Skip to content

Commit dca23ad

Browse files
devbvdevbv
committed
portmap: fix bug that new udp connection deletes all existing conntrack entries
Calling AddPort before AddProtocol returns an error, which means ConntrackDeleteFilter has been called without port filter. Signed-off-by: Sang Heon Lee <[email protected]>
1 parent 76307bf commit dca23ad

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

pkg/utils/conntrack.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,8 @@ func DeleteConntrackEntriesForDstIP(dstIP string, protocol uint8) error {
6262
// by the given destination port, protocol and IP family
6363
func DeleteConntrackEntriesForDstPort(port uint16, protocol uint8, family netlink.InetFamily) error {
6464
filter := &netlink.ConntrackFilter{}
65-
filter.AddPort(netlink.ConntrackOrigDstPort, port)
6665
filter.AddProtocol(protocol)
66+
filter.AddPort(netlink.ConntrackOrigDstPort, port)
6767

6868
_, err := netlink.ConntrackDeleteFilter(netlink.ConntrackTable, family, filter)
6969
if err != nil {

0 commit comments

Comments
 (0)