fail if ipvlan creating without ParentIndex")
 	}
 	if err.Error() != "Can't create ipvlan link without ParentIndex" {
 		t.Fatalf("Error should be about missing ParentIndex, got %q", err)
 	}
 }
 func TestLinkByIndex(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	dummy := &Dummy{LinkAttrs{Name: "dummy"}}
 	if err := LinkAdd(dummy); err != nil {
 		t.Fatal(err)
 	}
 	found, err := LinkByIndex(dummy.Index)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if found.Attrs().Index != dummy.Attrs().Index {
 		t.Fatalf("Indices don't match: %v != %v", found.Attrs().Index, dummy.Attrs().Index)
 	}
 	LinkDel(dummy)
 	// test not found
 	_, err = LinkByIndex(dummy.Attrs().Index)
 	if err == nil {
 		t.Fatalf("LinkByIndex(%v) found deleted link", err)
 	}
 }
 func TestLinkSet(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	iface := &Dummy{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(iface); err != nil {
 		t.Fatal(err)
 	}
 	link, err := LinkByName("foo")
 	if err != nil {
 		t.Fatal(err)
 	}
 	err = LinkSetName(link, "bar")
 	if err != nil {
 		t.Fatalf("Could not change interface name: %v", err)
 	}
 	link, err = LinkByName("bar")
 	if err != nil {
 		t.Fatalf("Interface name not changed: %v", err)
 	}
 	err = LinkSetMTU(link, 1400)
 	if err != nil {
 		t.Fatalf("Could not set MTU: %v", err)
 	}
 	link, err = LinkByName("bar")
 	if err != nil {
 		t.Fatal(err)
 	}
 	if link.Attrs().MTU != 1400 {
 		t.Fatal("MTU not changed!")
 	}
 	addr, err := net.ParseMAC("00:12:34:56:78:AB")
 	if err != nil {
 		t.Fatal(err)
 	}
 	err = LinkSetHardwareAddr(link, addr)
 	if err != nil {
 		t.Fatal(err)
 	}
 	link, err = LinkByName("bar")
 	if err != nil {
 		t.Fatal(err)
 	}
 	if !bytes.Equal(link.Attrs().HardwareAddr, addr) {
 		t.Fatalf("hardware address not changed!")
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/neigh.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/neigh.go
@ -1,22 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"net"
 )
 // Neigh represents a link layer neighbor from netlink.
 type Neigh struct {
 	LinkIndex    int
 	Family       int
 	State        int
 	Type         int
 	Flags        int
 	IP           net.IP
 	HardwareAddr net.HardwareAddr
 }
 // String returns $ip/$hwaddr $label
 func (neigh *Neigh) String() string {
 	return fmt.Sprintf("%s %s", neigh.IP, neigh.HardwareAddr)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/neigh_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/neigh_linux.go
@ -1,189 +0,0 @@
 package netlink
 import (
 	"net"
 	"syscall"
 	"unsafe"
 	"github.com/vishvananda/netlink/nl"
 )
 const (
 	NDA_UNSPEC = iota
 	NDA_DST
 	NDA_LLADDR
 	NDA_CACHEINFO
 	NDA_PROBES
 	NDA_VLAN
 	NDA_PORT
 	NDA_VNI
 	NDA_IFINDEX
 	NDA_MAX = NDA_IFINDEX
 )
 // Neighbor Cache Entry States.
 const (
 	NUD_NONE       = 0x00
 	NUD_INCOMPLETE = 0x01
 	NUD_REACHABLE  = 0x02
 	NUD_STALE      = 0x04
 	NUD_DELAY      = 0x08
 	NUD_PROBE      = 0x10
 	NUD_FAILED     = 0x20
 	NUD_NOARP      = 0x40
 	NUD_PERMANENT  = 0x80
 )
 // Neighbor Flags
 const (
 	NTF_USE    = 0x01
 	NTF_SELF   = 0x02
 	NTF_MASTER = 0x04
 	NTF_PROXY  = 0x08
 	NTF_ROUTER = 0x80
 )
 type Ndmsg struct {
 	Family uint8
 	Index  uint32
 	State  uint16
 	Flags  uint8
 	Type   uint8
 }
 func deserializeNdmsg(b []byte) *Ndmsg {
 	var dummy Ndmsg
 	return (*Ndmsg)(unsafe.Pointer(&b[0:unsafe.Sizeof(dummy)][0]))
 }
 func (msg *Ndmsg) Serialize() []byte {
 	return (*(*[unsafe.Sizeof(*msg)]byte)(unsafe.Pointer(msg)))[:]
 }
 func (msg *Ndmsg) Len() int {
 	return int(unsafe.Sizeof(*msg))
 }
 // NeighAdd will add an IP to MAC mapping to the ARP table
 // Equivalent to: `ip neigh add ....`
 func NeighAdd(neigh *Neigh) error {
 	return neighAdd(neigh, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL)
 }
 // NeighAdd will add or replace an IP to MAC mapping to the ARP table
 // Equivalent to: `ip neigh replace....`
 func NeighSet(neigh *Neigh) error {
 	return neighAdd(neigh, syscall.NLM_F_CREATE)
 }
 // NeighAppend will append an entry to FDB
 // Equivalent to: `bridge fdb append...`
 func NeighAppend(neigh *Neigh) error {
 	return neighAdd(neigh, syscall.NLM_F_CREATE|syscall.NLM_F_APPEND)
 }
 func neighAdd(neigh *Neigh, mode int) error {
 	req := nl.NewNetlinkRequest(syscall.RTM_NEWNEIGH, mode|syscall.NLM_F_ACK)
 	return neighHandle(neigh, req)
 }
 // NeighDel will delete an IP address from a link device.
 // Equivalent to: `ip addr del $addr dev $link`
 func NeighDel(neigh *Neigh) error {
 	req := nl.NewNetlinkRequest(syscall.RTM_DELNEIGH, syscall.NLM_F_ACK)
 	return neighHandle(neigh, req)
 }
 func neighHandle(neigh *Neigh, req *nl.NetlinkRequest) error {
 	var family int
 	if neigh.Family > 0 {
 		family = neigh.Family
 	} else {
 		family = nl.GetIPFamily(neigh.IP)
 	}
 	msg := Ndmsg{
 		Family: uint8(family),
 		Index:  uint32(neigh.LinkIndex),
 		State:  uint16(neigh.State),
 		Type:   uint8(neigh.Type),
 		Flags:  uint8(neigh.Flags),
 	}
 	req.AddData(&msg)
 	ipData := neigh.IP.To4()
 	if ipData == nil {
 		ipData = neigh.IP.To16()
 	}
 	dstData := nl.NewRtAttr(NDA_DST, ipData)
 	req.AddData(dstData)
 	hwData := nl.NewRtAttr(NDA_LLADDR, []byte(neigh.HardwareAddr))
 	req.AddData(hwData)
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // NeighList gets a list of IP-MAC mappings in the system (ARP table).
 // Equivalent to: `ip neighbor show`.
 // The list can be filtered by link and ip family.
 func NeighList(linkIndex, family int) ([]Neigh, error) {
 	req := nl.NewNetlinkRequest(syscall.RTM_GETNEIGH, syscall.NLM_F_DUMP)
 	msg := Ndmsg{
 		Family: uint8(family),
 	}
 	req.AddData(&msg)
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWNEIGH)
 	if err != nil {
 		return nil, err
 	}
 	res := make([]Neigh, 0)
 	for _, m := range msgs {
 		ndm := deserializeNdmsg(m)
 		if linkIndex != 0 && int(ndm.Index) != linkIndex {
 			// Ignore messages from other interfaces
 			continue
 		}
 		neigh, err := NeighDeserialize(m)
 		if err != nil {
 			continue
 		}
 		res = append(res, *neigh)
 	}
 	return res, nil
 }
 func NeighDeserialize(m []byte) (*Neigh, error) {
 	msg := deserializeNdmsg(m)
 	neigh := Neigh{
 		LinkIndex: int(msg.Index),
 		Family:    int(msg.Family),
 		State:     int(msg.State),
 		Type:      int(msg.Type),
 		Flags:     int(msg.Flags),
 	}
 	attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 	if err != nil {
 		return nil, err
 	}
 	for _, attr := range attrs {
 		switch attr.Attr.Type {
 		case NDA_DST:
 			neigh.IP = net.IP(attr.Value)
 		case NDA_LLADDR:
 			neigh.HardwareAddr = net.HardwareAddr(attr.Value)
 		}
 	}
 	return &neigh, nil
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/neigh_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/neigh_test.go
@ -1,104 +0,0 @@
 package netlink
 import (
 	"net"
 	"testing"
 )
 type arpEntry struct {
 	ip  net.IP
 	mac net.HardwareAddr
 }
 func parseMAC(s string) net.HardwareAddr {
 	m, err := net.ParseMAC(s)
 	if err != nil {
 		panic(err)
 	}
 	return m
 }
 func dumpContains(dump []Neigh, e arpEntry) bool {
 	for _, n := range dump {
 		if n.IP.Equal(e.ip) && (n.State&NUD_INCOMPLETE) == 0 {
 			return true
 		}
 	}
 	return false
 }
 func TestNeighAddDel(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	dummy := Dummy{LinkAttrs{Name: "neigh0"}}
 	if err := LinkAdd(&dummy); err != nil {
 		t.Fatal(err)
 	}
 	ensureIndex(dummy.Attrs())
 	arpTable := []arpEntry{
 		{net.ParseIP("10.99.0.1"), parseMAC("aa:bb:cc:dd:00:01")},
 		{net.ParseIP("10.99.0.2"), parseMAC("aa:bb:cc:dd:00:02")},
 		{net.ParseIP("10.99.0.3"), parseMAC("aa:bb:cc:dd:00:03")},
 		{net.ParseIP("10.99.0.4"), parseMAC("aa:bb:cc:dd:00:04")},
 		{net.ParseIP("10.99.0.5"), parseMAC("aa:bb:cc:dd:00:05")},
 	}
 	// Add the arpTable
 	for _, entry := range arpTable {
 		err := NeighAdd(&Neigh{
 			LinkIndex:    dummy.Index,
 			State:        NUD_REACHABLE,
 			IP:           entry.ip,
 			HardwareAddr: entry.mac,
 		})
 		if err != nil {
 			t.Errorf("Failed to NeighAdd: %v", err)
 		}
 	}
 	// Dump and see that all added entries are there
 	dump, err := NeighList(dummy.Index, 0)
 	if err != nil {
 		t.Errorf("Failed to NeighList: %v", err)
 	}
 	for _, entry := range arpTable {
 		if !dumpContains(dump, entry) {
 			t.Errorf("Dump does not contain: %v", entry)
 		}
 	}
 	// Delete the arpTable
 	for _, entry := range arpTable {
 		err := NeighDel(&Neigh{
 			LinkIndex:    dummy.Index,
 			IP:           entry.ip,
 			HardwareAddr: entry.mac,
 		})
 		if err != nil {
 			t.Errorf("Failed to NeighDel: %v", err)
 		}
 	}
 	// TODO: seems not working because of cache
 	//// Dump and see that none of deleted entries are there
 	//dump, err = NeighList(dummy.Index, 0)
 	//if err != nil {
 	//t.Errorf("Failed to NeighList: %v", err)
 	//}
 	//for _, entry := range arpTable {
 	//if dumpContains(dump, entry) {
 	//t.Errorf("Dump contains: %v", entry)
 	//}
 	//}
 	if err := LinkDel(&dummy); err != nil {
 		t.Fatal(err)
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/netlink.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/netlink.go
@ -1,39 +0,0 @@
 // Package netlink provides a simple library for netlink. Netlink is
 // the interface a user-space program in linux uses to communicate with
 // the kernel. It can be used to add and remove interfaces, set up ip
 // addresses and routes, and confiugre ipsec. Netlink communication
 // requires elevated privileges, so in most cases this code needs to
 // be run as root. The low level primitives for netlink are contained
 // in the nl subpackage. This package attempts to provide a high-level
 // interface that is loosly modeled on the iproute2 cli.
 package netlink
 import (
 	"net"
 	"github.com/vishvananda/netlink/nl"
 )
 const (
 	// Family type definitions
 	FAMILY_ALL = nl.FAMILY_ALL
 	FAMILY_V4  = nl.FAMILY_V4
 	FAMILY_V6  = nl.FAMILY_V6
 )
 // ParseIPNet parses a string in ip/net format and returns a net.IPNet.
 // This is valuable because addresses in netlink are often IPNets and
 // ParseCIDR returns an IPNet with the IP part set to the base IP of the
 // range.
 func ParseIPNet(s string) (*net.IPNet, error) {
 	ip, ipNet, err := net.ParseCIDR(s)
 	if err != nil {
 		return nil, err
 	}
 	return &net.IPNet{IP: ip, Mask: ipNet.Mask}, nil
 }
 // NewIPNet generates an IPNet from an ip address using a netmask of 32.
 func NewIPNet(ip net.IP) *net.IPNet {
 	return &net.IPNet{IP: ip, Mask: net.CIDRMask(32, 32)}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/netlink_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/netlink_test.go
@ -1,34 +0,0 @@
 package netlink
 import (
 	"log"
 	"os"
 	"runtime"
 	"testing"
 	"github.com/vishvananda/netns"
 )
 type tearDownNetlinkTest func()
 func setUpNetlinkTest(t *testing.T) tearDownNetlinkTest {
 	if os.Getuid() != 0 {
 		msg := "Skipped test because it requires root privileges."
