From c5f9819dac5c8d6d68316140760c0d45206316bd Mon Sep 17 00:00:00 2001
From: Paul Holzinger <paul.holzinger@web.de>
Date: Tue, 30 Mar 2021 10:40:20 +0200
Subject: Silence podman network reload errors with iptables-nft

Make sure we do not display the expected error when using podman network
reload. This is already done for iptables-legacy however iptables-nft
creates a slightly different error message so check for this as well.
The error is logged at info level.

[NO TESTS NEEDED] The test VMs do not use iptables-nft so there is no
way to test this. It is already tested for iptables-legacy.

Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
---
 libpod/networking_linux.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'libpod')

diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index d6968a6b5..8bf532f66 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -916,7 +916,8 @@ func (r *Runtime) reloadContainerNetwork(ctr *Container) ([]*cnitypes.Result, er
 		// teardownCNI will error if the iptables rules do not exists and this is the case after
 		// a firewall reload. The purpose of network reload is to recreate the rules if they do
 		// not exists so we should not log this specific error as error. This would confuse users otherwise.
-		b, rerr := regexp.MatchString("Couldn't load target `CNI-[a-f0-9]{24}':No such file or directory", err.Error())
+		// iptables-legacy and iptables-nft will create different errors make sure to match both.
+		b, rerr := regexp.MatchString("Couldn't load target `CNI-[a-f0-9]{24}':No such file or directory|Chain 'CNI-[a-f0-9]{24}' does not exist", err.Error())
 		if rerr == nil && !b {
 			logrus.Error(err)
 		} else {
-- 
cgit v1.2.3-54-g00ecf