github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix duplicate comment in iptables rule for non-local public-port rule

Browse Source 
When kubernetes creates an iptable rule for "from-non-local public-port"
rule the rule gets created with two identical comment section.

The function `iptablesNonLocalNodePortArgs` creates a list of arguments
for the rule from iptablesCommonPortalArgs function. This function
already appends the arguments for the rules comments and therefore does
not require appending the comment again.
This commit is contained in:
Nicolas Bigler
2018-04-12 18:10:16 +02:00
parent dacb9ad692
commit defdd80cbd
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/proxy/userspace/proxier.go
View File

@@ -1095,7 +1095,7 @@ func (proxier *Proxier) iptablesHostNodePortArgs(nodePort int, protocol api.Prot
// Build a slice of iptables args for an from-non-local public-port rule.
func (proxier *Proxier) iptablesNonLocalNodePortArgs(nodePort int, protocol api.Protocol, proxyIP net.IP, proxyPort int, service proxy.ServicePortName) []string {
args := iptablesCommonPortalArgs(nil, false, false, proxyPort, protocol, service)
args = append(args, "-m", "comment", "--comment", service.String(), "-m", "state", "--state", "NEW", "-j", "ACCEPT")
args = append(args, "-m", "state", "--state", "NEW", "-j", "ACCEPT")
return args
}