Possible problems with iptables-restore

I don’t know if this is causing any problems, but I thought I’d mention the error for your review.

===================================================================
[[apply.sh:5] iptables-save
[[apply.sh:5] sed ‘s/-A POSTROUTING //’
[[apply.sh:5] grep – ‘-A POSTROUTING.* -o docker0 -j MASQUERADE’
[apply.sh:5] MASQ=’-s 172.17.42.0/24 ! -o docker0 -j MASQUERADE
-s 172.17.0.0/16 ! -o docker0 -j MASQUERADE’
[apply.sh:7] ‘[’ -n ‘-s 172.17.42.0/24 ! -o docker0 -j MASQUERADE
-s 172.17.0.0/16 ! -o docker0 -j MASQUERADE’ ‘]’
[apply.sh:8] cat
[apply.sh:12] sed -i ‘/#POSTRULES/r masq-rules’ content-home/etc/cattle/host-iptables
[apply.sh:15] apply_config iptables-restore -n etc/cattle/host-iptables
[scripts.sh:147] local file=etc/cattle/host-iptables
[scripts.sh:148] local ‘cmd=iptables-restore -n’
[scripts.sh:150] iptables-restore -n content-home/etc/cattle/host-iptables
iptables-restore v1.4.21: Need TCP, UDP, SCTP or DCCP with port specification
Error occurred at line: 23
Try `iptables-restore -h’ or ‘iptables-restore --help’ for more information.
[scripts.sh:151] ‘[’ -e /var/lib/cattle/etc/cattle/host-iptables ‘]’
[scripts.sh:154] return 1

same here.
docker 1.9.1 a34a1d5 (standard install w/ --bip=SPECIFIC_CIDR docker option)
rancher v.0.56.1
bug found on :

  • debian 8
  • ubuntu 14.04 and 15.10
    "everything" works fine until I specify one port mapping.

[[apply.sh:5] iptables-save
[[apply.sh:5] grep – ‘-A POSTROUTING.* -o docker0 -j MASQUERADE’
[[apply.sh:5] sed ‘s/-A POSTROUTING //’
[apply.sh:5] MASQ=’-s SPECIFIC_CIDR ! -o docker0 -j MASQUERADE
-s 172.17.0.0/16 ! -o docker0 -j MASQUERADE’
[apply.sh:7] ‘[’ -n ‘-s SPECIFIC_CIDR ! -o docker0 -j MASQUERADE
-s 172.17.0.0/16 ! -o docker0 -j MASQUERADE’ ‘]’
[apply.sh:8] cat
[apply.sh:12] sed -i ‘/#POSTRULES/r masq-rules’ content-home/etc/cattle/host-iptables
[apply.sh:15] apply_config iptables-restore -n etc/cattle/host-iptables
[scripts.sh:147] local file=etc/cattle/host-iptables
[scripts.sh:148] local ‘cmd=iptables-restore -n’
[scripts.sh:150] iptables-restore -n content-home/etc/cattle/host-iptables
iptables-restore v1.4.21: Need TCP, UDP, SCTP or DCCP with port specification
Error occurred at line: 23
Try `iptables-restore -h’ or ‘iptables-restore --help’ for more information.
[scripts.sh:151] ‘[’ -e /var/lib/cattle/etc/cattle/host-iptables ‘]’
[scripts.sh:154] return 1

Traceback (most recent call last):
File “/var/lib/cattle/pyagent/cattle/utils.py”, line 280, in get_command_output
return check_output(*args, **kw)
File “/var/lib/cattle/pyagent/cattle/utils.py”, line 337, in check_output
raise e1
CalledProcessError: Command ‘[’/var/lib/cattle/config.sh’, u’host-iptables’]’ returned non-zero exit status 1