From 307d5615f9abb617d8df7975d3c3f93755d75a9a Mon Sep 17 00:00:00 2001
From: zooneon <snsxhdz@naver.com>
Date: Tue, 20 May 2025 18:27:08 +0900
Subject: [PATCH] fix: reorder cleanup sequence in node-cache teardown

The previous implementation removed the dummy interface before cleaning up iptables
rules, which could leave orphaned iptables rules referencing the removed interface.
This fix ensures proper cleanup order by:

1. First removing all iptables rules
2. Then removing the dummy interface

This change prevents potential issues where iptables rules might reference a
non-existent interface after teardown.
---
 cmd/node-cache/app/cache_app.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cmd/node-cache/app/cache_app.go b/cmd/node-cache/app/cache_app.go
index 098874c3f..3ec208e3d 100644
--- a/cmd/node-cache/app/cache_app.go
+++ b/cmd/node-cache/app/cache_app.go
@@ -176,9 +176,6 @@ func (c *CacheApp) TeardownNetworking() error {
 		c.exitChan <- struct{}{}
 	}
 	var err error
-	if c.params.SetupInterface {
-		err = c.netifHandle.RemoveDummyDevice(c.params.InterfaceName)
-	}
 	if c.params.SetupIptables {
 		for _, rule := range c.iptablesRules {
 			exists := true
@@ -199,6 +196,9 @@ func (c *CacheApp) TeardownNetworking() error {
 			err = c.iptables.DeleteRule(rule.table, rule.chain, rule.args...)
 		}
 	}
+	if c.params.SetupInterface {
+		err = c.netifHandle.RemoveDummyDevice(c.params.InterfaceName)
+	}
 	return err
 }