Fix in cleanup.

AkhileshSamineni · AkhileshSamineni · commit 7d2c620b9a15 · 2019-11-21T08:04:13.000-08:00
Signed-off-by: Akhilesh Samineni &lt;akhilesh.samineni@broadcom.com&gt;
diff --git a/cfgmgr/natmgr.cpp b/cfgmgr/natmgr.cpp
@@ -264,6 +264,20 @@ void NatMgr::cleanupPoolIpTable(void)
     }
 }
 
+/* This is ideally called on docker stop  */
+void NatMgr::cleanupMangleIpTables(void)
+{
+    SWSS_LOG_INFO("Cleaning the Mangle IpTables");
+    for (auto it = m_natZoneInterfaceInfo.begin(); it != m_natZoneInterfaceInfo.end(); it++)
+    {
+        /* Delete the mangle iptables rules for non-loopback interface */
+        if (strncmp((*it).first.c_str(), LOOPBACK_PREFIX, strlen(LOOPBACK_PREFIX)))
+        {
+            setMangleIptablesRules(DELETE, (*it).first, (*it).second);
+        }
+    }
+}
+
 /* To Add/Delete NAPT pool ip table to APPL_DB */
 void NatMgr::setNaptPoolIpTable(const string &opCmd, const string &ip_range, const string &port_range)
 {
diff --git a/cfgmgr/natmgr.h b/cfgmgr/natmgr.h
@@ -231,7 +231,8 @@ class NatMgr : public Orch
     using Orch::doTask; 
 
     /* Function to be called from signal handler on nat docker stop */
-    void cleanupPoolIpTable(void);
+    void cleanupPoolIpTable();
+    void cleanupMangleIpTables();
     bool isPortInitDone(DBConnector *app_db);
    
 private:
diff --git a/cfgmgr/natmgrd.cpp b/cfgmgr/natmgrd.cpp
@@ -62,7 +62,6 @@ void sigterm_handler(int signo)
     int ret = 0;
     std::string res;
     const std::string iptablesFlushNat          = "iptables -t nat -F";
-    const std::string iptablesFlushMangle       = "iptables -t mangle -F";
     const std::string conntrackFlush            = "conntrack -F";
 
     SWSS_LOG_NOTICE("Got SIGTERM");
@@ -73,11 +72,6 @@ void sigterm_handler(int signo)
     {
         SWSS_LOG_ERROR("Command '%s' failed with rc %d", iptablesFlushNat.c_str(), ret);
     }
-    ret = swss::exec(iptablesFlushMangle, res);
-    if (ret)
-    {
-        SWSS_LOG_ERROR("Command '%s' failed with rc %d", iptablesFlushMangle.c_str(), ret);
-    }
     ret = swss::exec(conntrackFlush, res);
     if (ret)
     {
@@ -96,6 +90,7 @@ void sigterm_handler(int signo)
     
     if (natmgr)
     {
+        natmgr->cleanupMangleIpTables();
         natmgr->cleanupPoolIpTable();
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,6 @@ void sigterm_handler(int signo)`
`62`	`62`	`int ret = 0;`
`63`	`63`	`std::string res;`
`64`	`64`	`const std::string iptablesFlushNat = "iptables -t nat -F";`
`65`		`- const std::string iptablesFlushMangle = "iptables -t mangle -F";`
`66`	`65`	`const std::string conntrackFlush = "conntrack -F";`
`67`	`66`
`68`	`67`	`SWSS_LOG_NOTICE("Got SIGTERM");`
`@@ -73,11 +72,6 @@ void sigterm_handler(int signo)`
`73`	`72`	`{`
`74`	`73`	`SWSS_LOG_ERROR("Command '%s' failed with rc %d", iptablesFlushNat.c_str(), ret);`
`75`	`74`	`}`
`76`		`- ret = swss::exec(iptablesFlushMangle, res);`
`77`		`- if (ret)`
`78`		`- {`
`79`		`- SWSS_LOG_ERROR("Command '%s' failed with rc %d", iptablesFlushMangle.c_str(), ret);`
`80`		`- }`
`81`	`75`	`ret = swss::exec(conntrackFlush, res);`
`82`	`76`	`if (ret)`
`83`	`77`	`{`
`@@ -96,6 +90,7 @@ void sigterm_handler(int signo)`
`96`	`90`
`97`	`91`	`if (natmgr)`
`98`	`92`	`{`
	`93`	`+ natmgr->cleanupMangleIpTables();`
`99`	`94`	`natmgr->cleanupPoolIpTable();`
`100`	`95`	`}`
`101`	`96`	`}`