From 3b52a3344e486866e881168dd86f39c999597b02 Mon Sep 17 00:00:00 2001
From: mreiger <michael@rauschpfeife.net>
Date: Wed, 3 Jan 2024 18:23:07 +0100
Subject: [PATCH] Do not use old FQDNState to prevent keeping stale entries in
 the status

---
 pkg/nftables/networkpolicy.go | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/pkg/nftables/networkpolicy.go b/pkg/nftables/networkpolicy.go
index e4db6e87..f6dfc3df 100644
--- a/pkg/nftables/networkpolicy.go
+++ b/pkg/nftables/networkpolicy.go
@@ -82,7 +82,7 @@ func clusterwideNetworkPolicyEgressRules(
 			ruleBases = append(ruleBases, ruleBase{base: rb})
 		} else if len(e.ToFQDNs) > 0 && cache.IsInitialized() {
 			// Generate allow rules based on DNS selectors
-			rbs, u := clusterwideNetworkPolicyEgressToFQDNRules(cache, np.Status.FQDNState, e)
+			rbs, u := clusterwideNetworkPolicyEgressToFQDNRules(cache, e)
 			np.Status.FQDNState = u
 			ruleBases = append(ruleBases, rbs...)
 		}
@@ -112,12 +112,9 @@ func clusterwideNetworkPolicyEgressToRules(e firewallv1.EgressRule) (allow, exce
 
 func clusterwideNetworkPolicyEgressToFQDNRules(
 	cache FQDNCache,
-	fqdnState firewallv1.FQDNState,
 	e firewallv1.EgressRule,
 ) (rules []ruleBase, updatedState firewallv1.FQDNState) {
-	if fqdnState == nil {
-		fqdnState = firewallv1.FQDNState{}
-	}
+	fqdnState := firewallv1.FQDNState{}
 
 	for _, fqdn := range e.ToFQDNs {
 		fqdnName := fqdn.MatchName