From fc91905b646e64584f5a9c48e61c530744d33551 Mon Sep 17 00:00:00 2001
From: David Sommerseth <davids@redhat.com>
Date: Fri, 25 Sep 2015 22:56:06 +0200
Subject: Fix iptables cleanup bug

Signed-off-by: David Sommerseth <davids@redhat.com>
---
 LogActio/Reporters/IPTipset.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/LogActio/Reporters/IPTipset.py b/LogActio/Reporters/IPTipset.py
index a033cd3..baf4b68 100644
--- a/LogActio/Reporters/IPTipset.py
+++ b/LogActio/Reporters/IPTipset.py
@@ -226,7 +226,13 @@ class IPTipset(LogActio.ReporterQueue.ReporterQueue):
 
         for chain in self.__iptchains:
             # Prepare iptables command line
-            args = ["iptables", "-D", chain,
+            args = False
+            if self.__iptchaininserts and self.__iptchaininserts.has_key(chain):
+                args = ["iptables", "-D", chain, self.__iptchaininserts[chain],
+                        "-m", "set", "--match-set", self.__ipsetname,
+                        "-j", self.__iptchainsjump]
+            else:
+                args = ["iptables", "-D", chain,
                         "-m", "set", "--match-set", self.__ipsetname, "src",
                         "-j", self.__iptchainsjump]
 
@@ -276,8 +282,8 @@ class IPTipset(LogActio.ReporterQueue.ReporterQueue):
                     registered.append(m["ipaddress"])
 
 
-        # self.__cleanup_iptables()  # Not working - not getting a match ... iptables bug?
-
+        if self.__iptchains:
+            self.__cleanup_iptables()
         self.__log(3, "[IPTipset] Module shut down")
 
 
-- 
cgit