Fix pod egress rule cleanup

cloudnativelabs · Jul 28, 2020 · 8d424ea · 8d424ea
1 parent d66a3bb
commit 8d424ea
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/pkg/controllers/routing/pod_egress.go b/pkg/controllers/routing/pod_egress.go
@@ -61,6 +61,10 @@ func (nrc *NetworkRoutingController) deletePodEgressRule() error {
 	if nrc.isIpv6 {
 		podEgressArgs = podEgressArgs6
 	}
+	if iptablesCmdHandler.HasRandomFully() {
+		podEgressArgs = append(podEgressArgs, "--random-fully")
+	}
+
 	exists, err := iptablesCmdHandler.Exists("nat", "POSTROUTING", podEgressArgs...)
 	if err != nil {
 		return errors.New("Failed to lookup iptables rule to masquerade outbound traffic from pods: " + err.Error())