 		log.Printf(msg)
 		t.Skip(msg)
 	}
 	// new temporary namespace so we don't pollute the host
 	// lock thread since the namespace is thread local
 	runtime.LockOSThread()
 	var err error
 	ns, err := netns.New()
 	if err != nil {
 		t.Fatal("Failed to create newns", ns)
 	}
 	return func() {
 		ns.Close()
 		runtime.UnlockOSThread()
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/netlink_unspecified.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/netlink_unspecified.go
@ -1,143 +0,0 @@
 // +build !linux
 package netlink
 import (
 	"errors"
 )
 var (
 	ErrNotImplemented = errors.New("not implemented")
 )
 func LinkSetUp(link *Link) error {
 	return ErrNotImplemented
 }
 func LinkSetDown(link *Link) error {
 	return ErrNotImplemented
 }
 func LinkSetMTU(link *Link, mtu int) error {
 	return ErrNotImplemented
 }
 func LinkSetMaster(link *Link, master *Link) error {
 	return ErrNotImplemented
 }
 func LinkSetNsPid(link *Link, nspid int) error {
 	return ErrNotImplemented
 }
 func LinkSetNsFd(link *Link, fd int) error {
 	return ErrNotImplemented
 }
 func LinkAdd(link *Link) error {
 	return ErrNotImplemented
 }
 func LinkDel(link *Link) error {
 	return ErrNotImplemented
 }
 func SetHairpin(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 func SetGuard(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 func SetFastLeave(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 func SetLearning(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 func SetRootBlock(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 func SetFlood(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 func LinkList() ([]Link, error) {
 	return nil, ErrNotImplemented
 }
 func AddrAdd(link *Link, addr *Addr) error {
 	return ErrNotImplemented
 }
 func AddrDel(link *Link, addr *Addr) error {
 	return ErrNotImplemented
 }
 func AddrList(link *Link, family int) ([]Addr, error) {
 	return nil, ErrNotImplemented
 }
 func RouteAdd(route *Route) error {
 	return ErrNotImplemented
 }
 func RouteDel(route *Route) error {
 	return ErrNotImplemented
 }
 func RouteList(link *Link, family int) ([]Route, error) {
 	return nil, ErrNotImplemented
 }
 func XfrmPolicyAdd(policy *XfrmPolicy) error {
 	return ErrNotImplemented
 }
 func XfrmPolicyDel(policy *XfrmPolicy) error {
 	return ErrNotImplemented
 }
 func XfrmPolicyList(family int) ([]XfrmPolicy, error) {
 	return nil, ErrNotImplemented
 }
 func XfrmStateAdd(policy *XfrmState) error {
 	return ErrNotImplemented
 }
 func XfrmStateDel(policy *XfrmState) error {
 	return ErrNotImplemented
 }
 func XfrmStateList(family int) ([]XfrmState, error) {
 	return nil, ErrNotImplemented
 }
 func NeighAdd(neigh *Neigh) error {
 	return ErrNotImplemented
 }
 func NeighSet(neigh *Neigh) error {
 	return ErrNotImplemented
 }
 func NeighAppend(neigh *Neigh) error {
 	return ErrNotImplemented
 }
 func NeighDel(neigh *Neigh) error {
 	return ErrNotImplemented
 }
 func NeighList(linkIndex, family int) ([]Neigh, error) {
 	return nil, ErrNotImplemented
 }
 func NeighDeserialize(m []byte) (*Ndmsg, *Neigh, error) {
 	return nil, nil, ErrNotImplemented
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/addr_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/addr_linux.go
@ -1,47 +0,0 @@
 package nl
 import (
 	"syscall"
 	"unsafe"
 )
 type IfAddrmsg struct {
 	syscall.IfAddrmsg
 }
 func NewIfAddrmsg(family int) *IfAddrmsg {
 	return &IfAddrmsg{
 		IfAddrmsg: syscall.IfAddrmsg{
 			Family: uint8(family),
 		},
 	}
 }
 // struct ifaddrmsg {
 //   __u8    ifa_family;
 //   __u8    ifa_prefixlen;  /* The prefix length    */
 //   __u8    ifa_flags;  /* Flags      */
 //   __u8    ifa_scope;  /* Address scope    */
 //   __u32   ifa_index;  /* Link index     */
 // };
 // type IfAddrmsg struct {
 // 	Family    uint8
 // 	Prefixlen uint8
 // 	Flags     uint8
 // 	Scope     uint8
 // 	Index     uint32
 // }
 // SizeofIfAddrmsg     = 0x8
 func DeserializeIfAddrmsg(b []byte) *IfAddrmsg {
 	return (*IfAddrmsg)(unsafe.Pointer(&b[0:syscall.SizeofIfAddrmsg][0]))
 }
 func (msg *IfAddrmsg) Serialize() []byte {
 	return (*(*[syscall.SizeofIfAddrmsg]byte)(unsafe.Pointer(msg)))[:]
 }
 func (msg *IfAddrmsg) Len() int {
 	return syscall.SizeofIfAddrmsg
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/addr_linux_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/addr_linux_test.go
@ -1,39 +0,0 @@
 package nl
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
 	"syscall"
 	"testing"
 )
 func (msg *IfAddrmsg) write(b []byte) {
 	native := NativeEndian()
 	b[0] = msg.Family
 	b[1] = msg.Prefixlen
 	b[2] = msg.Flags
 	b[3] = msg.Scope
 	native.PutUint32(b[4:8], msg.Index)
 }
 func (msg *IfAddrmsg) serializeSafe() []byte {
 	len := syscall.SizeofIfAddrmsg
 	b := make([]byte, len)
 	msg.write(b)
 	return b
 }
 func deserializeIfAddrmsgSafe(b []byte) *IfAddrmsg {
 	var msg = IfAddrmsg{}
 	binary.Read(bytes.NewReader(b[0:syscall.SizeofIfAddrmsg]), NativeEndian(), &msg)
 	return &msg
 }
 func TestIfAddrmsgDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, syscall.SizeofIfAddrmsg)
 	rand.Read(orig)
 	safemsg := deserializeIfAddrmsgSafe(orig)
 	msg := DeserializeIfAddrmsg(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/link_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/link_linux.go
@ -1,96 +0,0 @@
 package nl
 const (
 	DEFAULT_CHANGE = 0xFFFFFFFF
 )
 const (
 	IFLA_INFO_UNSPEC = iota
 	IFLA_INFO_KIND
 	IFLA_INFO_DATA
 	IFLA_INFO_XSTATS
 	IFLA_INFO_MAX = IFLA_INFO_XSTATS
 )
 const (
 	IFLA_VLAN_UNSPEC = iota
 	IFLA_VLAN_ID
 	IFLA_VLAN_FLAGS
 	IFLA_VLAN_EGRESS_QOS
 	IFLA_VLAN_INGRESS_QOS
 	IFLA_VLAN_PROTOCOL
 	IFLA_VLAN_MAX = IFLA_VLAN_PROTOCOL
 )
 const (
 	VETH_INFO_UNSPEC = iota
 	VETH_INFO_PEER
 	VETH_INFO_MAX = VETH_INFO_PEER
 )
 const (
 	IFLA_VXLAN_UNSPEC = iota
 	IFLA_VXLAN_ID
 	IFLA_VXLAN_GROUP
 	IFLA_VXLAN_LINK
 	IFLA_VXLAN_LOCAL
 	IFLA_VXLAN_TTL
 	IFLA_VXLAN_TOS
 	IFLA_VXLAN_LEARNING
 	IFLA_VXLAN_AGEING
 	IFLA_VXLAN_LIMIT
 	IFLA_VXLAN_PORT_RANGE
 	IFLA_VXLAN_PROXY
 	IFLA_VXLAN_RSC
 	IFLA_VXLAN_L2MISS
 	IFLA_VXLAN_L3MISS
 	IFLA_VXLAN_PORT
 	IFLA_VXLAN_GROUP6
 	IFLA_VXLAN_LOCAL6
 	IFLA_VXLAN_MAX = IFLA_VXLAN_LOCAL6
 )
 const (
 	BRIDGE_MODE_UNSPEC = iota
 	BRIDGE_MODE_HAIRPIN
 )
 const (
 	IFLA_BRPORT_UNSPEC = iota
 	IFLA_BRPORT_STATE
 	IFLA_BRPORT_PRIORITY
 	IFLA_BRPORT_COST
 	IFLA_BRPORT_MODE
 	IFLA_BRPORT_GUARD
 	IFLA_BRPORT_PROTECT
 	IFLA_BRPORT_FAST_LEAVE
 	IFLA_BRPORT_LEARNING
 	IFLA_BRPORT_UNICAST_FLOOD
 	IFLA_BRPORT_MAX = IFLA_BRPORT_UNICAST_FLOOD
 )
 const (
 	IFLA_IPVLAN_UNSPEC = iota
 	IFLA_IPVLAN_MODE
 	IFLA_IPVLAN_MAX = IFLA_IPVLAN_MODE
 )
 const (
 	// not defined in syscall
 	IFLA_NET_NS_FD = 28
 )
 const (
 	IFLA_MACVLAN_UNSPEC = iota
 	IFLA_MACVLAN_MODE
 	IFLA_MACVLAN_FLAGS
 	IFLA_MACVLAN_MAX = IFLA_MACVLAN_FLAGS
 )
 const (
 	MACVLAN_MODE_PRIVATE  = 1
 	MACVLAN_MODE_VEPA     = 2
 	MACVLAN_MODE_BRIDGE   = 4
 	MACVLAN_MODE_PASSTHRU = 8
 	MACVLAN_MODE_SOURCE   = 16
 )
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/nl_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/nl_linux.go
@ -1,417 +0,0 @@
 // Package nl has low level primitives for making Netlink calls.
 package nl
 import (
 	"bytes"
 	"encoding/binary"
 	"fmt"
 	"net"
 	"sync/atomic"
 	"syscall"
 	"unsafe"
 )
 const (
 	// Family type definitions
 	FAMILY_ALL = syscall.AF_UNSPEC
 	FAMILY_V4  = syscall.AF_INET
 	FAMILY_V6  = syscall.AF_INET6
 )
 var nextSeqNr uint32
 // GetIPFamily returns the family type of a net.IP.
 func GetIPFamily(ip net.IP) int {
 	if len(ip) <= net.IPv4len {
 		return FAMILY_V4
 	}
 	if ip.To4() != nil {
 		return FAMILY_V4
 	}
 	return FAMILY_V6
 }
 var nativeEndian binary.ByteOrder
 // Get native endianness for the system
 func NativeEndian() binary.ByteOrder {
 	if nativeEndian == nil {
 		var x uint32 = 0x01020304
 		if *(*byte)(unsafe.Pointer(&x)) == 0x01 {
 			nativeEndian = binary.BigEndian
 		}
 		nativeEndian = binary.LittleEndian
 	}
 	return nativeEndian
 }
 // Byte swap a 16 bit value if we aren't big endian
 func Swap16(i uint16) uint16 {
 	if NativeEndian() == binary.BigEndian {
 		return i
 	}
 	return (i&0xff00)>>8 | (i&0xff)<<8
 }
 // Byte swap a 32 bit value if aren't big endian
 func Swap32(i uint32) uint32 {
 	if NativeEndian() == binary.BigEndian {
 		return i
 	}
 	return (i&0xff000000)>>24 | (i&0xff0000)>>8 | (i&0xff00)<<8 | (i&0xff)<<24
 }
 type NetlinkRequestData interface {
 	Len() int
 	Serialize() []byte
 }
 // IfInfomsg is related to links, but it is used for list requests as well
 type IfInfomsg struct {
 	syscall.IfInfomsg
 }
 // Create an IfInfomsg with family specified
 func NewIfInfomsg(family int) *IfInfomsg {
 	return &IfInfomsg{
 		IfInfomsg: syscall.IfInfomsg{
 			Family: uint8(family),
 		},
 	}
 }
 func DeserializeIfInfomsg(b []byte) *IfInfomsg {
 	return (*IfInfomsg)(unsafe.Pointer(&b[0:syscall.SizeofIfInfomsg][0]))
 }
 func (msg *IfInfomsg) Serialize() []byte {
 	return (*(*[syscall.SizeofIfInfomsg]byte)(unsafe.Pointer(msg)))[:]
 }
 func (msg *IfInfomsg) Len() int {
 	return syscall.SizeofIfInfomsg
 }
 func rtaAlignOf(attrlen int) int {
 	return (attrlen + syscall.RTA_ALIGNTO - 1) & ^(syscall.RTA_ALIGNTO - 1)
 }
 func NewIfInfomsgChild(parent *RtAttr, family int) *IfInfomsg {
 	msg := NewIfInfomsg(family)
 	parent.children = append(parent.children, msg)
 	return msg
 }
 // Extend RtAttr to handle data and children
 type RtAttr struct {
 	syscall.RtAttr
 	Data     []byte
 	children []NetlinkRequestData
 }
 // Create a new Extended RtAttr object
 func NewRtAttr(attrType int, data []byte) *RtAttr {
 	return &RtAttr{
 		RtAttr: syscall.RtAttr{
 			Type: uint16(attrType),
 		},
 		children: []NetlinkRequestData{},
 		Data:     data,
 	}
 }
 // Create a new RtAttr obj anc add it as a child of an existing object
 func NewRtAttrChild(parent *RtAttr, attrType int, data []byte) *RtAttr {
 	attr := NewRtAttr(attrType, data)
 	parent.children = append(parent.children, attr)
 	return attr
 }
 func (a *RtAttr) Len() int {
 	if len(a.children) == 0 {
 		return (syscall.SizeofRtAttr + len(a.Data))
 	}
 	l := 0
 	for _, child := range a.children {
 		l += rtaAlignOf(child.Len())
 	}
 	l += syscall.SizeofRtAttr
 	return rtaAlignOf(l + len(a.Data))
 }
 // Serialize the RtAttr into a byte array
 // This can't ust unsafe.cast because it must iterate through children.
 func (a *RtAttr) Serialize() []byte {
 	native := NativeEndian()
 	length := a.Len()
 	buf := make([]byte, rtaAlignOf(length))
 	if a.Data != nil {
 		copy(buf[4:], a.Data)
 	} else {
 		next := 4
 		for _, child := range a.children {
 			childBuf := child.Serialize()
 			copy(buf[next:], childBuf)
 			next += rtaAlignOf(len(childBuf))
 		}
 	}
 	if l := uint16(length); l != 0 {
 		native.PutUint16(buf[0:2], l)
 	}
 	native.PutUint16(buf[2:4], a.Type)
 	return buf
 }
 type NetlinkRequest struct {
 	syscall.NlMsghdr
 	Data []NetlinkRequestData
 }
 // Serialize the Netlink Request into a byte array
 func (msg *NetlinkRequest) Serialize() []byte {
 	length := syscall.SizeofNlMsghdr
 	dataBytes := make([][]byte, len(msg.Data))
 	for i, data := range msg.Data {
 		dataBytes[i] = data.Serialize()
 		length = length + len(dataBytes[i])
 	}
 	msg.Len = uint32(length)
 	b := make([]byte, length)
 	hdr := (*(*[syscall.SizeofNlMsghdr]byte)(unsafe.Pointer(msg)))[:]
 	next := syscall.SizeofNlMsghdr
 	copy(b[0:next], hdr)
 	for _, data := range dataBytes {
 		for _, dataByte := range data {
 			b[next] = dataByte
 			next = next + 1
 		}
 	}
 	return b
 }
 func (msg *NetlinkRequest) AddData(data NetlinkRequestData) {
 	if data != nil {
 		msg.Data = append(msg.Data, data)
 	}
 }
 // Execute the request against a the given sockType.
