From defdd80cbdf32049b1dce3ec281852e02ca17c2e Mon Sep 17 00:00:00 2001
From: Nicolas Bigler <nicolas.bigler@vshn.ch>
Date: Thu, 12 Apr 2018 18:10:16 +0200
Subject: [PATCH] Fix duplicate comment in iptables rule for non-local
 public-port rule

When kubernetes creates an iptable rule for "from-non-local public-port"
rule the rule gets created with two identical comment section.

The function `iptablesNonLocalNodePortArgs` creates a list of arguments
for the rule from iptablesCommonPortalArgs function. This function
already appends the arguments for the rules comments and therefore does
not require appending the comment again.
---
 pkg/proxy/userspace/proxier.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/proxy/userspace/proxier.go b/pkg/proxy/userspace/proxier.go
index d1c9c5bb83..1efced0864 100644
--- a/pkg/proxy/userspace/proxier.go
+++ b/pkg/proxy/userspace/proxier.go
@@ -1095,7 +1095,7 @@ func (proxier *Proxier) iptablesHostNodePortArgs(nodePort int, protocol api.Prot
 // Build a slice of iptables args for an from-non-local public-port rule.
 func (proxier *Proxier) iptablesNonLocalNodePortArgs(nodePort int, protocol api.Protocol, proxyIP net.IP, proxyPort int, service proxy.ServicePortName) []string {
 	args := iptablesCommonPortalArgs(nil, false, false, proxyPort, protocol, service)
-	args = append(args, "-m", "comment", "--comment", service.String(), "-m", "state", "--state", "NEW", "-j", "ACCEPT")
+	args = append(args, "-m", "state", "--state", "NEW", "-j", "ACCEPT")
 	return args
 }