mirrors/kube-router
1
0
Fork 0
mirror of https://github.com/cloudnativelabs/kube-router.git synced 2025-11-21 04:51:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(NSC): add check for podCidr before use

Browse Source 
Fixes #1434
This commit is contained in:
Aaron U'Ren 2023-01-28 01:19:47 +00:00
parent 240cac29c9
commit 1d1ff0599a
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/controllers/proxy/network_services_controller.go
View File

@ -1294,8 +1294,11 @@ func (nsc *NetworkServicesController) deleteBadMasqueradeIptablesRules() error {
var argsBad = [][]string{ var argsBad = [][]string{
{"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ", "-m", "comment", "--comment", "", {"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ", "-m", "comment", "--comment", "",
"-j", "MASQUERADE"}, "-j", "MASQUERADE"},
{"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ", "-m", "comment", "--comment", "", }
"!", "-s", nsc.podCidr, "!", "-d", nsc.podCidr, "-j", "MASQUERADE"},
if len(nsc.podCidr) > 0 {
argsBad = append(argsBad, []string{"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ",
"-m", "comment", "--comment", "", "!", "-s", nsc.podCidr, "!", "-d", nsc.podCidr, "-j", "MASQUERADE"})
} }
// If random fully is supported remove the original rules as well // If random fully is supported remove the original rules as well