 // Returns a list of netlink messages in seriaized format, optionally filtered
 // by resType.
 func (req *NetlinkRequest) Execute(sockType int, resType uint16) ([][]byte, error) {
 	s, err := getNetlinkSocket(sockType)
 	if err != nil {
 		return nil, err
 	}
 	defer s.Close()
 	if err := s.Send(req); err != nil {
 		return nil, err
 	}
 	pid, err := s.GetPid()
 	if err != nil {
 		return nil, err
 	}
 	res := make([][]byte, 0)
 done:
 	for {
 		msgs, err := s.Recieve()
 		if err != nil {
 			return nil, err
 		}
 		for _, m := range msgs {
 			if m.Header.Seq != req.Seq {
 				return nil, fmt.Errorf("Wrong Seq nr %d, expected 1", m.Header.Seq)
 			}
 			if m.Header.Pid != pid {
 				return nil, fmt.Errorf("Wrong pid %d, expected %d", m.Header.Pid, pid)
 			}
 			if m.Header.Type == syscall.NLMSG_DONE {
 				break done
 			}
 			if m.Header.Type == syscall.NLMSG_ERROR {
 				native := NativeEndian()
 				error := int32(native.Uint32(m.Data[0:4]))
 				if error == 0 {
 					break done
 				}
 				return nil, syscall.Errno(-error)
 			}
 			if resType != 0 && m.Header.Type != resType {
 				continue
 			}
 			res = append(res, m.Data)
 			if m.Header.Flags&syscall.NLM_F_MULTI == 0 {
 				break done
 			}
 		}
 	}
 	return res, nil
 }
 // Create a new netlink request from proto and flags
 // Note the Len value will be inaccurate once data is added until
 // the message is serialized
 func NewNetlinkRequest(proto, flags int) *NetlinkRequest {
 	return &NetlinkRequest{
 		NlMsghdr: syscall.NlMsghdr{
 			Len:   uint32(syscall.SizeofNlMsghdr),
 			Type:  uint16(proto),
 			Flags: syscall.NLM_F_REQUEST | uint16(flags),
 			Seq:   atomic.AddUint32(&nextSeqNr, 1),
 		},
 	}
 }
 type NetlinkSocket struct {
 	fd  int
 	lsa syscall.SockaddrNetlink
 }
 func getNetlinkSocket(protocol int) (*NetlinkSocket, error) {
 	fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, protocol)
 	if err != nil {
 		return nil, err
 	}
 	s := &NetlinkSocket{
 		fd: fd,
 	}
 	s.lsa.Family = syscall.AF_NETLINK
 	if err := syscall.Bind(fd, &s.lsa); err != nil {
 		syscall.Close(fd)
 		return nil, err
 	}
 	return s, nil
 }
 // Create a netlink socket with a given protocol (e.g. NETLINK_ROUTE)
 // and subscribe it to multicast groups passed in variable argument list.
 // Returns the netlink socket on whic hReceive() method can be called
 // to retrieve the messages from the kernel.
 func Subscribe(protocol int, groups ...uint) (*NetlinkSocket, error) {
 	fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, protocol)
 	if err != nil {
 		return nil, err
 	}
 	s := &NetlinkSocket{
 		fd: fd,
 	}
 	s.lsa.Family = syscall.AF_NETLINK
 	for _, g := range groups {
 		s.lsa.Groups |= (1 << (g - 1))
 	}
 	if err := syscall.Bind(fd, &s.lsa); err != nil {
 		syscall.Close(fd)
 		return nil, err
 	}
 	return s, nil
 }
 func (s *NetlinkSocket) Close() {
 	syscall.Close(s.fd)
 }
 func (s *NetlinkSocket) Send(request *NetlinkRequest) error {
 	if err := syscall.Sendto(s.fd, request.Serialize(), 0, &s.lsa); err != nil {
 		return err
 	}
 	return nil
 }
 func (s *NetlinkSocket) Recieve() ([]syscall.NetlinkMessage, error) {
 	rb := make([]byte, syscall.Getpagesize())
 	nr, _, err := syscall.Recvfrom(s.fd, rb, 0)
 	if err != nil {
 		return nil, err
 	}
 	if nr < syscall.NLMSG_HDRLEN {
 		return nil, fmt.Errorf("Got short response from netlink")
 	}
 	rb = rb[:nr]
 	return syscall.ParseNetlinkMessage(rb)
 }
 func (s *NetlinkSocket) GetPid() (uint32, error) {
 	lsa, err := syscall.Getsockname(s.fd)
 	if err != nil {
 		return 0, err
 	}
 	switch v := lsa.(type) {
 	case *syscall.SockaddrNetlink:
 		return v.Pid, nil
 	}
 	return 0, fmt.Errorf("Wrong socket type")
 }
 func ZeroTerminated(s string) []byte {
 	bytes := make([]byte, len(s)+1)
 	for i := 0; i < len(s); i++ {
 		bytes[i] = s[i]
 	}
 	bytes[len(s)] = 0
 	return bytes
 }
 func NonZeroTerminated(s string) []byte {
 	bytes := make([]byte, len(s))
 	for i := 0; i < len(s); i++ {
 		bytes[i] = s[i]
 	}
 	return bytes
 }
 func BytesToString(b []byte) string {
 	n := bytes.Index(b, []byte{0})
 	return string(b[:n])
 }
 func Uint8Attr(v uint8) []byte {
 	return []byte{byte(v)}
 }
 func Uint16Attr(v uint16) []byte {
 	native := NativeEndian()
 	bytes := make([]byte, 2)
 	native.PutUint16(bytes, v)
 	return bytes
 }
 func Uint32Attr(v uint32) []byte {
 	native := NativeEndian()
 	bytes := make([]byte, 4)
 	native.PutUint32(bytes, v)
 	return bytes
 }
 func ParseRouteAttr(b []byte) ([]syscall.NetlinkRouteAttr, error) {
 	var attrs []syscall.NetlinkRouteAttr
 	for len(b) >= syscall.SizeofRtAttr {
 		a, vbuf, alen, err := netlinkRouteAttrAndValue(b)
 		if err != nil {
 			return nil, err
 		}
 		ra := syscall.NetlinkRouteAttr{Attr: *a, Value: vbuf[:int(a.Len)-syscall.SizeofRtAttr]}
 		attrs = append(attrs, ra)
 		b = b[alen:]
 	}
 	return attrs, nil
 }
 func netlinkRouteAttrAndValue(b []byte) (*syscall.RtAttr, []byte, int, error) {
 	a := (*syscall.RtAttr)(unsafe.Pointer(&b[0]))
 	if int(a.Len) < syscall.SizeofRtAttr || int(a.Len) > len(b) {
 		return nil, nil, 0, syscall.EINVAL
 	}
 	return a, b[syscall.SizeofRtAttr:], rtaAlignOf(int(a.Len)), nil
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/nl_linux_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/nl_linux_test.go
@ -1,60 +0,0 @@
 package nl
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
 	"reflect"
 	"syscall"
 	"testing"
 )
 type testSerializer interface {
 	serializeSafe() []byte
 	Serialize() []byte
 }
 func testDeserializeSerialize(t *testing.T, orig []byte, safemsg testSerializer, msg testSerializer) {
 	if !reflect.DeepEqual(safemsg, msg) {
 		t.Fatal("Deserialization failed.\n", safemsg, "\n", msg)
 	}
 	safe := msg.serializeSafe()
 	if !bytes.Equal(safe, orig) {
 		t.Fatal("Safe serialization failed.\n", safe, "\n", orig)
 	}
 	b := msg.Serialize()
 	if !bytes.Equal(b, safe) {
 		t.Fatal("Serialization failed.\n", b, "\n", safe)
 	}
 }
 func (msg *IfInfomsg) write(b []byte) {
 	native := NativeEndian()
 	b[0] = msg.Family
 	b[1] = msg.X__ifi_pad
 	native.PutUint16(b[2:4], msg.Type)
 	native.PutUint32(b[4:8], uint32(msg.Index))
 	native.PutUint32(b[8:12], msg.Flags)
 	native.PutUint32(b[12:16], msg.Change)
 }
 func (msg *IfInfomsg) serializeSafe() []byte {
 	length := syscall.SizeofIfInfomsg
 	b := make([]byte, length)
 	msg.write(b)
 	return b
 }
 func deserializeIfInfomsgSafe(b []byte) *IfInfomsg {
 	var msg = IfInfomsg{}
 	binary.Read(bytes.NewReader(b[0:syscall.SizeofIfInfomsg]), NativeEndian(), &msg)
 	return &msg
 }
 func TestIfInfomsgDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, syscall.SizeofIfInfomsg)
 	rand.Read(orig)
 	safemsg := deserializeIfInfomsgSafe(orig)
 	msg := DeserializeIfInfomsg(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/route_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/route_linux.go
@ -1,33 +0,0 @@
 package nl
 import (
 	"syscall"
 	"unsafe"
 )
 type RtMsg struct {
 	syscall.RtMsg
 }
 func NewRtMsg() *RtMsg {
 	return &RtMsg{
 		RtMsg: syscall.RtMsg{
 			Table:    syscall.RT_TABLE_MAIN,
 			Scope:    syscall.RT_SCOPE_UNIVERSE,
 			Protocol: syscall.RTPROT_BOOT,
 			Type:     syscall.RTN_UNICAST,
 		},
 	}
 }
 func (msg *RtMsg) Len() int {
 	return syscall.SizeofRtMsg
 }
 func DeserializeRtMsg(b []byte) *RtMsg {
 	return (*RtMsg)(unsafe.Pointer(&b[0:syscall.SizeofRtMsg][0]))
 }
 func (msg *RtMsg) Serialize() []byte {
 	return (*(*[syscall.SizeofRtMsg]byte)(unsafe.Pointer(msg)))[:]
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/route_linux_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/route_linux_test.go
@ -1,43 +0,0 @@
 package nl
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
 	"syscall"
 	"testing"
 )
 func (msg *RtMsg) write(b []byte) {
 	native := NativeEndian()
 	b[0] = msg.Family
 	b[1] = msg.Dst_len
 	b[2] = msg.Src_len
 	b[3] = msg.Tos
 	b[4] = msg.Table
 	b[5] = msg.Protocol
 	b[6] = msg.Scope
 	b[7] = msg.Type
 	native.PutUint32(b[8:12], msg.Flags)
 }
 func (msg *RtMsg) serializeSafe() []byte {
 	len := syscall.SizeofRtMsg
 	b := make([]byte, len)
 	msg.write(b)
 	return b
 }
 func deserializeRtMsgSafe(b []byte) *RtMsg {
 	var msg = RtMsg{}
 	binary.Read(bytes.NewReader(b[0:syscall.SizeofRtMsg]), NativeEndian(), &msg)
 	return &msg
 }
 func TestRtMsgDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, syscall.SizeofRtMsg)
 	rand.Read(orig)
 	safemsg := deserializeRtMsgSafe(orig)
 	msg := DeserializeRtMsg(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_linux.go
@ -1,259 +0,0 @@
 package nl
 import (
 	"bytes"
 	"net"
 	"unsafe"
 )
 // Infinity for packet and byte counts
 const (
 	XFRM_INF = ^uint64(0)
 )
 // Message Types
 const (
 	XFRM_MSG_BASE        = 0x10
 	XFRM_MSG_NEWSA       = 0x10
 	XFRM_MSG_DELSA       = 0x11
 	XFRM_MSG_GETSA       = 0x12
 	XFRM_MSG_NEWPOLICY   = 0x13
 	XFRM_MSG_DELPOLICY   = 0x14
 	XFRM_MSG_GETPOLICY   = 0x15
 	XFRM_MSG_ALLOCSPI    = 0x16
 	XFRM_MSG_ACQUIRE     = 0x17
 	XFRM_MSG_EXPIRE      = 0x18
 	XFRM_MSG_UPDPOLICY   = 0x19
 	XFRM_MSG_UPDSA       = 0x1a
 	XFRM_MSG_POLEXPIRE   = 0x1b
 	XFRM_MSG_FLUSHSA     = 0x1c
 	XFRM_MSG_FLUSHPOLICY = 0x1d
 	XFRM_MSG_NEWAE       = 0x1e
 	XFRM_MSG_GETAE       = 0x1f
 	XFRM_MSG_REPORT      = 0x20
 	XFRM_MSG_MIGRATE     = 0x21
 	XFRM_MSG_NEWSADINFO  = 0x22
 	XFRM_MSG_GETSADINFO  = 0x23
 	XFRM_MSG_NEWSPDINFO  = 0x24
 	XFRM_MSG_GETSPDINFO  = 0x25
 	XFRM_MSG_MAPPING     = 0x26
 	XFRM_MSG_MAX         = 0x26
 	XFRM_NR_MSGTYPES     = 0x17
 )
 // Attribute types
 const (
 	/* Netlink message attributes.  */
 	XFRMA_UNSPEC         = 0x00
 	XFRMA_ALG_AUTH       = 0x01 /* struct xfrm_algo */
 	XFRMA_ALG_CRYPT      = 0x02 /* struct xfrm_algo */
 	XFRMA_ALG_COMP       = 0x03 /* struct xfrm_algo */
 	XFRMA_ENCAP          = 0x04 /* struct xfrm_algo + struct xfrm_encap_tmpl */
 	XFRMA_TMPL           = 0x05 /* 1 or more struct xfrm_user_tmpl */
 	XFRMA_SA             = 0x06 /* struct xfrm_usersa_info  */
 	XFRMA_POLICY         = 0x07 /* struct xfrm_userpolicy_info */
 	XFRMA_SEC_CTX        = 0x08 /* struct xfrm_sec_ctx */
 	XFRMA_LTIME_VAL      = 0x09
 	XFRMA_REPLAY_VAL     = 0x0a
 	XFRMA_REPLAY_THRESH  = 0x0b
 	XFRMA_ETIMER_THRESH  = 0x0c
 	XFRMA_SRCADDR        = 0x0d /* xfrm_address_t */
 	XFRMA_COADDR         = 0x0e /* xfrm_address_t */
 	XFRMA_LASTUSED       = 0x0f /* unsigned long  */
 	XFRMA_POLICY_TYPE    = 0x10 /* struct xfrm_userpolicy_type */
 	XFRMA_MIGRATE        = 0x11
 	XFRMA_ALG_AEAD       = 0x12 /* struct xfrm_algo_aead */
 	XFRMA_KMADDRESS      = 0x13 /* struct xfrm_user_kmaddress */
 	XFRMA_ALG_AUTH_TRUNC = 0x14 /* struct xfrm_algo_auth */
 	XFRMA_MARK           = 0x15 /* struct xfrm_mark */
 	XFRMA_TFCPAD         = 0x16 /* __u32 */
 	XFRMA_REPLAY_ESN_VAL = 0x17 /* struct xfrm_replay_esn */
 	XFRMA_SA_EXTRA_FLAGS = 0x18 /* __u32 */
 	XFRMA_MAX            = 0x18
 )
 const (
 	SizeofXfrmAddress     = 0x10
 	SizeofXfrmSelector    = 0x38
 	SizeofXfrmLifetimeCfg = 0x40
 	SizeofXfrmLifetimeCur = 0x20
 	SizeofXfrmId          = 0x18
 )
 // typedef union {
 //   __be32    a4;
 //   __be32    a6[4];
 // } xfrm_address_t;
 type XfrmAddress [SizeofXfrmAddress]byte
 func (x *XfrmAddress) ToIP() net.IP {
 	var empty = [12]byte{}
 	ip := make(net.IP, net.IPv6len)
 	if bytes.Equal(x[4:16], empty[:]) {
 		ip[10] = 0xff
 		ip[11] = 0xff
 		copy(ip[12:16], x[0:4])
 	} else {
 		copy(ip[:], x[:])
 	}
 	return ip
 }
 func (x *XfrmAddress) ToIPNet(prefixlen uint8) *net.IPNet {
 	ip := x.ToIP()
 	if GetIPFamily(ip) == FAMILY_V4 {
 		return &net.IPNet{IP: ip, Mask: net.CIDRMask(int(prefixlen), 32)}
 	} else {
 		return &net.IPNet{IP: ip, Mask: net.CIDRMask(int(prefixlen), 128)}
 	}
 }
 func (x *XfrmAddress) FromIP(ip net.IP) {
 	var empty = [16]byte{}
 	if len(ip) < net.IPv4len {
 		copy(x[4:16], empty[:])
 	} else if GetIPFamily(ip) == FAMILY_V4 {
 		copy(x[0:4], ip.To4()[0:4])
 		copy(x[4:16], empty[:12])
 	} else {
 		copy(x[0:16], ip.To16()[0:16])
 	}
 }
 func DeserializeXfrmAddress(b []byte) *XfrmAddress {
 	return (*XfrmAddress)(unsafe.Pointer(&b[0:SizeofXfrmAddress][0]))
 }
 func (msg *XfrmAddress) Serialize() []byte {
 	return (*(*[SizeofXfrmAddress]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_selector {
 //   xfrm_address_t  daddr;
 //   xfrm_address_t  saddr;
 //   __be16  dport;
 //   __be16  dport_mask;
 //   __be16  sport;
 //   __be16  sport_mask;
 //   __u16 family;
 //   __u8  prefixlen_d;
 //   __u8  prefixlen_s;
 //   __u8  proto;
 //   int ifindex;
 //   __kernel_uid32_t  user;
 // };
 type XfrmSelector struct {
 	Daddr      XfrmAddress
 	Saddr      XfrmAddress
 	Dport      uint16 // big endian
