Fix metering-agent iptables restore failure

When we removed the trailing space from iptables rules, we broke the code that adds/restores them since it was assuming it could split() based on that space to get the rule. Just detect if the two values are equal, denoting there was no rule instead. This is fine since a self-referencing rule is invalid anyways. Change-Id: I9157ced10de3099790dea7f94aa4e614ebf7f25c Closes-bug: #1623958
2016-09-15 10:40:04 -04:00 · 2016-09-15 10:40:04 -04:00 · 35e386f616
parent 8502ff68cd
commit 35e386f616
1 changed files with 5 additions and 0 deletions
--- a/neutron/agent/linux/iptables_manager.py
+++ b/neutron/agent/linux/iptables_manager.py
@ -765,6 +765,11 @@ def _generate_chain_diff_iptables_commands(chain, old_chain_rules,
        elif line.startswith('+'):  # line added
            # strip the chain name since we have to add it before the index
            rule = line[5:].split(' ', 1)[-1]
+            # IptablesRule does not add trailing spaces for rules, so we
+            # have to detect that here by making sure this chain isn't
+            # referencing itself
+            if rule == chain:
+                rule = ''
            # rule inserted at this position
            statements.append('-I %s %d %s' % (chain, old_index, rule))
        old_index += 1