libnet/d/overlay: clean up iptables rules on network delete

This commit removes iptables rules configured for secure overlay
networks when a network is deleted. Prior to this commit, only
CreateNetwork() was taking care of removing stale iptables rules.

If one of the iptables rule can't be removed, the erorr is logged but
it doesn't prevent network deletion.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>

libnetwork/drivers/overlay/ov_network.go

@@ -216,6 +216,25 @@ func (d *driver) DeleteNetwork(nid string) error {
 	doPeerFlush = true
 	delete(d.networks, nid)
 
+	if n.secure {
+		for _, s := range n.subnets {
+			if err := programMangle(s.vni, false); err != nil {
+				logrus.WithFields(logrus.Fields{
+					logrus.ErrorKey: err,
+					"network_id":    n.id,
+					"subnet":        s.subnetIP,
+				}).Warn("Failed to clean up iptables rules during overlay network deletion")
+			}
+			if err := programInput(s.vni, false); err != nil {
+				logrus.WithFields(logrus.Fields{
+					logrus.ErrorKey: err,
+					"network_id":    n.id,
+					"subnet":        s.subnetIP,
+				}).Warn("Failed to clean up iptables rules during overlay network deletion")
+			}
+		}
+	}
+
 	return nil
 }