 	DportMask  uint16 // big endian
 	Sport      uint16 // big endian
 	SportMask  uint16 // big endian
 	Family     uint16
 	PrefixlenD uint8
 	PrefixlenS uint8
 	Proto      uint8
 	Pad        [3]byte
 	Ifindex    int32
 	User       uint32
 }
 func (msg *XfrmSelector) Len() int {
 	return SizeofXfrmSelector
 }
 func DeserializeXfrmSelector(b []byte) *XfrmSelector {
 	return (*XfrmSelector)(unsafe.Pointer(&b[0:SizeofXfrmSelector][0]))
 }
 func (msg *XfrmSelector) Serialize() []byte {
 	return (*(*[SizeofXfrmSelector]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_lifetime_cfg {
 //   __u64 soft_byte_limit;
 //   __u64 hard_byte_limit;
 //   __u64 soft_packet_limit;
 //   __u64 hard_packet_limit;
 //   __u64 soft_add_expires_seconds;
 //   __u64 hard_add_expires_seconds;
 //   __u64 soft_use_expires_seconds;
 //   __u64 hard_use_expires_seconds;
 // };
 //
 type XfrmLifetimeCfg struct {
 	SoftByteLimit         uint64
 	HardByteLimit         uint64
 	SoftPacketLimit       uint64
 	HardPacketLimit       uint64
 	SoftAddExpiresSeconds uint64
 	HardAddExpiresSeconds uint64
 	SoftUseExpiresSeconds uint64
 	HardUseExpiresSeconds uint64
 }
 func (msg *XfrmLifetimeCfg) Len() int {
 	return SizeofXfrmLifetimeCfg
 }
 func DeserializeXfrmLifetimeCfg(b []byte) *XfrmLifetimeCfg {
 	return (*XfrmLifetimeCfg)(unsafe.Pointer(&b[0:SizeofXfrmLifetimeCfg][0]))
 }
 func (msg *XfrmLifetimeCfg) Serialize() []byte {
 	return (*(*[SizeofXfrmLifetimeCfg]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_lifetime_cur {
 //   __u64 bytes;
 //   __u64 packets;
 //   __u64 add_time;
 //   __u64 use_time;
 // };
 type XfrmLifetimeCur struct {
 	Bytes   uint64
 	Packets uint64
 	AddTime uint64
 	UseTime uint64
 }
 func (msg *XfrmLifetimeCur) Len() int {
 	return SizeofXfrmLifetimeCur
 }
 func DeserializeXfrmLifetimeCur(b []byte) *XfrmLifetimeCur {
 	return (*XfrmLifetimeCur)(unsafe.Pointer(&b[0:SizeofXfrmLifetimeCur][0]))
 }
 func (msg *XfrmLifetimeCur) Serialize() []byte {
 	return (*(*[SizeofXfrmLifetimeCur]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_id {
 //   xfrm_address_t  daddr;
 //   __be32    spi;
 //   __u8    proto;
 // };
 type XfrmId struct {
 	Daddr XfrmAddress
 	Spi   uint32 // big endian
 	Proto uint8
 	Pad   [3]byte
 }
 func (msg *XfrmId) Len() int {
 	return SizeofXfrmId
 }
 func DeserializeXfrmId(b []byte) *XfrmId {
 	return (*XfrmId)(unsafe.Pointer(&b[0:SizeofXfrmId][0]))
 }
 func (msg *XfrmId) Serialize() []byte {
 	return (*(*[SizeofXfrmId]byte)(unsafe.Pointer(msg)))[:]
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_linux_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_linux_test.go
@ -1,161 +0,0 @@
 package nl
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
 	"testing"
 )
 func (msg *XfrmAddress) write(b []byte) {
 	copy(b[0:SizeofXfrmAddress], msg[:])
 }
 func (msg *XfrmAddress) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmAddress)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmAddressSafe(b []byte) *XfrmAddress {
 	var msg = XfrmAddress{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmAddress]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmAddressDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmAddress)
 	rand.Read(orig)
 	safemsg := deserializeXfrmAddressSafe(orig)
 	msg := DeserializeXfrmAddress(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmSelector) write(b []byte) {
 	const AddrEnd = SizeofXfrmAddress * 2
 	native := NativeEndian()
 	msg.Daddr.write(b[0:SizeofXfrmAddress])
 	msg.Saddr.write(b[SizeofXfrmAddress:AddrEnd])
 	native.PutUint16(b[AddrEnd:AddrEnd+2], msg.Dport)
 	native.PutUint16(b[AddrEnd+2:AddrEnd+4], msg.DportMask)
 	native.PutUint16(b[AddrEnd+4:AddrEnd+6], msg.Sport)
 	native.PutUint16(b[AddrEnd+6:AddrEnd+8], msg.SportMask)
 	native.PutUint16(b[AddrEnd+8:AddrEnd+10], msg.Family)
 	b[AddrEnd+10] = msg.PrefixlenD
 	b[AddrEnd+11] = msg.PrefixlenS
 	b[AddrEnd+12] = msg.Proto
 	copy(b[AddrEnd+13:AddrEnd+16], msg.Pad[:])
 	native.PutUint32(b[AddrEnd+16:AddrEnd+20], uint32(msg.Ifindex))
 	native.PutUint32(b[AddrEnd+20:AddrEnd+24], msg.User)
 }
 func (msg *XfrmSelector) serializeSafe() []byte {
 	length := SizeofXfrmSelector
 	b := make([]byte, length)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmSelectorSafe(b []byte) *XfrmSelector {
 	var msg = XfrmSelector{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmSelector]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmSelectorDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmSelector)
 	rand.Read(orig)
 	safemsg := deserializeXfrmSelectorSafe(orig)
 	msg := DeserializeXfrmSelector(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmLifetimeCfg) write(b []byte) {
 	native := NativeEndian()
 	native.PutUint64(b[0:8], msg.SoftByteLimit)
 	native.PutUint64(b[8:16], msg.HardByteLimit)
 	native.PutUint64(b[16:24], msg.SoftPacketLimit)
 	native.PutUint64(b[24:32], msg.HardPacketLimit)
 	native.PutUint64(b[32:40], msg.SoftAddExpiresSeconds)
 	native.PutUint64(b[40:48], msg.HardAddExpiresSeconds)
 	native.PutUint64(b[48:56], msg.SoftUseExpiresSeconds)
 	native.PutUint64(b[56:64], msg.HardUseExpiresSeconds)
 }
 func (msg *XfrmLifetimeCfg) serializeSafe() []byte {
 	length := SizeofXfrmLifetimeCfg
 	b := make([]byte, length)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmLifetimeCfgSafe(b []byte) *XfrmLifetimeCfg {
 	var msg = XfrmLifetimeCfg{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmLifetimeCfg]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmLifetimeCfgDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmLifetimeCfg)
 	rand.Read(orig)
 	safemsg := deserializeXfrmLifetimeCfgSafe(orig)
 	msg := DeserializeXfrmLifetimeCfg(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmLifetimeCur) write(b []byte) {
 	native := NativeEndian()
 	native.PutUint64(b[0:8], msg.Bytes)
 	native.PutUint64(b[8:16], msg.Packets)
 	native.PutUint64(b[16:24], msg.AddTime)
 	native.PutUint64(b[24:32], msg.UseTime)
 }
 func (msg *XfrmLifetimeCur) serializeSafe() []byte {
 	length := SizeofXfrmLifetimeCur
 	b := make([]byte, length)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmLifetimeCurSafe(b []byte) *XfrmLifetimeCur {
 	var msg = XfrmLifetimeCur{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmLifetimeCur]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmLifetimeCurDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmLifetimeCur)
 	rand.Read(orig)
 	safemsg := deserializeXfrmLifetimeCurSafe(orig)
 	msg := DeserializeXfrmLifetimeCur(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmId) write(b []byte) {
 	native := NativeEndian()
 	msg.Daddr.write(b[0:SizeofXfrmAddress])
 	native.PutUint32(b[SizeofXfrmAddress:SizeofXfrmAddress+4], msg.Spi)
 	b[SizeofXfrmAddress+4] = msg.Proto
 	copy(b[SizeofXfrmAddress+5:SizeofXfrmAddress+8], msg.Pad[:])
 }
 func (msg *XfrmId) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmId)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmIdSafe(b []byte) *XfrmId {
 	var msg = XfrmId{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmId]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmIdDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmId)
 	rand.Read(orig)
 	safemsg := deserializeXfrmIdSafe(orig)
 	msg := DeserializeXfrmId(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_policy_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_policy_linux.go
@ -1,119 +0,0 @@
 package nl
 import (
 	"unsafe"
 )
 const (
 	SizeofXfrmUserpolicyId   = 0x40
 	SizeofXfrmUserpolicyInfo = 0xa8
 	SizeofXfrmUserTmpl       = 0x40
 )
 // struct xfrm_userpolicy_id {
 //   struct xfrm_selector    sel;
 //   __u32       index;
 //   __u8        dir;
 // };
 //
 type XfrmUserpolicyId struct {
 	Sel   XfrmSelector
 	Index uint32
 	Dir   uint8
 	Pad   [3]byte
 }
 func (msg *XfrmUserpolicyId) Len() int {
 	return SizeofXfrmUserpolicyId
 }
 func DeserializeXfrmUserpolicyId(b []byte) *XfrmUserpolicyId {
 	return (*XfrmUserpolicyId)(unsafe.Pointer(&b[0:SizeofXfrmUserpolicyId][0]))
 }
 func (msg *XfrmUserpolicyId) Serialize() []byte {
 	return (*(*[SizeofXfrmUserpolicyId]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_userpolicy_info {
 //   struct xfrm_selector    sel;
 //   struct xfrm_lifetime_cfg  lft;
 //   struct xfrm_lifetime_cur  curlft;
 //   __u32       priority;
 //   __u32       index;
 //   __u8        dir;
 //   __u8        action;
 // #define XFRM_POLICY_ALLOW 0
 // #define XFRM_POLICY_BLOCK 1
 //   __u8        flags;
 // #define XFRM_POLICY_LOCALOK 1 /* Allow user to override global policy */
 //   /* Automatically expand selector to include matching ICMP payloads. */
 // #define XFRM_POLICY_ICMP  2
 //   __u8        share;
 // };
 type XfrmUserpolicyInfo struct {
 	Sel      XfrmSelector
 	Lft      XfrmLifetimeCfg
 	Curlft   XfrmLifetimeCur
 	Priority uint32
 	Index    uint32
 	Dir      uint8
 	Action   uint8
 	Flags    uint8
 	Share    uint8
 	Pad      [4]byte
 }
 func (msg *XfrmUserpolicyInfo) Len() int {
 	return SizeofXfrmUserpolicyInfo
 }
 func DeserializeXfrmUserpolicyInfo(b []byte) *XfrmUserpolicyInfo {
 	return (*XfrmUserpolicyInfo)(unsafe.Pointer(&b[0:SizeofXfrmUserpolicyInfo][0]))
 }
 func (msg *XfrmUserpolicyInfo) Serialize() []byte {
 	return (*(*[SizeofXfrmUserpolicyInfo]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_user_tmpl {
 //   struct xfrm_id    id;
 //   __u16     family;
 //   xfrm_address_t    saddr;
 //   __u32     reqid;
 //   __u8      mode;
 //   __u8      share;
 //   __u8      optional;
 //   __u32     aalgos;
 //   __u32     ealgos;
 //   __u32     calgos;
 // }
 type XfrmUserTmpl struct {
 	XfrmId   XfrmId
 	Family   uint16
 	Pad1     [2]byte
 	Saddr    XfrmAddress
 	Reqid    uint32
 	Mode     uint8
 	Share    uint8
 	Optional uint8
 	Pad2     byte
 	Aalgos   uint32
 	Ealgos   uint32
 	Calgos   uint32
 }
 func (msg *XfrmUserTmpl) Len() int {
 	return SizeofXfrmUserTmpl
 }
 func DeserializeXfrmUserTmpl(b []byte) *XfrmUserTmpl {
 	return (*XfrmUserTmpl)(unsafe.Pointer(&b[0:SizeofXfrmUserTmpl][0]))
 }
 func (msg *XfrmUserTmpl) Serialize() []byte {
 	return (*(*[SizeofXfrmUserTmpl]byte)(unsafe.Pointer(msg)))[:]
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_policy_linux_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_policy_linux_test.go
@ -1,109 +0,0 @@
 package nl
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
 	"testing"
 )
 func (msg *XfrmUserpolicyId) write(b []byte) {
 	native := NativeEndian()
 	msg.Sel.write(b[0:SizeofXfrmSelector])
 	native.PutUint32(b[SizeofXfrmSelector:SizeofXfrmSelector+4], msg.Index)
 	b[SizeofXfrmSelector+4] = msg.Dir
 	copy(b[SizeofXfrmSelector+5:SizeofXfrmSelector+8], msg.Pad[:])
 }
 func (msg *XfrmUserpolicyId) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmUserpolicyId)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmUserpolicyIdSafe(b []byte) *XfrmUserpolicyId {
 	var msg = XfrmUserpolicyId{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmUserpolicyId]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmUserpolicyIdDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmUserpolicyId)
 	rand.Read(orig)
 	safemsg := deserializeXfrmUserpolicyIdSafe(orig)
 	msg := DeserializeXfrmUserpolicyId(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmUserpolicyInfo) write(b []byte) {
 	const CfgEnd = SizeofXfrmSelector + SizeofXfrmLifetimeCfg
 	const CurEnd = CfgEnd + SizeofXfrmLifetimeCur
 	native := NativeEndian()
 	msg.Sel.write(b[0:SizeofXfrmSelector])
 	msg.Lft.write(b[SizeofXfrmSelector:CfgEnd])
 	msg.Curlft.write(b[CfgEnd:CurEnd])
 	native.PutUint32(b[CurEnd:CurEnd+4], msg.Priority)
 	native.PutUint32(b[CurEnd+4:CurEnd+8], msg.Index)
 	b[CurEnd+8] = msg.Dir
 	b[CurEnd+9] = msg.Action
 	b[CurEnd+10] = msg.Flags
 	b[CurEnd+11] = msg.Share
 	copy(b[CurEnd+12:CurEnd+16], msg.Pad[:])
 }
 func (msg *XfrmUserpolicyInfo) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmUserpolicyInfo)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmUserpolicyInfoSafe(b []byte) *XfrmUserpolicyInfo {
 	var msg = XfrmUserpolicyInfo{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmUserpolicyInfo]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmUserpolicyInfoDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmUserpolicyInfo)
 	rand.Read(orig)
 	safemsg := deserializeXfrmUserpolicyInfoSafe(orig)
 	msg := DeserializeXfrmUserpolicyInfo(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmUserTmpl) write(b []byte) {
 	const AddrEnd = SizeofXfrmId + 4 + SizeofXfrmAddress
 	native := NativeEndian()
 	msg.XfrmId.write(b[0:SizeofXfrmId])
 	native.PutUint16(b[SizeofXfrmId:SizeofXfrmId+2], msg.Family)
