From 58edfcfdc62b3a9023903bcb5fac73beefde61aa Mon Sep 17 00:00:00 2001
From: Nikolay Sivko <n.sivko@gmail.com>
Date: Thu, 14 Mar 2024 13:34:38 +0300
Subject: [PATCH] prevent deletion of an active connection while removing
 outdated connection with same FD

---
 containers/container.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/containers/container.go b/containers/container.go
index e5c273d..4a4b73e 100644
--- a/containers/container.go
+++ b/containers/container.go
@@ -901,14 +901,19 @@ func (c *Container) gc(now time.Time) {
 	c.revalidateListens(now, listens)
 
 	for srcDst, conn := range c.connectionsActive {
+		pidFd := PidFd{Pid: conn.Pid, Fd: conn.Fd}
 		if _, ok := established[srcDst]; !ok {
 			delete(c.connectionsActive, srcDst)
-			delete(c.connectionsByPidFd, PidFd{Pid: conn.Pid, Fd: conn.Fd})
+			if conn == c.connectionsByPidFd[pidFd] {
+				delete(c.connectionsByPidFd, pidFd)
+			}
 			continue
 		}
 		if !conn.Closed.IsZero() && now.Sub(conn.Closed) > gcInterval {
 			delete(c.connectionsActive, srcDst)
-			delete(c.connectionsByPidFd, PidFd{Pid: conn.Pid, Fd: conn.Fd})
+			if conn == c.connectionsByPidFd[pidFd] {
+				delete(c.connectionsByPidFd, pidFd)
+			}
 		}
 	}
 	for dst, at := range c.connectLastAttempt {