NetworkManager: remove duplicate rules in shared dispatcher script

Sometimes on NetworkManager restart a new rule for a shared interface is added, but the old rule is not cleaned up properly, so the rules are just piling up. This patch makes the shared dispatcher script clean up duplicates if it finds any. Change-type: patch Signed-off-by: Michal Toman <[email protected]>
balena-os · Jul 15, 2024 · b4a9edd · b4a9edd
1 parent 5b9716f
commit b4a9edd
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/meta-balena-common/recipes-connectivity/networkmanager/balena-files/90shared b/meta-balena-common/recipes-connectivity/networkmanager/balena-files/90shared
@@ -58,12 +58,14 @@ then
   exit 0
 fi
 
-# Safeguard, this should never happen
-# Exactly 0 or 1 rule should match, bail out if there are more & investigate
-if [ "$(echo "${FW_RULE_ARGS}" | wc -l)" -gt 1 ]
-then
-  fail "More than one rule matched when looking for '${FW_RULE_COMMENT}', bailing out"
-fi
+# Sometimes on NetworkManager restart a new rule is added
+# but the old one is not properly cleand up
+# Remove the duplicates here as the rules are all the same
+while [ "$(echo "${FW_RULE_ARGS}" | wc -l)" -gt 1 ]
+do
+  ${IPTABLES} -D ${FW_RULE_ARGS#-A }
+  FW_RULE_ARGS=$(${IPTABLES} -S FORWARD | grep "sh-fw-${IFNAME}" | grep "${FW_RULE_COMMENT}")
+done
 
 # If the rule is already last, this will do nothing
 # If the rule is not last, the first run through the loop should move it