 	copy(b[SizeofXfrmId+2:SizeofXfrmId+4], msg.Pad1[:])
 	msg.Saddr.write(b[SizeofXfrmId+4 : AddrEnd])
 	native.PutUint32(b[AddrEnd:AddrEnd+4], msg.Reqid)
 	b[AddrEnd+4] = msg.Mode
 	b[AddrEnd+5] = msg.Share
 	b[AddrEnd+6] = msg.Optional
 	b[AddrEnd+7] = msg.Pad2
 	native.PutUint32(b[AddrEnd+8:AddrEnd+12], msg.Aalgos)
 	native.PutUint32(b[AddrEnd+12:AddrEnd+16], msg.Ealgos)
 	native.PutUint32(b[AddrEnd+16:AddrEnd+20], msg.Calgos)
 }
 func (msg *XfrmUserTmpl) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmUserTmpl)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmUserTmplSafe(b []byte) *XfrmUserTmpl {
 	var msg = XfrmUserTmpl{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmUserTmpl]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmUserTmplDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmUserTmpl)
 	rand.Read(orig)
 	safemsg := deserializeXfrmUserTmplSafe(orig)
 	msg := DeserializeXfrmUserTmpl(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_state_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_state_linux.go
@ -1,221 +0,0 @@
 package nl
 import (
 	"unsafe"
 )
 const (
 	SizeofXfrmUsersaId   = 0x18
 	SizeofXfrmStats      = 0x0c
 	SizeofXfrmUsersaInfo = 0xe0
 	SizeofXfrmAlgo       = 0x44
 	SizeofXfrmAlgoAuth   = 0x48
 	SizeofXfrmEncapTmpl  = 0x18
 )
 // struct xfrm_usersa_id {
 //   xfrm_address_t      daddr;
 //   __be32        spi;
 //   __u16       family;
 //   __u8        proto;
 // };
 type XfrmUsersaId struct {
 	Daddr  XfrmAddress
 	Spi    uint32 // big endian
 	Family uint16
 	Proto  uint8
 	Pad    byte
 }
 func (msg *XfrmUsersaId) Len() int {
 	return SizeofXfrmUsersaId
 }
 func DeserializeXfrmUsersaId(b []byte) *XfrmUsersaId {
 	return (*XfrmUsersaId)(unsafe.Pointer(&b[0:SizeofXfrmUsersaId][0]))
 }
 func (msg *XfrmUsersaId) Serialize() []byte {
 	return (*(*[SizeofXfrmUsersaId]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_stats {
 //   __u32 replay_window;
 //   __u32 replay;
 //   __u32 integrity_failed;
 // };
 type XfrmStats struct {
 	ReplayWindow    uint32
 	Replay          uint32
 	IntegrityFailed uint32
 }
 func (msg *XfrmStats) Len() int {
 	return SizeofXfrmStats
 }
 func DeserializeXfrmStats(b []byte) *XfrmStats {
 	return (*XfrmStats)(unsafe.Pointer(&b[0:SizeofXfrmStats][0]))
 }
 func (msg *XfrmStats) Serialize() []byte {
 	return (*(*[SizeofXfrmStats]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_usersa_info {
 //   struct xfrm_selector    sel;
 //   struct xfrm_id      id;
 //   xfrm_address_t      saddr;
 //   struct xfrm_lifetime_cfg  lft;
 //   struct xfrm_lifetime_cur  curlft;
 //   struct xfrm_stats   stats;
 //   __u32       seq;
 //   __u32       reqid;
 //   __u16       family;
 //   __u8        mode;   /* XFRM_MODE_xxx */
 //   __u8        replay_window;
 //   __u8        flags;
 // #define XFRM_STATE_NOECN  1
 // #define XFRM_STATE_DECAP_DSCP 2
 // #define XFRM_STATE_NOPMTUDISC 4
 // #define XFRM_STATE_WILDRECV 8
 // #define XFRM_STATE_ICMP   16
 // #define XFRM_STATE_AF_UNSPEC  32
 // #define XFRM_STATE_ALIGN4 64
 // #define XFRM_STATE_ESN    128
 // };
 //
 // #define XFRM_SA_XFLAG_DONT_ENCAP_DSCP 1
 //
 type XfrmUsersaInfo struct {
 	Sel          XfrmSelector
 	Id           XfrmId
 	Saddr        XfrmAddress
 	Lft          XfrmLifetimeCfg
 	Curlft       XfrmLifetimeCur
 	Stats        XfrmStats
 	Seq          uint32
 	Reqid        uint32
 	Family       uint16
 	Mode         uint8
 	ReplayWindow uint8
 	Flags        uint8
 	Pad          [7]byte
 }
 func (msg *XfrmUsersaInfo) Len() int {
 	return SizeofXfrmUsersaInfo
 }
 func DeserializeXfrmUsersaInfo(b []byte) *XfrmUsersaInfo {
 	return (*XfrmUsersaInfo)(unsafe.Pointer(&b[0:SizeofXfrmUsersaInfo][0]))
 }
 func (msg *XfrmUsersaInfo) Serialize() []byte {
 	return (*(*[SizeofXfrmUsersaInfo]byte)(unsafe.Pointer(msg)))[:]
 }
 // struct xfrm_algo {
 //   char    alg_name[64];
 //   unsigned int  alg_key_len;    /* in bits */
 //   char    alg_key[0];
 // };
 type XfrmAlgo struct {
 	AlgName   [64]byte
 	AlgKeyLen uint32
 	AlgKey    []byte
 }
 func (msg *XfrmAlgo) Len() int {
 	return SizeofXfrmAlgo + int(msg.AlgKeyLen/8)
 }
 func DeserializeXfrmAlgo(b []byte) *XfrmAlgo {
 	ret := XfrmAlgo{}
 	copy(ret.AlgName[:], b[0:64])
 	ret.AlgKeyLen = *(*uint32)(unsafe.Pointer(&b[64]))
 	ret.AlgKey = b[68:ret.Len()]
 	return &ret
 }
 func (msg *XfrmAlgo) Serialize() []byte {
 	b := make([]byte, msg.Len())
 	copy(b[0:64], msg.AlgName[:])
 	copy(b[64:68], (*(*[4]byte)(unsafe.Pointer(&msg.AlgKeyLen)))[:])
 	copy(b[68:msg.Len()], msg.AlgKey[:])
 	return b
 }
 // struct xfrm_algo_auth {
 //   char    alg_name[64];
 //   unsigned int  alg_key_len;    /* in bits */
 //   unsigned int  alg_trunc_len;  /* in bits */
 //   char    alg_key[0];
 // };
 type XfrmAlgoAuth struct {
 	AlgName     [64]byte
 	AlgKeyLen   uint32
 	AlgTruncLen uint32
 	AlgKey      []byte
 }
 func (msg *XfrmAlgoAuth) Len() int {
 	return SizeofXfrmAlgoAuth + int(msg.AlgKeyLen/8)
 }
 func DeserializeXfrmAlgoAuth(b []byte) *XfrmAlgoAuth {
 	ret := XfrmAlgoAuth{}
 	copy(ret.AlgName[:], b[0:64])
 	ret.AlgKeyLen = *(*uint32)(unsafe.Pointer(&b[64]))
 	ret.AlgTruncLen = *(*uint32)(unsafe.Pointer(&b[68]))
 	ret.AlgKey = b[72:ret.Len()]
 	return &ret
 }
 func (msg *XfrmAlgoAuth) Serialize() []byte {
 	b := make([]byte, msg.Len())
 	copy(b[0:64], msg.AlgName[:])
 	copy(b[64:68], (*(*[4]byte)(unsafe.Pointer(&msg.AlgKeyLen)))[:])
 	copy(b[68:72], (*(*[4]byte)(unsafe.Pointer(&msg.AlgTruncLen)))[:])
 	copy(b[72:msg.Len()], msg.AlgKey[:])
 	return b
 }
 // struct xfrm_algo_aead {
 //   char    alg_name[64];
 //   unsigned int  alg_key_len;  /* in bits */
 //   unsigned int  alg_icv_len;  /* in bits */
 //   char    alg_key[0];
 // }
 // struct xfrm_encap_tmpl {
 //   __u16   encap_type;
 //   __be16    encap_sport;
 //   __be16    encap_dport;
 //   xfrm_address_t  encap_oa;
 // };
 type XfrmEncapTmpl struct {
 	EncapType  uint16
 	EncapSport uint16 // big endian
 	EncapDport uint16 // big endian
 	Pad        [2]byte
 	EncapOa    XfrmAddress
 }
 func (msg *XfrmEncapTmpl) Len() int {
 	return SizeofXfrmEncapTmpl
 }
 func DeserializeXfrmEncapTmpl(b []byte) *XfrmEncapTmpl {
 	return (*XfrmEncapTmpl)(unsafe.Pointer(&b[0:SizeofXfrmEncapTmpl][0]))
 }
 func (msg *XfrmEncapTmpl) Serialize() []byte {
 	return (*(*[SizeofXfrmEncapTmpl]byte)(unsafe.Pointer(msg)))[:]
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_state_linux_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/nl/xfrm_state_linux_test.go
@ -1,207 +0,0 @@
 package nl
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
 	"testing"
 )
 func (msg *XfrmUsersaId) write(b []byte) {
 	native := NativeEndian()
 	msg.Daddr.write(b[0:SizeofXfrmAddress])
 	native.PutUint32(b[SizeofXfrmAddress:SizeofXfrmAddress+4], msg.Spi)
 	native.PutUint16(b[SizeofXfrmAddress+4:SizeofXfrmAddress+6], msg.Family)
 	b[SizeofXfrmAddress+6] = msg.Proto
 	b[SizeofXfrmAddress+7] = msg.Pad
 }
 func (msg *XfrmUsersaId) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmUsersaId)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmUsersaIdSafe(b []byte) *XfrmUsersaId {
 	var msg = XfrmUsersaId{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmUsersaId]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmUsersaIdDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmUsersaId)
 	rand.Read(orig)
 	safemsg := deserializeXfrmUsersaIdSafe(orig)
 	msg := DeserializeXfrmUsersaId(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmStats) write(b []byte) {
 	native := NativeEndian()
 	native.PutUint32(b[0:4], msg.ReplayWindow)
 	native.PutUint32(b[4:8], msg.Replay)
 	native.PutUint32(b[8:12], msg.IntegrityFailed)
 }
 func (msg *XfrmStats) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmStats)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmStatsSafe(b []byte) *XfrmStats {
 	var msg = XfrmStats{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmStats]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmStatsDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmStats)
 	rand.Read(orig)
 	safemsg := deserializeXfrmStatsSafe(orig)
 	msg := DeserializeXfrmStats(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmUsersaInfo) write(b []byte) {
 	const IdEnd = SizeofXfrmSelector + SizeofXfrmId
 	const AddressEnd = IdEnd + SizeofXfrmAddress
 	const CfgEnd = AddressEnd + SizeofXfrmLifetimeCfg
 	const CurEnd = CfgEnd + SizeofXfrmLifetimeCur
 	const StatsEnd = CurEnd + SizeofXfrmStats
 	native := NativeEndian()
 	msg.Sel.write(b[0:SizeofXfrmSelector])
 	msg.Id.write(b[SizeofXfrmSelector:IdEnd])
 	msg.Saddr.write(b[IdEnd:AddressEnd])
 	msg.Lft.write(b[AddressEnd:CfgEnd])
 	msg.Curlft.write(b[CfgEnd:CurEnd])
 	msg.Stats.write(b[CurEnd:StatsEnd])
 	native.PutUint32(b[StatsEnd:StatsEnd+4], msg.Seq)
 	native.PutUint32(b[StatsEnd+4:StatsEnd+8], msg.Reqid)
 	native.PutUint16(b[StatsEnd+8:StatsEnd+10], msg.Family)
 	b[StatsEnd+10] = msg.Mode
 	b[StatsEnd+11] = msg.ReplayWindow
 	b[StatsEnd+12] = msg.Flags
 	copy(b[StatsEnd+13:StatsEnd+20], msg.Pad[:])
 }
 func (msg *XfrmUsersaInfo) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmUsersaInfo)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmUsersaInfoSafe(b []byte) *XfrmUsersaInfo {
 	var msg = XfrmUsersaInfo{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmUsersaInfo]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmUsersaInfoDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmUsersaInfo)
 	rand.Read(orig)
 	safemsg := deserializeXfrmUsersaInfoSafe(orig)
 	msg := DeserializeXfrmUsersaInfo(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmAlgo) write(b []byte) {
 	native := NativeEndian()
 	copy(b[0:64], msg.AlgName[:])
 	native.PutUint32(b[64:68], msg.AlgKeyLen)
 	copy(b[68:msg.Len()], msg.AlgKey[:])
 }
 func (msg *XfrmAlgo) serializeSafe() []byte {
 	b := make([]byte, msg.Len())
 	msg.write(b)
 	return b
 }
 func deserializeXfrmAlgoSafe(b []byte) *XfrmAlgo {
 	var msg = XfrmAlgo{}
 	copy(msg.AlgName[:], b[0:64])
 	binary.Read(bytes.NewReader(b[64:68]), NativeEndian(), &msg.AlgKeyLen)
 	msg.AlgKey = b[68:msg.Len()]
 	return &msg
 }
 func TestXfrmAlgoDeserializeSerialize(t *testing.T) {
 	// use a 32 byte key len
 	var orig = make([]byte, SizeofXfrmAlgo+32)
 	rand.Read(orig)
 	// set the key len to 256 bits
 	orig[64] = 0
 	orig[65] = 1
 	orig[66] = 0
 	orig[67] = 0
 	safemsg := deserializeXfrmAlgoSafe(orig)
 	msg := DeserializeXfrmAlgo(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmAlgoAuth) write(b []byte) {
 	native := NativeEndian()
 	copy(b[0:64], msg.AlgName[:])
 	native.PutUint32(b[64:68], msg.AlgKeyLen)
 	native.PutUint32(b[68:72], msg.AlgTruncLen)
 	copy(b[72:msg.Len()], msg.AlgKey[:])
 }
 func (msg *XfrmAlgoAuth) serializeSafe() []byte {
 	b := make([]byte, msg.Len())
 	msg.write(b)
 	return b
 }
 func deserializeXfrmAlgoAuthSafe(b []byte) *XfrmAlgoAuth {
 	var msg = XfrmAlgoAuth{}
 	copy(msg.AlgName[:], b[0:64])
 	binary.Read(bytes.NewReader(b[64:68]), NativeEndian(), &msg.AlgKeyLen)
 	binary.Read(bytes.NewReader(b[68:72]), NativeEndian(), &msg.AlgTruncLen)
 	msg.AlgKey = b[72:msg.Len()]
 	return &msg
 }
 func TestXfrmAlgoAuthDeserializeSerialize(t *testing.T) {
 	// use a 32 byte key len
 	var orig = make([]byte, SizeofXfrmAlgoAuth+32)
 	rand.Read(orig)
 	// set the key len to 256 bits
 	orig[64] = 0
 	orig[65] = 1
 	orig[66] = 0
 	orig[67] = 0
 	safemsg := deserializeXfrmAlgoAuthSafe(orig)
 	msg := DeserializeXfrmAlgoAuth(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
 func (msg *XfrmEncapTmpl) write(b []byte) {
 	native := NativeEndian()
 	native.PutUint16(b[0:2], msg.EncapType)
 	native.PutUint16(b[2:4], msg.EncapSport)
 	native.PutUint16(b[4:6], msg.EncapDport)
 	copy(b[6:8], msg.Pad[:])
 	msg.EncapOa.write(b[8:SizeofXfrmAddress])
 }
 func (msg *XfrmEncapTmpl) serializeSafe() []byte {
 	b := make([]byte, SizeofXfrmEncapTmpl)
 	msg.write(b)
 	return b
 }
 func deserializeXfrmEncapTmplSafe(b []byte) *XfrmEncapTmpl {
 	var msg = XfrmEncapTmpl{}
 	binary.Read(bytes.NewReader(b[0:SizeofXfrmEncapTmpl]), NativeEndian(), &msg)
 	return &msg
 }
 func TestXfrmEncapTmplDeserializeSerialize(t *testing.T) {
 	var orig = make([]byte, SizeofXfrmEncapTmpl)
 	rand.Read(orig)
 	safemsg := deserializeXfrmEncapTmplSafe(orig)
 	msg := DeserializeXfrmEncapTmpl(orig)
 	testDeserializeSerialize(t, orig, safemsg, msg)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/protinfo.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/protinfo.go
@ -1,53 +0,0 @@
 package netlink
 import (
 	"strings"
 )
 // Protinfo represents bridge flags from netlink.
