@@ -80,8 +80,8 @@ func (s *securityListManagerImpl) Delete(
8080 lbSubnets []* baremetal.Subnet ,
8181 backendSubnets []* baremetal.Subnet ,
8282 listenerPort uint64 ,
83- backendPort uint64 ) error {
84-
83+ backendPort uint64 ,
84+ ) error {
8585 noSubnets := []* baremetal.Subnet {}
8686 noSourceCIDRs := []string {}
8787
@@ -209,7 +209,7 @@ func getNodeIngressRules(securityList *baremetal.SecurityList, lbSubnets []*bare
209209 ingressRules := []baremetal.IngressSecurityRule {}
210210
211211 for _ , rule := range securityList .IngressSecurityRules {
212- if rule .TCPOptions == nil ||
212+ if rule .TCPOptions == nil || rule . TCPOptions . SourcePortRange != nil || rule . TCPOptions . DestinationPortRange == nil ||
213213 (rule .TCPOptions .DestinationPortRange .Min != port &&
214214 rule .TCPOptions .DestinationPortRange .Max != port ) {
215215 // this rule doesn't apply to this service so nothing to do but keep it
@@ -246,8 +246,7 @@ func getLoadBalancerIngressRules(lbSecurityList *baremetal.SecurityList, sourceC
246246
247247 ingressRules := []baremetal.IngressSecurityRule {}
248248 for _ , rule := range lbSecurityList .IngressSecurityRules {
249-
250- if rule .TCPOptions == nil ||
249+ if rule .TCPOptions == nil || rule .TCPOptions .SourcePortRange != nil || rule .TCPOptions .DestinationPortRange == nil ||
251250 (rule .TCPOptions .DestinationPortRange .Min != port &&
252251 rule .TCPOptions .DestinationPortRange .Max != port ) {
253252 // this rule doesn't apply to this service so nothing to do but keep it
@@ -287,7 +286,7 @@ func getLoadBalancerEgressRules(lbSecurityList *baremetal.SecurityList, nodeSubn
287286
288287 egressRules := []baremetal.EgressSecurityRule {}
289288 for _ , rule := range lbSecurityList .EgressSecurityRules {
290- if rule .TCPOptions == nil ||
289+ if rule .TCPOptions == nil || rule . TCPOptions . SourcePortRange != nil || rule . TCPOptions . DestinationPortRange == nil ||
291290 (rule .TCPOptions .DestinationPortRange .Min != port &&
292291 rule .TCPOptions .DestinationPortRange .Max != port ) {
293292 // this rule doesn't apply to this service so nothing to do but keep it
@@ -325,7 +324,7 @@ func makeEgressSecurityRule(cidrBlock string, port uint64) baremetal.EgressSecur
325324 Destination : cidrBlock ,
326325 Protocol : fmt .Sprintf ("%d" , ProtocolTCP ),
327326 TCPOptions : & baremetal.TCPOptions {
328- DestinationPortRange : baremetal.PortRange {
327+ DestinationPortRange : & baremetal.PortRange {
329328 Min : port ,
330329 Max : port ,
331330 },
@@ -340,7 +339,7 @@ func makeIngressSecurityRule(cidrBlock string, port uint64) baremetal.IngressSec
340339 Source : cidrBlock ,
341340 Protocol : fmt .Sprintf ("%d" , ProtocolTCP ),
342341 TCPOptions : & baremetal.TCPOptions {
343- DestinationPortRange : baremetal.PortRange {
342+ DestinationPortRange : & baremetal.PortRange {
344343 Min : port ,
345344 Max : port ,
346345 },
@@ -352,8 +351,7 @@ func makeIngressSecurityRule(cidrBlock string, port uint64) baremetal.IngressSec
352351// securityListManagerNOOP implements the securityListManager interface but does
353352// no logic, so that it can be used to not handle security lists if the user doesn't wish
354353// to use that feature.
355- type securityListManagerNOOP struct {
356- }
354+ type securityListManagerNOOP struct {}
357355
358356func (s * securityListManagerNOOP ) Update (lbSubnets []* baremetal.Subnet , backendSubnets []* baremetal.Subnet , sourceCIDRs []string , listenerPort uint64 , backendPort uint64 ) error {
359357 return nil
0 commit comments