From a0c2a4344b8f211c502dc1e1c161d94bb778a51b Mon Sep 17 00:00:00 2001
From: bobz965 <zhangbingbing2_yewu@cmss.chinamobile.com>
Date: Fri, 17 May 2024 09:58:26 +0800
Subject: [PATCH] log deleting iptables rule (#4031)

Signed-off-by: bobz965 <zhangbingbing2_yewu@cmss.chinamobile.com>
---
 pkg/daemon/gateway_linux.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/pkg/daemon/gateway_linux.go b/pkg/daemon/gateway_linux.go
index 3803fa34f87..2ed8c556f83 100644
--- a/pkg/daemon/gateway_linux.go
+++ b/pkg/daemon/gateway_linux.go
@@ -1093,15 +1093,20 @@ func (c *Controller) generateNatOutgoingPolicyChainRules(protocol string) ([]uti
 }
 
 func deleteIptablesRule(ipt *iptables.IPTables, rule util.IPTableRule) error {
-	klog.V(3).Infof("delete iptables rule: %v", rule)
 	if rule.Pos != "" {
+		klog.Infof("delete iptables rule by pos %s: %v", rule.Pos, rule)
 		if err := ipt.Delete(rule.Table, rule.Chain, rule.Pos); err != nil {
 			klog.Errorf("failed to delete iptables %s rule %q: %v", rule.Chain, strings.Join(rule.Rule, " "), err)
 			return err
 		}
 		return nil
 	}
-	if err := ipt.DeleteIfExists(rule.Table, rule.Chain, rule.Rule...); err != nil {
+	exists, err := ipt.Exists(rule.Table, rule.Chain, rule.Rule...)
+	if err == nil && exists {
+		klog.Infof("delete iptables rule: %v", rule)
+		err = ipt.Delete(rule.Table, rule.Chain, rule.Rule...)
+	}
+	if err != nil {
 		klog.Errorf("failed to delete iptables rule %q: %v", strings.Join(rule.Rule, " "), err)
 		return err
 	}