 type Protinfo struct {
 	Hairpin   bool
 	Guard     bool
 	FastLeave bool
 	RootBlock bool
 	Learning  bool
 	Flood     bool
 }
 // String returns a list of enabled flags
 func (prot *Protinfo) String() string {
 	boolStrings := make([]string, 0)
 	if prot.Hairpin {
 		boolStrings = append(boolStrings, "Hairpin")
 	}
 	if prot.Guard {
 		boolStrings = append(boolStrings, "Guard")
 	}
 	if prot.FastLeave {
 		boolStrings = append(boolStrings, "FastLeave")
 	}
 	if prot.RootBlock {
 		boolStrings = append(boolStrings, "RootBlock")
 	}
 	if prot.Learning {
 		boolStrings = append(boolStrings, "Learning")
 	}
 	if prot.Flood {
 		boolStrings = append(boolStrings, "Flood")
 	}
 	return strings.Join(boolStrings, " ")
 }
 func boolToByte(x bool) []byte {
 	if x {
 		return []byte{1}
 	}
 	return []byte{0}
 }
 func byteToBool(x byte) bool {
 	if uint8(x) != 0 {
 		return true
 	}
 	return false
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/protinfo_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/protinfo_linux.go
@ -1,60 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"syscall"
 	"github.com/vishvananda/netlink/nl"
 )
 func LinkGetProtinfo(link Link) (Protinfo, error) {
 	base := link.Attrs()
 	ensureIndex(base)
 	var pi Protinfo
 	req := nl.NewNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(syscall.AF_BRIDGE)
 	req.AddData(msg)
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	if err != nil {
 		return pi, err
 	}
 	for _, m := range msgs {
 		ans := nl.DeserializeIfInfomsg(m)
 		if int(ans.Index) != base.Index {
 			continue
 		}
 		attrs, err := nl.ParseRouteAttr(m[ans.Len():])
 		if err != nil {
 			return pi, err
 		}
 		for _, attr := range attrs {
 			if attr.Attr.Type != syscall.IFLA_PROTINFO|syscall.NLA_F_NESTED {
 				continue
 			}
 			infos, err := nl.ParseRouteAttr(attr.Value)
 			if err != nil {
 				return pi, err
 			}
 			var pi Protinfo
 			for _, info := range infos {
 				switch info.Attr.Type {
 				case nl.IFLA_BRPORT_MODE:
 					pi.Hairpin = byteToBool(info.Value[0])
 				case nl.IFLA_BRPORT_GUARD:
 					pi.Guard = byteToBool(info.Value[0])
 				case nl.IFLA_BRPORT_FAST_LEAVE:
 					pi.FastLeave = byteToBool(info.Value[0])
 				case nl.IFLA_BRPORT_PROTECT:
 					pi.RootBlock = byteToBool(info.Value[0])
 				case nl.IFLA_BRPORT_LEARNING:
 					pi.Learning = byteToBool(info.Value[0])
 				case nl.IFLA_BRPORT_UNICAST_FLOOD:
 					pi.Flood = byteToBool(info.Value[0])
 				}
 			}
 			return pi, nil
 		}
 	}
 	return pi, fmt.Errorf("Device with index %d not found", base.Index)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/protinfo_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/protinfo_test.go
@ -1,98 +0,0 @@
 package netlink
 import "testing"
 func TestProtinfo(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	master := &Bridge{LinkAttrs{Name: "foo"}}
 	if err := LinkAdd(master); err != nil {
 		t.Fatal(err)
 	}
 	iface1 := &Dummy{LinkAttrs{Name: "bar1", MasterIndex: master.Index}}
 	iface2 := &Dummy{LinkAttrs{Name: "bar2", MasterIndex: master.Index}}
 	iface3 := &Dummy{LinkAttrs{Name: "bar3"}}
 	if err := LinkAdd(iface1); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkAdd(iface2); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkAdd(iface3); err != nil {
 		t.Fatal(err)
 	}
 	oldpi1, err := LinkGetProtinfo(iface1)
 	if err != nil {
 		t.Fatal(err)
 	}
 	oldpi2, err := LinkGetProtinfo(iface2)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkSetHairpin(iface1, true); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkSetRootBlock(iface1, true); err != nil {
 		t.Fatal(err)
 	}
 	pi1, err := LinkGetProtinfo(iface1)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if !pi1.Hairpin {
 		t.Fatalf("Hairpin mode is not enabled for %s, but should", iface1.Name)
 	}
 	if !pi1.RootBlock {
 		t.Fatalf("RootBlock is not enabled for %s, but should", iface1.Name)
 	}
 	if pi1.Guard != oldpi1.Guard {
 		t.Fatalf("Guard field was changed for %s but shouldn't", iface1.Name)
 	}
 	if pi1.FastLeave != oldpi1.FastLeave {
 		t.Fatalf("FastLeave field was changed for %s but shouldn't", iface1.Name)
 	}
 	if pi1.Learning != oldpi1.Learning {
 		t.Fatalf("Learning field was changed for %s but shouldn't", iface1.Name)
 	}
 	if pi1.Flood != oldpi1.Flood {
 		t.Fatalf("Flood field was changed for %s but shouldn't", iface1.Name)
 	}
 	if err := LinkSetGuard(iface2, true); err != nil {
 		t.Fatal(err)
 	}
 	if err := LinkSetLearning(iface2, false); err != nil {
 		t.Fatal(err)
 	}
 	pi2, err := LinkGetProtinfo(iface2)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if pi2.Hairpin {
 		t.Fatalf("Hairpin mode is enabled for %s, but shouldn't", iface2.Name)
 	}
 	if !pi2.Guard {
 		t.Fatalf("Guard is not enabled for %s, but should", iface2.Name)
 	}
 	if pi2.Learning {
 		t.Fatalf("Learning is enabled for %s, but shouldn't", iface2.Name)
 	}
 	if pi2.RootBlock != oldpi2.RootBlock {
 		t.Fatalf("RootBlock field was changed for %s but shouldn't", iface2.Name)
 	}
 	if pi2.FastLeave != oldpi2.FastLeave {
 		t.Fatalf("FastLeave field was changed for %s but shouldn't", iface2.Name)
 	}
 	if pi2.Flood != oldpi2.Flood {
 		t.Fatalf("Flood field was changed for %s but shouldn't", iface2.Name)
 	}
 	if err := LinkSetHairpin(iface3, true); err == nil || err.Error() != "operation not supported" {
 		t.Fatalf("Set protinfo attrs for link without master is not supported, but err: %s", err)
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/route.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/route.go
@ -1,35 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"net"
 	"syscall"
 )
 // Scope is an enum representing a route scope.
 type Scope uint8
 const (
 	SCOPE_UNIVERSE Scope = syscall.RT_SCOPE_UNIVERSE
 	SCOPE_SITE     Scope = syscall.RT_SCOPE_SITE
 	SCOPE_LINK     Scope = syscall.RT_SCOPE_LINK
 	SCOPE_HOST     Scope = syscall.RT_SCOPE_HOST
 	SCOPE_NOWHERE  Scope = syscall.RT_SCOPE_NOWHERE
 )
 // Route represents a netlink route. A route is associated with a link,
 // has a destination network, an optional source ip, and optional
 // gateway. Advanced route parameters and non-main routing tables are
 // currently not supported.
 type Route struct {
 	LinkIndex int
 	Scope     Scope
 	Dst       *net.IPNet
 	Src       net.IP
 	Gw        net.IP
 }
 func (r Route) String() string {
 	return fmt.Sprintf("{Ifindex: %d Dst: %s Src: %s Gw: %s}", r.LinkIndex, r.Dst,
 		r.Src, r.Gw)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/route_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/route_linux.go
@ -1,225 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"net"
 	"syscall"
 	"github.com/vishvananda/netlink/nl"
 )
 // RtAttr is shared so it is in netlink_linux.go
 // RouteAdd will add a route to the system.
 // Equivalent to: `ip route add $route`
 func RouteAdd(route *Route) error {
 	req := nl.NewNetlinkRequest(syscall.RTM_NEWROUTE, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
 	return routeHandle(route, req)
 }
 // RouteAdd will delete a route from the system.
 // Equivalent to: `ip route del $route`
 func RouteDel(route *Route) error {
 	req := nl.NewNetlinkRequest(syscall.RTM_DELROUTE, syscall.NLM_F_ACK)
 	return routeHandle(route, req)
 }
 func routeHandle(route *Route, req *nl.NetlinkRequest) error {
 	if (route.Dst == nil || route.Dst.IP == nil) && route.Src == nil && route.Gw == nil {
 		return fmt.Errorf("one of Dst.IP, Src, or Gw must not be nil")
 	}
 	msg := nl.NewRtMsg()
 	msg.Scope = uint8(route.Scope)
 	family := -1
 	var rtAttrs []*nl.RtAttr
 	if route.Dst != nil && route.Dst.IP != nil {
 		dstLen, _ := route.Dst.Mask.Size()
 		msg.Dst_len = uint8(dstLen)
 		dstFamily := nl.GetIPFamily(route.Dst.IP)
 		family = dstFamily
 		var dstData []byte
 		if dstFamily == FAMILY_V4 {
 			dstData = route.Dst.IP.To4()
 		} else {
 			dstData = route.Dst.IP.To16()
 		}
 		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_DST, dstData))
 	}
 	if route.Src != nil {
 		srcFamily := nl.GetIPFamily(route.Src)
 		if family != -1 && family != srcFamily {
 			return fmt.Errorf("source and destination ip are not the same IP family")
 		}
 		family = srcFamily
 		var srcData []byte
 		if srcFamily == FAMILY_V4 {
 			srcData = route.Src.To4()
 		} else {
 			srcData = route.Src.To16()
 		}
 		// The commonly used src ip for routes is actually PREFSRC
 		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_PREFSRC, srcData))
 	}
 	if route.Gw != nil {
 		gwFamily := nl.GetIPFamily(route.Gw)
 		if family != -1 && family != gwFamily {
 			return fmt.Errorf("gateway, source, and destination ip are not the same IP family")
 		}
 		family = gwFamily
 		var gwData []byte
 		if gwFamily == FAMILY_V4 {
 			gwData = route.Gw.To4()
 		} else {
 			gwData = route.Gw.To16()
 		}
 		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_GATEWAY, gwData))
 	}
 	msg.Family = uint8(family)
 	req.AddData(msg)
 	for _, attr := range rtAttrs {
 		req.AddData(attr)
 	}
 	var (
 		b      = make([]byte, 4)
 		native = nl.NativeEndian()
 	)
 	native.PutUint32(b, uint32(route.LinkIndex))
 	req.AddData(nl.NewRtAttr(syscall.RTA_OIF, b))
 	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
 	return err
 }
 // RouteList gets a list of routes in the system.
 // Equivalent to: `ip route show`.
