diff --git a/ironic_discoverd/firewall.py b/ironic_discoverd/firewall.py index b764b215f..4047306d7 100644 --- a/ironic_discoverd/firewall.py +++ b/ironic_discoverd/firewall.py @@ -69,6 +69,15 @@ def _clean_up(chain): _iptables('-X', chain, ignore=True) +def clean_up(): + """Clean up everything before exiting.""" + if not CONF.discoverd.manage_firewall: + return + + _clean_up(CHAIN) + _clean_up(NEW_CHAIN) + + def update_filters(ironic=None): """Update firewall filter rules for introspection. diff --git a/ironic_discoverd/main.py b/ironic_discoverd/main.py index c6bc2c7cc..fe230c02f 100644 --- a/ironic_discoverd/main.py +++ b/ironic_discoverd/main.py @@ -188,6 +188,9 @@ def main(args=sys.argv[1:]): # pragma: no cover logging.INFO if debug else logging.ERROR) init() - app.run(debug=debug, - host=CONF.discoverd.listen_address, - port=CONF.discoverd.listen_port) + try: + app.run(debug=debug, + host=CONF.discoverd.listen_address, + port=CONF.discoverd.listen_port) + finally: + firewall.clean_up()