fix(NSC): add check for podCidr before use

Fixes #1434
cloudnativelabs · Jan 28, 2023 · 29bc619 · 29bc619
1 parent 240cac2
commit 29bc619
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/pkg/controllers/proxy/network_services_controller.go b/pkg/controllers/proxy/network_services_controller.go
@@ -1294,8 +1294,11 @@ func (nsc *NetworkServicesController) deleteBadMasqueradeIptablesRules() error {
 	var argsBad = [][]string{
 		{"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ", "-m", "comment", "--comment", "",
 			"-j", "MASQUERADE"},
-		{"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ", "-m", "comment", "--comment", "",
-			"!", "-s", nsc.podCidr, "!", "-d", nsc.podCidr, "-j", "MASQUERADE"},
+	}
+
+	if len(nsc.podCidr) > 0 {
+		argsBad = append(argsBad, []string{"-m", "ipvs", "--ipvs", "--vdir", "ORIGINAL", "--vmethod", "MASQ",
+		"-m", "comment", "--comment", "", "!", "-s", nsc.podCidr, "!", "-d", nsc.podCidr, "-j", "MASQUERADE"})
 	}
 
 	// If random fully is supported remove the original rules as well