github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix duplicate comment in iptables rule for non-local public-port rule 

When kubernetes creates an iptable rule for "from-non-local public-port"
rule the rule gets created with two identical comment section.

The function `iptablesNonLocalNodePortArgs` creates a list of arguments
for the rule from iptablesCommonPortalArgs function. This function
already appends the arguments for the rules comments and therefore does
not require appending the comment again.
pull/8/head
Nicolas Bigler 2018-04-12 18:10:16 +02:00
parent dacb9ad692
commit defdd80cbd
No known key found for this signature in database
GPG Key ID: 091039954DFB94DF
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/proxy/userspace/proxier.go
View File

@ -1095,7 +1095,7 @@ func (proxier *Proxier) iptablesHostNodePortArgs(nodePort int, protocol api.Prot
// Build a slice of iptables args for an from-non-local public-port rule.
func (proxier *Proxier) iptablesNonLocalNodePortArgs(nodePort int, protocol api.Protocol, proxyIP net.IP, proxyPort int, service proxy.ServicePortName) []string {
args := iptablesCommonPortalArgs(nil, false, false, proxyPort, protocol, service)
args = append(args, "-m", "comment", "--comment", service.String(), "-m", "state", "--state", "NEW", "-j", "ACCEPT")
args = append(args, "-m", "state", "--state", "NEW", "-j", "ACCEPT")
return args
}