ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity

pkg/ip: Tearing down ipmasq should be idempotent

Browse Source
This commit is contained in:
Casey Callendrello 2018-02-21 15:38:16 +01:00
parent fa2bf4c210
commit c850d4514d
1 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
pkg/ip/ipmasq_linux.go
View File

@ -89,13 +89,31 @@ func TeardownIPMasq(ipn *net.IPNet, chain string, comment string) error {
return fmt.Errorf("failed to locate iptables: %v", err) return fmt.Errorf("failed to locate iptables: %v", err)
} }
if err = ipt.Delete("nat", "POSTROUTING", "-s", ipn.String(), "-j", chain, "-m", "comment", "--comment", comment); err != nil { err = ipt.Delete("nat", "POSTROUTING", "-s", ipn.String(), "-j", chain, "-m", "comment", "--comment", comment)
if err != nil && !isNotExist(err) {
return err return err
} }
if err = ipt.ClearChain("nat", chain); err != nil { err = ipt.ClearChain("nat", chain)
if err != nil && !isNotExist(err) {
return err
}
err = ipt.DeleteChain("nat", chain)
if err != nil && !isNotExist(err) {
return err return err
} }
return ipt.DeleteChain("nat", chain) return nil
}
// isNotExist returnst true if the error is from iptables indicating
// that the target does not exist.
func isNotExist(err error) bool {
e, ok := err.(*iptables.Error)
if !ok {
return false
}
return e.IsNotExist()
} }