From dca23ad451a7cada49efeaee2581329e445136c5 Mon Sep 17 00:00:00 2001
From: Sang Heon Lee <developistBV@gmail.com>
Date: Sat, 19 Feb 2022 05:11:13 +0900
Subject: [PATCH] portmap: fix bug that new udp connection deletes all existing
 conntrack entries

Calling AddPort before AddProtocol returns an error, which means ConntrackDeleteFilter has been called without port filter.

Signed-off-by: Sang Heon Lee <developistBV@gmail.com>
---
 pkg/utils/conntrack.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/utils/conntrack.go b/pkg/utils/conntrack.go
index 0b11f6c18..5fa3e9bcc 100644
--- a/pkg/utils/conntrack.go
+++ b/pkg/utils/conntrack.go
@@ -62,8 +62,8 @@ func DeleteConntrackEntriesForDstIP(dstIP string, protocol uint8) error {
 // by the given destination port, protocol and IP family
 func DeleteConntrackEntriesForDstPort(port uint16, protocol uint8, family netlink.InetFamily) error {
 	filter := &netlink.ConntrackFilter{}
-	filter.AddPort(netlink.ConntrackOrigDstPort, port)
 	filter.AddProtocol(protocol)
+	filter.AddPort(netlink.ConntrackOrigDstPort, port)
 
 	_, err := netlink.ConntrackDeleteFilter(netlink.ConntrackTable, family, filter)
 	if err != nil {