Skip to content

Commit

Permalink
Fix in cleanup.
Browse files Browse the repository at this point in the history
Signed-off-by: Akhilesh Samineni <akhilesh.samineni@broadcom.com>
  • Loading branch information
AkhileshSamineni committed Nov 21, 2019
1 parent f73df2d commit 7d2c620
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 7 deletions.
14 changes: 14 additions & 0 deletions cfgmgr/natmgr.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,20 @@ void NatMgr::cleanupPoolIpTable(void)
}
}

/* This is ideally called on docker stop */
void NatMgr::cleanupMangleIpTables(void)
{
SWSS_LOG_INFO("Cleaning the Mangle IpTables");
for (auto it = m_natZoneInterfaceInfo.begin(); it != m_natZoneInterfaceInfo.end(); it++)
{
/* Delete the mangle iptables rules for non-loopback interface */
if (strncmp((*it).first.c_str(), LOOPBACK_PREFIX, strlen(LOOPBACK_PREFIX)))
{
setMangleIptablesRules(DELETE, (*it).first, (*it).second);
}
}
}

/* To Add/Delete NAPT pool ip table to APPL_DB */
void NatMgr::setNaptPoolIpTable(const string &opCmd, const string &ip_range, const string &port_range)
{
Expand Down
3 changes: 2 additions & 1 deletion cfgmgr/natmgr.h
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,8 @@ class NatMgr : public Orch
using Orch::doTask;

/* Function to be called from signal handler on nat docker stop */
void cleanupPoolIpTable(void);
void cleanupPoolIpTable();
void cleanupMangleIpTables();
bool isPortInitDone(DBConnector *app_db);

private:
Expand Down
7 changes: 1 addition & 6 deletions cfgmgr/natmgrd.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ void sigterm_handler(int signo)
int ret = 0;
std::string res;
const std::string iptablesFlushNat = "iptables -t nat -F";
const std::string iptablesFlushMangle = "iptables -t mangle -F";
const std::string conntrackFlush = "conntrack -F";

SWSS_LOG_NOTICE("Got SIGTERM");
Expand All @@ -73,11 +72,6 @@ void sigterm_handler(int signo)
{
SWSS_LOG_ERROR("Command '%s' failed with rc %d", iptablesFlushNat.c_str(), ret);
}
ret = swss::exec(iptablesFlushMangle, res);
if (ret)
{
SWSS_LOG_ERROR("Command '%s' failed with rc %d", iptablesFlushMangle.c_str(), ret);
}
ret = swss::exec(conntrackFlush, res);
if (ret)
{
Expand All @@ -96,6 +90,7 @@ void sigterm_handler(int signo)

if (natmgr)
{
natmgr->cleanupMangleIpTables();
natmgr->cleanupPoolIpTable();
}
}
Expand Down

0 comments on commit 7d2c620

Please sign in to comment.