Skip to content

Commit

Permalink
fix(nsc): properly check hairpinning rule
Browse files Browse the repository at this point in the history 
Previously, we would iterate over rulesFromNode, but then check it
against the entirety of the rulesNeeded hash. This resulted in the loop
breaking as soon as it found any matching rule from the host rather than
it breaking if it matched the rule that we were currently processing.
  • Loading branch information
@aauren
aauren committed Dec 3, 2021
1 parent 146786a commit 2ca39f1
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions pkg/controllers/proxy/network_services_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1423,11 +1423,11 @@ func (nsc *NetworkServicesController) syncHairpinIptablesRules() error {
}

// Apply the rules we need
for _, ruleArgs := range rulesNeeded {
for rule, ruleArgs := range rulesNeeded {
ruleExists := false
for _, ruleFromNode := range rulesFromNode {
_, ruleExists = rulesNeeded[ruleFromNode]
if ruleExists {
if rule == ruleFromNode {
ruleExists = true
break
}
}
Expand Down

0 comments on commit 2ca39f1

Please sign in to comment.