0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #45659 from corhere/backport-24.0/libn/setup-resolver-with-verbose-iptables

Browse source 
[24.0 backport] libnetwork: fix resolver restore w/ chatty 'iptables -C'
This commit is contained in:
Bjorn Neergaard 2023-05-30 15:31:12 -06:00 committed by GitHub
commit 7861aa7e80
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
libnetwork/resolver_unix.go
View file

@ -38,8 +38,7 @@ func (r *Resolver) setupIPTable() error {
iptable := iptables.GetIptable(iptables.IPv4)
// insert outputChain and postroutingchain
err := iptable.RawCombinedOutputNative("-t", "nat", "-C", "OUTPUT", "-d", resolverIP, "-j", outputChain)
if err == nil {
if iptable.ExistsNative("nat", "OUTPUT", "-d", resolverIP, "-j", outputChain) {
if err := iptable.RawCombinedOutputNative("-t", "nat", "-F", outputChain); err != nil {
setupErr = err
return
@ -55,8 +54,7 @@ func (r *Resolver) setupIPTable() error {
}
}
err = iptable.RawCombinedOutputNative("-t", "nat", "-C", "POSTROUTING", "-d", resolverIP, "-j", postroutingChain)
if err == nil {
if iptable.ExistsNative("nat", "POSTROUTING", "-d", resolverIP, "-j", postroutingChain) {
if err := iptable.RawCombinedOutputNative("-t", "nat", "-F", postroutingChain); err != nil {
setupErr = err
return