 // The list can be filtered by link and ip family.
 func RouteList(link Link, family int) ([]Route, error) {
 	req := nl.NewNetlinkRequest(syscall.RTM_GETROUTE, syscall.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWROUTE)
 	if err != nil {
 		return nil, err
 	}
 	index := 0
 	if link != nil {
 		base := link.Attrs()
 		ensureIndex(base)
 		index = base.Index
 	}
 	native := nl.NativeEndian()
 	res := make([]Route, 0)
 	for _, m := range msgs {
 		msg := nl.DeserializeRtMsg(m)
 		if msg.Flags&syscall.RTM_F_CLONED != 0 {
 			// Ignore cloned routes
 			continue
 		}
 		if msg.Table != syscall.RT_TABLE_MAIN {
 			// Ignore non-main tables
 			continue
 		}
 		attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 		if err != nil {
 			return nil, err
 		}
 		route := Route{Scope: Scope(msg.Scope)}
 		for _, attr := range attrs {
 			switch attr.Attr.Type {
 			case syscall.RTA_GATEWAY:
 				route.Gw = net.IP(attr.Value)
 			case syscall.RTA_PREFSRC:
 				route.Src = net.IP(attr.Value)
 			case syscall.RTA_DST:
 				route.Dst = &net.IPNet{
 					IP:   attr.Value,
 					Mask: net.CIDRMask(int(msg.Dst_len), 8*len(attr.Value)),
 				}
 			case syscall.RTA_OIF:
 				routeIndex := int(native.Uint32(attr.Value[0:4]))
 				if link != nil && routeIndex != index {
 					// Ignore routes from other interfaces
 					continue
 				}
 				route.LinkIndex = routeIndex
 			}
 		}
 		res = append(res, route)
 	}
 	return res, nil
 }
 // RouteGet gets a route to a specific destination from the host system.
 // Equivalent to: 'ip route get'.
 func RouteGet(destination net.IP) ([]Route, error) {
 	req := nl.NewNetlinkRequest(syscall.RTM_GETROUTE, syscall.NLM_F_REQUEST)
 	family := nl.GetIPFamily(destination)
 	var destinationData []byte
 	var bitlen uint8
 	if family == FAMILY_V4 {
 		destinationData = destination.To4()
 		bitlen = 32
 	} else {
 		destinationData = destination.To16()
 		bitlen = 128
 	}
 	msg := &nl.RtMsg{}
 	msg.Family = uint8(family)
 	msg.Dst_len = bitlen
 	req.AddData(msg)
 	rtaDst := nl.NewRtAttr(syscall.RTA_DST, destinationData)
 	req.AddData(rtaDst)
 	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWROUTE)
 	if err != nil {
 		return nil, err
 	}
 	native := nl.NativeEndian()
 	res := make([]Route, 0)
 	for _, m := range msgs {
 		msg := nl.DeserializeRtMsg(m)
 		attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 		if err != nil {
 			return nil, err
 		}
 		route := Route{}
 		for _, attr := range attrs {
 			switch attr.Attr.Type {
 			case syscall.RTA_GATEWAY:
 				route.Gw = net.IP(attr.Value)
 			case syscall.RTA_PREFSRC:
 				route.Src = net.IP(attr.Value)
 			case syscall.RTA_DST:
 				route.Dst = &net.IPNet{
 					IP:   attr.Value,
 					Mask: net.CIDRMask(int(msg.Dst_len), 8*len(attr.Value)),
 				}
 			case syscall.RTA_OIF:
 				routeIndex := int(native.Uint32(attr.Value[0:4]))
 				route.LinkIndex = routeIndex
 			}
 		}
 		res = append(res, route)
 	}
 	return res, nil
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/route_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/route_test.go
@ -1,84 +0,0 @@
 package netlink
 import (
 	"net"
 	"testing"
 )
 func TestRouteAddDel(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	// get loopback interface
 	link, err := LinkByName("lo")
 	if err != nil {
 		t.Fatal(err)
 	}
 	// bring the interface up
 	if err = LinkSetUp(link); err != nil {
 		t.Fatal(err)
 	}
 	// add a gateway route
 	_, dst, err := net.ParseCIDR("192.168.0.0/24")
 	ip := net.ParseIP("127.1.1.1")
 	route := Route{LinkIndex: link.Attrs().Index, Dst: dst, Src: ip}
 	err = RouteAdd(&route)
 	if err != nil {
 		t.Fatal(err)
 	}
 	routes, err := RouteList(link, FAMILY_V4)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(routes) != 1 {
 		t.Fatal("Link not added properly")
 	}
 	dstIP := net.ParseIP("192.168.0.42")
 	routeToDstIP, err := RouteGet(dstIP)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(routeToDstIP) == 0 {
 		t.Fatal("Default route not present")
 	}
 	err = RouteDel(&route)
 	if err != nil {
 		t.Fatal(err)
 	}
 	routes, err = RouteList(link, FAMILY_V4)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(routes) != 0 {
 		t.Fatal("Route not removed properly")
 	}
 }
 func TestRouteAddIncomplete(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	// get loopback interface
 	link, err := LinkByName("lo")
 	if err != nil {
 		t.Fatal(err)
 	}
 	// bring the interface up
 	if err = LinkSetUp(link); err != nil {
 		t.Fatal(err)
 	}
 	route := Route{LinkIndex: link.Attrs().Index}
 	if err := RouteAdd(&route); err == nil {
 		t.Fatal("Adding incomplete route should fail")
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm.go
@ -1,64 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"syscall"
 )
 // Proto is an enum representing an ipsec protocol.
 type Proto uint8
 const (
 	XFRM_PROTO_ROUTE2    Proto = syscall.IPPROTO_ROUTING
 	XFRM_PROTO_ESP       Proto = syscall.IPPROTO_ESP
 	XFRM_PROTO_AH        Proto = syscall.IPPROTO_AH
 	XFRM_PROTO_HAO       Proto = syscall.IPPROTO_DSTOPTS
 	XFRM_PROTO_COMP      Proto = syscall.IPPROTO_COMP
 	XFRM_PROTO_IPSEC_ANY Proto = syscall.IPPROTO_RAW
 )
 func (p Proto) String() string {
 	switch p {
 	case XFRM_PROTO_ROUTE2:
 		return "route2"
 	case XFRM_PROTO_ESP:
 		return "esp"
 	case XFRM_PROTO_AH:
 		return "ah"
 	case XFRM_PROTO_HAO:
 		return "hao"
 	case XFRM_PROTO_COMP:
 		return "comp"
 	case XFRM_PROTO_IPSEC_ANY:
 		return "ipsec-any"
 	}
 	return fmt.Sprintf("%d", p)
 }
 // Mode is an enum representing an ipsec transport.
 type Mode uint8
 const (
 	XFRM_MODE_TRANSPORT Mode = iota
 	XFRM_MODE_TUNNEL
 	XFRM_MODE_ROUTEOPTIMIZATION
 	XFRM_MODE_IN_TRIGGER
 	XFRM_MODE_BEET
 	XFRM_MODE_MAX
 )
 func (m Mode) String() string {
 	switch m {
 	case XFRM_MODE_TRANSPORT:
 		return "transport"
 	case XFRM_MODE_TUNNEL:
 		return "tunnel"
 	case XFRM_MODE_ROUTEOPTIMIZATION:
 		return "ro"
 	case XFRM_MODE_IN_TRIGGER:
 		return "in_trigger"
 	case XFRM_MODE_BEET:
 		return "beet"
 	}
 	return fmt.Sprintf("%d", m)
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_policy.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_policy.go
@ -1,59 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"net"
 )
 // Dir is an enum representing an ipsec template direction.
 type Dir uint8
 const (
 	XFRM_DIR_IN Dir = iota
 	XFRM_DIR_OUT
 	XFRM_DIR_FWD
 	XFRM_SOCKET_IN
 	XFRM_SOCKET_OUT
 	XFRM_SOCKET_FWD
 )
 func (d Dir) String() string {
 	switch d {
 	case XFRM_DIR_IN:
 		return "dir in"
 	case XFRM_DIR_OUT:
 		return "dir out"
 	case XFRM_DIR_FWD:
 		return "dir fwd"
 	case XFRM_SOCKET_IN:
 		return "socket in"
 	case XFRM_SOCKET_OUT:
 		return "socket out"
 	case XFRM_SOCKET_FWD:
 		return "socket fwd"
 	}
 	return fmt.Sprintf("socket %d", d-XFRM_SOCKET_IN)
 }
 // XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec
 // policy. These rules are matched with XfrmState to determine encryption
 // and authentication algorithms.
 type XfrmPolicyTmpl struct {
 	Dst   net.IP
 	Src   net.IP
 	Proto Proto
 	Mode  Mode
 	Reqid int
 }
 // XfrmPolicy represents an ipsec policy. It represents the overlay network
 // and has a list of XfrmPolicyTmpls representing the base addresses of
 // the policy.
 type XfrmPolicy struct {
 	Dst      *net.IPNet
 	Src      *net.IPNet
 	Dir      Dir
 	Priority int
 	Index    int
 	Tmpls    []XfrmPolicyTmpl
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_policy_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_policy_linux.go
@ -1,127 +0,0 @@
 package netlink
 import (
 	"syscall"
 	"github.com/vishvananda/netlink/nl"
 )
 func selFromPolicy(sel *nl.XfrmSelector, policy *XfrmPolicy) {
 	sel.Family = uint16(nl.GetIPFamily(policy.Dst.IP))
 	sel.Daddr.FromIP(policy.Dst.IP)
 	sel.Saddr.FromIP(policy.Src.IP)
 	prefixlenD, _ := policy.Dst.Mask.Size()
 	sel.PrefixlenD = uint8(prefixlenD)
 	prefixlenS, _ := policy.Src.Mask.Size()
 	sel.PrefixlenS = uint8(prefixlenS)
 }
 // XfrmPolicyAdd will add an xfrm policy to the system.
 // Equivalent to: `ip xfrm policy add $policy`
 func XfrmPolicyAdd(policy *XfrmPolicy) error {
 	req := nl.NewNetlinkRequest(nl.XFRM_MSG_NEWPOLICY, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
 	msg := &nl.XfrmUserpolicyInfo{}
 	selFromPolicy(&msg.Sel, policy)
 	msg.Priority = uint32(policy.Priority)
 	msg.Index = uint32(policy.Index)
 	msg.Dir = uint8(policy.Dir)
 	msg.Lft.SoftByteLimit = nl.XFRM_INF
 	msg.Lft.HardByteLimit = nl.XFRM_INF
 	msg.Lft.SoftPacketLimit = nl.XFRM_INF
 	msg.Lft.HardPacketLimit = nl.XFRM_INF
 	req.AddData(msg)
 	tmplData := make([]byte, nl.SizeofXfrmUserTmpl*len(policy.Tmpls))
 	for i, tmpl := range policy.Tmpls {
 		start := i * nl.SizeofXfrmUserTmpl
 		userTmpl := nl.DeserializeXfrmUserTmpl(tmplData[start : start+nl.SizeofXfrmUserTmpl])
 		userTmpl.XfrmId.Daddr.FromIP(tmpl.Dst)
 		userTmpl.Saddr.FromIP(tmpl.Src)
 		userTmpl.XfrmId.Proto = uint8(tmpl.Proto)
 		userTmpl.Mode = uint8(tmpl.Mode)
 		userTmpl.Reqid = uint32(tmpl.Reqid)
 		userTmpl.Aalgos = ^uint32(0)
 		userTmpl.Ealgos = ^uint32(0)
 		userTmpl.Calgos = ^uint32(0)
 	}
 	if len(tmplData) > 0 {
 		tmpls := nl.NewRtAttr(nl.XFRMA_TMPL, tmplData)
 		req.AddData(tmpls)
 	}
 	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
 	return err
 }
 // XfrmPolicyDel will delete an xfrm policy from the system. Note that
 // the Tmpls are ignored when matching the policy to delete.
 // Equivalent to: `ip xfrm policy del $policy`
 func XfrmPolicyDel(policy *XfrmPolicy) error {
 	req := nl.NewNetlinkRequest(nl.XFRM_MSG_DELPOLICY, syscall.NLM_F_ACK)
 	msg := &nl.XfrmUserpolicyId{}
 	selFromPolicy(&msg.Sel, policy)
 	msg.Index = uint32(policy.Index)
 	msg.Dir = uint8(policy.Dir)
 	req.AddData(msg)
 	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
 	return err
 }
 // XfrmPolicyList gets a list of xfrm policies in the system.
 // Equivalent to: `ip xfrm policy show`.
 // The list can be filtered by ip family.
 func XfrmPolicyList(family int) ([]XfrmPolicy, error) {
 	req := nl.NewNetlinkRequest(nl.XFRM_MSG_GETPOLICY, syscall.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 	msgs, err := req.Execute(syscall.NETLINK_XFRM, nl.XFRM_MSG_NEWPOLICY)
 	if err != nil {
 		return nil, err
 	}
 	res := make([]XfrmPolicy, 0)
 	for _, m := range msgs {
 		msg := nl.DeserializeXfrmUserpolicyInfo(m)
 		if family != FAMILY_ALL && family != int(msg.Sel.Family) {
 			continue
 		}
 		var policy XfrmPolicy
 		policy.Dst = msg.Sel.Daddr.ToIPNet(msg.Sel.PrefixlenD)
 		policy.Src = msg.Sel.Saddr.ToIPNet(msg.Sel.PrefixlenS)
 		policy.Priority = int(msg.Priority)
 		policy.Index = int(msg.Index)
 		policy.Dir = Dir(msg.Dir)
 		attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 		if err != nil {
 			return nil, err
 		}
 		for _, attr := range attrs {
 			switch attr.Attr.Type {
 			case nl.XFRMA_TMPL:
 				max := len(attr.Value)
 				for i := 0; i < max; i += nl.SizeofXfrmUserTmpl {
 					var resTmpl XfrmPolicyTmpl
 					tmpl := nl.DeserializeXfrmUserTmpl(attr.Value[i : i+nl.SizeofXfrmUserTmpl])
 					resTmpl.Dst = tmpl.XfrmId.Daddr.ToIP()
 					resTmpl.Src = tmpl.Saddr.ToIP()
 					resTmpl.Proto = Proto(tmpl.XfrmId.Proto)
 					resTmpl.Mode = Mode(tmpl.Mode)
 					resTmpl.Reqid = int(tmpl.Reqid)
 					policy.Tmpls = append(policy.Tmpls, resTmpl)
 				}
 			}
 		}
 		res = append(res, policy)
 	}
 	return res, nil
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_policy_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_policy_test.go
@ -1,49 +0,0 @@
 package netlink
 import (
 	"net"
 	"testing"
 )
 func TestXfrmPolicyAddDel(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	src, _ := ParseIPNet("127.1.1.1/32")
 	dst, _ := ParseIPNet("127.1.1.2/32")
 	policy := XfrmPolicy{
 		Src: src,
 		Dst: dst,
 		Dir: XFRM_DIR_OUT,
 	}
 	tmpl := XfrmPolicyTmpl{
 		Src:   net.ParseIP("127.0.0.1"),
 		Dst:   net.ParseIP("127.0.0.2"),
 		Proto: XFRM_PROTO_ESP,
 		Mode:  XFRM_MODE_TUNNEL,
 	}
 	policy.Tmpls = append(policy.Tmpls, tmpl)
 	if err := XfrmPolicyAdd(&policy); err != nil {
 		t.Fatal(err)
 	}
 	policies, err := XfrmPolicyList(FAMILY_ALL)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(policies) != 1 {
 		t.Fatal("Policy not added properly")
 	}
 	if err = XfrmPolicyDel(&policy); err != nil {
 		t.Fatal(err)
 	}
 	policies, err = XfrmPolicyList(FAMILY_ALL)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(policies) != 0 {
 		t.Fatal("Policy not removed properly")
 	}
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_state.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_state.go
@ -1,53 +0,0 @@
 package netlink
 import (
 	"net"
 )
 // XfrmStateAlgo represents the algorithm to use for the ipsec encryption.
