From 320f810cfb78a672c31f9b991da1c6f13be7848a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iago=20L=C3=B3pez=20Galeiras?= <iago@kinvolk.io>
Date: Tue, 3 May 2016 12:21:58 +0200
Subject: [PATCH 1/2] plugins/bridge: clean masquerading rules

In the Add command we set up masquerading rules that didn't have a
corresponding clean-up code in Del.

Add the clean-up code.
---
 plugins/main/bridge/bridge.go | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/plugins/main/bridge/bridge.go b/plugins/main/bridge/bridge.go
index e4bc106c..cc363a41 100644
--- a/plugins/main/bridge/bridge.go
+++ b/plugins/main/bridge/bridge.go
@@ -238,14 +238,25 @@ func cmdDel(args *skel.CmdArgs) error {
 		return err
 	}
 
-	err = ipam.ExecDel(n.IPAM.Type, args.StdinData)
+	var ipn *net.IPNet
+	err = ns.WithNetNSPath(args.Netns, false, func(hostNS *os.File) error {
+		var err error
+		ipn, err = ip.DelLinkByNameAddr(args.IfName, netlink.FAMILY_V4)
+		return err
+	})
 	if err != nil {
 		return err
 	}
 
-	return ns.WithNetNSPath(args.Netns, false, func(hostNS *os.File) error {
-		return ip.DelLinkByName(args.IfName)
-	})
+	if n.IPMasq {
+		chain := utils.FormatChainName(n.Name, args.ContainerID)
+		comment := utils.FormatComment(n.Name, args.ContainerID)
+		if err = ip.TeardownIPMasq(ipn, chain, comment); err != nil {
+			return err
+		}
+	}
+
+	return ipam.ExecDel(n.IPAM.Type, args.StdinData)
 }
 
 func main() {

From 8c51016e19952526c73425ddcc11b6b6cc47f774 Mon Sep 17 00:00:00 2001
From: Stefan Junker <mail@stefanjunker.de>
Date: Wed, 11 May 2016 18:50:25 +0200
Subject: [PATCH 2/2] plugins/{ptp,bridge}: teardown first

This will allow the IPAM allocations to be cleared in case the
interfaces and iptables rules are non-existent.
---
 plugins/main/bridge/bridge.go | 6 +++++-
 plugins/main/ptp/ptp.go       | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/plugins/main/bridge/bridge.go b/plugins/main/bridge/bridge.go
index cc363a41..e87eb726 100644
--- a/plugins/main/bridge/bridge.go
+++ b/plugins/main/bridge/bridge.go
@@ -238,6 +238,10 @@ func cmdDel(args *skel.CmdArgs) error {
 		return err
 	}
 
+	if err := ipam.ExecDel(n.IPAM.Type, args.StdinData); err != nil {
+		return err
+	}
+
 	var ipn *net.IPNet
 	err = ns.WithNetNSPath(args.Netns, false, func(hostNS *os.File) error {
 		var err error
@@ -256,7 +260,7 @@ func cmdDel(args *skel.CmdArgs) error {
 		}
 	}
 
-	return ipam.ExecDel(n.IPAM.Type, args.StdinData)
+	return nil
 }
 
 func main() {
diff --git a/plugins/main/ptp/ptp.go b/plugins/main/ptp/ptp.go
index 3035c643..05b3b2a3 100644
--- a/plugins/main/ptp/ptp.go
+++ b/plugins/main/ptp/ptp.go
@@ -195,6 +195,10 @@ func cmdDel(args *skel.CmdArgs) error {
 		return fmt.Errorf("failed to load netconf: %v", err)
 	}
 
+	if err := ipam.ExecDel(conf.IPAM.Type, args.StdinData); err != nil {
+		return err
+	}
+
 	var ipn *net.IPNet
 	err := ns.WithNetNSPath(args.Netns, false, func(hostNS *os.File) error {
 		var err error
@@ -213,7 +217,7 @@ func cmdDel(args *skel.CmdArgs) error {
 		}
 	}
 
-	return ipam.ExecDel(conf.IPAM.Type, args.StdinData)
+	return nil
 }
 
 func main() {