From 8d424ea09b3983797cd85ba96dcbef9518c61de9 Mon Sep 17 00:00:00 2001
From: "jakub.coufal" <jakub.coufal@wandera.com>
Date: Tue, 28 Jul 2020 13:59:17 +0200
Subject: [PATCH] Fix pod egress rule cleanup

---
 pkg/controllers/routing/pod_egress.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/controllers/routing/pod_egress.go b/pkg/controllers/routing/pod_egress.go
index ac80a68c5b..f9d53aef37 100644
--- a/pkg/controllers/routing/pod_egress.go
+++ b/pkg/controllers/routing/pod_egress.go
@@ -61,6 +61,10 @@ func (nrc *NetworkRoutingController) deletePodEgressRule() error {
 	if nrc.isIpv6 {
 		podEgressArgs = podEgressArgs6
 	}
+	if iptablesCmdHandler.HasRandomFully() {
+		podEgressArgs = append(podEgressArgs, "--random-fully")
+	}
+
 	exists, err := iptablesCmdHandler.Exists("nat", "POSTROUTING", podEgressArgs...)
 	if err != nil {
 		return errors.New("Failed to lookup iptables rule to masquerade outbound traffic from pods: " + err.Error())