 type XfrmStateAlgo struct {
 	Name        string
 	Key         []byte
 	TruncateLen int // Auth only
 }
 // EncapType is an enum representing an ipsec template direction.
 type EncapType uint8
 const (
 	XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1
 	XFRM_ENCAP_ESPINUDP
 )
 func (e EncapType) String() string {
 	switch e {
 	case XFRM_ENCAP_ESPINUDP_NONIKE:
 		return "espinudp-nonike"
 	case XFRM_ENCAP_ESPINUDP:
 		return "espinudp"
 	}
 	return "unknown"
 }
 // XfrmEncap represents the encapsulation to use for the ipsec encryption.
 type XfrmStateEncap struct {
 	Type            EncapType
 	SrcPort         int
 	DstPort         int
 	OriginalAddress net.IP
 }
 // XfrmState represents the state of an ipsec policy. It optionally
 // contains an XfrmStateAlgo for encryption and one for authentication.
 type XfrmState struct {
 	Dst          net.IP
 	Src          net.IP
 	Proto        Proto
 	Mode         Mode
 	Spi          int
 	Reqid        int
 	ReplayWindow int
 	Auth         *XfrmStateAlgo
 	Crypt        *XfrmStateAlgo
 	Encap        *XfrmStateEncap
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_state_linux.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_state_linux.go
@ -1,181 +0,0 @@
 package netlink
 import (
 	"fmt"
 	"syscall"
 	"github.com/vishvananda/netlink/nl"
 )
 func writeStateAlgo(a *XfrmStateAlgo) []byte {
 	algo := nl.XfrmAlgo{
 		AlgKeyLen: uint32(len(a.Key) * 8),
 		AlgKey:    a.Key,
 	}
 	end := len(a.Name)
 	if end > 64 {
 		end = 64
 	}
 	copy(algo.AlgName[:end], a.Name)
 	return algo.Serialize()
 }
 func writeStateAlgoAuth(a *XfrmStateAlgo) []byte {
 	algo := nl.XfrmAlgoAuth{
 		AlgKeyLen:   uint32(len(a.Key) * 8),
 		AlgTruncLen: uint32(a.TruncateLen),
 		AlgKey:      a.Key,
 	}
 	end := len(a.Name)
 	if end > 64 {
 		end = 64
 	}
 	copy(algo.AlgName[:end], a.Name)
 	return algo.Serialize()
 }
 // XfrmStateAdd will add an xfrm state to the system.
 // Equivalent to: `ip xfrm state add $state`
 func XfrmStateAdd(state *XfrmState) error {
 	// A state with spi 0 can't be deleted so don't allow it to be set
 	if state.Spi == 0 {
 		return fmt.Errorf("Spi must be set when adding xfrm state.")
 	}
 	req := nl.NewNetlinkRequest(nl.XFRM_MSG_NEWSA, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
 	msg := &nl.XfrmUsersaInfo{}
 	msg.Family = uint16(nl.GetIPFamily(state.Dst))
 	msg.Id.Daddr.FromIP(state.Dst)
 	msg.Saddr.FromIP(state.Src)
 	msg.Id.Proto = uint8(state.Proto)
 	msg.Mode = uint8(state.Mode)
 	msg.Id.Spi = nl.Swap32(uint32(state.Spi))
 	msg.Reqid = uint32(state.Reqid)
 	msg.ReplayWindow = uint8(state.ReplayWindow)
 	msg.Lft.SoftByteLimit = nl.XFRM_INF
 	msg.Lft.HardByteLimit = nl.XFRM_INF
 	msg.Lft.SoftPacketLimit = nl.XFRM_INF
 	msg.Lft.HardPacketLimit = nl.XFRM_INF
 	req.AddData(msg)
 	if state.Auth != nil {
 		out := nl.NewRtAttr(nl.XFRMA_ALG_AUTH_TRUNC, writeStateAlgoAuth(state.Auth))
 		req.AddData(out)
 	}
 	if state.Crypt != nil {
 		out := nl.NewRtAttr(nl.XFRMA_ALG_CRYPT, writeStateAlgo(state.Crypt))
 		req.AddData(out)
 	}
 	if state.Encap != nil {
 		encapData := make([]byte, nl.SizeofXfrmEncapTmpl)
 		encap := nl.DeserializeXfrmEncapTmpl(encapData)
 		encap.EncapType = uint16(state.Encap.Type)
 		encap.EncapSport = nl.Swap16(uint16(state.Encap.SrcPort))
 		encap.EncapDport = nl.Swap16(uint16(state.Encap.DstPort))
 		encap.EncapOa.FromIP(state.Encap.OriginalAddress)
 		out := nl.NewRtAttr(nl.XFRMA_ENCAP, encapData)
 		req.AddData(out)
 	}
 	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
 	return err
 }
 // XfrmStateDel will delete an xfrm state from the system. Note that
 // the Algos are ignored when matching the state to delete.
 // Equivalent to: `ip xfrm state del $state`
 func XfrmStateDel(state *XfrmState) error {
 	req := nl.NewNetlinkRequest(nl.XFRM_MSG_DELSA, syscall.NLM_F_ACK)
 	msg := &nl.XfrmUsersaId{}
 	msg.Daddr.FromIP(state.Dst)
 	msg.Family = uint16(nl.GetIPFamily(state.Dst))
 	msg.Proto = uint8(state.Proto)
 	msg.Spi = nl.Swap32(uint32(state.Spi))
 	req.AddData(msg)
 	saddr := nl.XfrmAddress{}
 	saddr.FromIP(state.Src)
 	srcdata := nl.NewRtAttr(nl.XFRMA_SRCADDR, saddr.Serialize())
 	req.AddData(srcdata)
 	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
 	return err
 }
 // XfrmStateList gets a list of xfrm states in the system.
 // Equivalent to: `ip xfrm state show`.
 // The list can be filtered by ip family.
 func XfrmStateList(family int) ([]XfrmState, error) {
 	req := nl.NewNetlinkRequest(nl.XFRM_MSG_GETSA, syscall.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 	msgs, err := req.Execute(syscall.NETLINK_XFRM, nl.XFRM_MSG_NEWSA)
 	if err != nil {
 		return nil, err
 	}
 	res := make([]XfrmState, 0)
 	for _, m := range msgs {
 		msg := nl.DeserializeXfrmUsersaInfo(m)
 		if family != FAMILY_ALL && family != int(msg.Family) {
 			continue
 		}
 		var state XfrmState
 		state.Dst = msg.Id.Daddr.ToIP()
 		state.Src = msg.Saddr.ToIP()
 		state.Proto = Proto(msg.Id.Proto)
 		state.Mode = Mode(msg.Mode)
 		state.Spi = int(nl.Swap32(msg.Id.Spi))
 		state.Reqid = int(msg.Reqid)
 		state.ReplayWindow = int(msg.ReplayWindow)
 		attrs, err := nl.ParseRouteAttr(m[msg.Len():])
 		if err != nil {
 			return nil, err
 		}
 		for _, attr := range attrs {
 			switch attr.Attr.Type {
 			case nl.XFRMA_ALG_AUTH, nl.XFRMA_ALG_CRYPT:
 				var resAlgo *XfrmStateAlgo
 				if attr.Attr.Type == nl.XFRMA_ALG_AUTH {
 					if state.Auth == nil {
 						state.Auth = new(XfrmStateAlgo)
 					}
 					resAlgo = state.Auth
 				} else {
 					state.Crypt = new(XfrmStateAlgo)
 					resAlgo = state.Crypt
 				}
 				algo := nl.DeserializeXfrmAlgo(attr.Value[:])
 				(*resAlgo).Name = nl.BytesToString(algo.AlgName[:])
 				(*resAlgo).Key = algo.AlgKey
 			case nl.XFRMA_ALG_AUTH_TRUNC:
 				if state.Auth == nil {
 					state.Auth = new(XfrmStateAlgo)
 				}
 				algo := nl.DeserializeXfrmAlgoAuth(attr.Value[:])
 				state.Auth.Name = nl.BytesToString(algo.AlgName[:])
 				state.Auth.Key = algo.AlgKey
 				state.Auth.TruncateLen = int(algo.AlgTruncLen)
 			case nl.XFRMA_ENCAP:
 				encap := nl.DeserializeXfrmEncapTmpl(attr.Value[:])
 				state.Encap = new(XfrmStateEncap)
 				state.Encap.Type = EncapType(encap.EncapType)
 				state.Encap.SrcPort = int(nl.Swap16(encap.EncapSport))
 				state.Encap.DstPort = int(nl.Swap16(encap.EncapDport))
 				state.Encap.OriginalAddress = encap.EncapOa.ToIP()
 			}
 		}
 		res = append(res, state)
 	}
 	return res, nil
 }
--- a/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_state_test.go
+++ b/Godeps/_workspace/src/github.com/vishvananda/netlink/xfrm_state_test.go
@ -1,50 +0,0 @@
 package netlink
 import (
 	"net"
 	"testing"
 )
 func TestXfrmStateAddDel(t *testing.T) {
 	tearDown := setUpNetlinkTest(t)
 	defer tearDown()
 	state := XfrmState{
 		Src:   net.ParseIP("127.0.0.1"),
 		Dst:   net.ParseIP("127.0.0.2"),
 		Proto: XFRM_PROTO_ESP,
 		Mode:  XFRM_MODE_TUNNEL,
 		Spi:   1,
 		Auth: &XfrmStateAlgo{
 			Name: "hmac(sha256)",
 			Key:  []byte("abcdefghijklmnopqrstuvwzyzABCDEF"),
 		},
 		Crypt: &XfrmStateAlgo{
 			Name: "cbc(aes)",
 			Key:  []byte("abcdefghijklmnopqrstuvwzyzABCDEF"),
 		},
 	}
 	if err := XfrmStateAdd(&state); err != nil {
 		t.Fatal(err)
 	}
 	policies, err := XfrmStateList(FAMILY_ALL)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(policies) != 1 {
 		t.Fatal("State not added properly")
 	}
 	if err = XfrmStateDel(&state); err != nil {
 		t.Fatal(err)
 	}
 	policies, err = XfrmStateList(FAMILY_ALL)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if len(policies) != 0 {
 		t.Fatal("State not removed properly")
 	}
 }
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm.s
@ -1,10 +0,0 @@
 // Copyright 2014 The Go Authors.  All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 TEXT ·use(SB),NOSPLIT,$0
 	RET
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_darwin_386.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_darwin_386.s
@ -1,29 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for 386, Darwin
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-28
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-40
 	JMP	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-52
 	JMP	syscall·Syscall9(SB)
 TEXT ·RawSyscall(SB),NOSPLIT,$0-28
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-40
 	JMP	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_darwin_amd64.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_darwin_amd64.s
@ -1,29 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for AMD64, Darwin
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-56
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-80
 	JMP	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-104
 	JMP	syscall·Syscall9(SB)
 TEXT	·RawSyscall(SB),NOSPLIT,$0-56
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-80
 	JMP	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_dragonfly_386.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_dragonfly_386.s
@ -1,29 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for 386, FreeBSD
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-32
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-44
 	JMP	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-56
 	JMP	syscall·Syscall9(SB)
 TEXT ·RawSyscall(SB),NOSPLIT,$0-32
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-44
 	JMP	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_dragonfly_amd64.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_dragonfly_amd64.s
@ -1,29 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for AMD64, DragonFly
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-64
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-88
 	JMP	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-112
 	JMP	syscall·Syscall9(SB)
 TEXT ·RawSyscall(SB),NOSPLIT,$0-64
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-88
 	JMP	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_freebsd_386.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_freebsd_386.s
@ -1,29 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for 386, FreeBSD
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-28
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-40
 	JMP	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-52
 	JMP	syscall·Syscall9(SB)
 TEXT ·RawSyscall(SB),NOSPLIT,$0-28
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-40
 	JMP	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_freebsd_amd64.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_freebsd_amd64.s
@ -1,29 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for AMD64, FreeBSD
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-56
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-80
 	JMP	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-104
 	JMP	syscall·Syscall9(SB)
 TEXT ·RawSyscall(SB),NOSPLIT,$0-56
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-80
 	JMP	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_freebsd_arm.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_freebsd_arm.s
@ -1,29 +0,0 @@
 // Copyright 2012 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System call support for ARM, FreeBSD
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-28
 	B	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-40
 	B	syscall·Syscall6(SB)
 TEXT	·Syscall9(SB),NOSPLIT,$0-52
 	B	syscall·Syscall9(SB)
 TEXT	·RawSyscall(SB),NOSPLIT,$0-28
 	B	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-40
 	B	syscall·RawSyscall6(SB)
--- a/Godeps/_workspace/src/golang.org/x/sys/unix/asm_linux_386.s
+++ b/Godeps/_workspace/src/golang.org/x/sys/unix/asm_linux_386.s
@ -1,35 +0,0 @@
 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 // +build !gccgo
 #include "textflag.h"
 //
 // System calls for 386, Linux
 //
 // Just jump to package syscall's implementation for all these functions.
 // The runtime may know about them.
 TEXT	·Syscall(SB),NOSPLIT,$0-28
 	JMP	syscall·Syscall(SB)
 TEXT	·Syscall6(SB),NOSPLIT,$0-40
 	JMP	syscall·Syscall6(SB)
 TEXT ·RawSyscall(SB),NOSPLIT,$0-28
 	JMP	syscall·RawSyscall(SB)
 TEXT	·RawSyscall6(SB),NOSPLIT,$0-40
 	JMP	syscall·RawSyscall6(SB)
 TEXT ·socketcall(SB),NOSPLIT,$0-36
 	JMP	syscall·socketcall(SB)
 TEXT ·rawsocketcall(SB),NOSPLIT,$0-36
 	JMP	syscall·rawsocketcall(SB)
 TEXT ·seek(SB),NOSPLIT,$0-28
 	JMP	syscall·seek(SB)
--- a/Show More
+++ b/Show More
		`@ -0,0 +1,3 @@`
							`# Community Code of Conduct`

							`CNI follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).`