From 3f2deb51ad8e42dddc5d8cbb4b109959d7f661bb Mon Sep 17 00:00:00 2001
From: Daman Arora <aroradaman@gmail.com>
Date: Tue, 14 May 2024 15:16:18 +0530
Subject: [PATCH] e2e/network: dump iptables and conntrack flows for debugging

Signed-off-by: Daman Arora <aroradaman@gmail.com>
---
 test/e2e/framework/network/utils.go | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/test/e2e/framework/network/utils.go b/test/e2e/framework/network/utils.go
index 67c2e014e62..73d8231897c 100644
--- a/test/e2e/framework/network/utils.go
+++ b/test/e2e/framework/network/utils.go
@@ -342,6 +342,27 @@ func (config *NetworkingTestConfig) DialFromContainer(ctx context.Context, proto
 				}
 				framework.Logf("Dump network information for node %s:\n%s", node.Name, result)
 			}
+			// Dump the node iptables rules and conntrack flows for troubleshooting #123760
+			podList, _ := config.f.ClientSet.CoreV1().Pods("kube-system").List(ctx, metav1.ListOptions{
+				LabelSelector: "k8s-app=kube-proxy",
+			})
+			for _, pod := range podList.Items {
+				// dump only for the node running test-container-pod
+				if pod.Status.HostIP == config.TestContainerPod.Status.HostIP {
+					output, _, _ := e2epod.ExecWithOptions(config.f, e2epod.ExecOptions{
+						Namespace:          "kube-system",
+						PodName:            pod.Name,
+						ContainerName:      "kube-proxy",
+						Command:            []string{"sh", "-c", fmt.Sprintf(`echo "IPTables Dump: " && iptables-save | grep "%s/%s:http" && echo "Conntrack flows: " && conntrack -Ln -p tcp | grep %d`, config.Namespace, config.NodePortService.Name, EndpointHTTPPort)},
+						Stdin:              nil,
+						CaptureStdout:      true,
+						CaptureStderr:      true,
+						PreserveWhitespace: false,
+					})
+					framework.Logf("Dump iptables and connntrack flows\n%s", output)
+					break
+				}
+			}
 			return returnMsg
 		}