etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

corrected iptables rules, update log info

This commit is contained in:
Jayapal 2015-08-11 09:55:24 +05:30
parent 62816eb971
commit 013fbd41fb
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
systemvm/patches/debian/config/opt/cloud/bin/configure.py
View File

@ -428,7 +428,7 @@ class CsSite2SiteVpn(CsDataBag):
self.fw.append(["", "front", "-A INPUT -i %s -p udp -m udp --dport 500 -j ACCEPT" % dev])
self.fw.append(["", "front", "-A INPUT -i %s -p udp -m udp --dport 4500 -j ACCEPT" % dev])
self.fw.append(["", "front", "-A INPUT -i %s -p esp -j ACCEPT" % dev])
self.fw.append(["nat", "front", "-A POSTROUTING -t nat -o %s-m mark --set-xmark 0x525/0xffffffff -j ACCEPT" % dev])
self.fw.append(["nat", "front", "-A POSTROUTING -t nat -o %s -m mark --mark 0x525/0xffffffff -j ACCEPT" % dev])
for net in obj['peer_guest_cidr_list'].lstrip().rstrip().split(','):
self.fw.append(["mangle", "front",
"-A FORWARD -s %s -d %s -j MARK --set-xmark 0x525/0xffffffff" % (obj['local_guest_cidr'], net)])
@ -478,7 +478,7 @@ class CsSite2SiteVpn(CsDataBag):
CsHelper.execute("ipsec reload")
#CsHelper.execute("ipsec --add vpn-%s" % rightpeer)
if not obj['passive']:
CsHelper.execute("ipsec up vpn-%s" % rightpeer)
CsHelper.execute("ipsec up vpn-%s &" % rightpeer)
os.chmod(vpnsecretsfile, 0o400)
def convert_sec_to_h(self, val):

2
systemvm/patches/debian/config/opt/cloud/bin/update_config.py
View File

@ -26,7 +26,7 @@ import os.path
import configure
import json
logging.basicConfig(filename='/var/log/cloud.log', level=logging.DEBUG, format='%(asctime)s %(message)s')
logging.basicConfig(filename='/var/log/cloud.log', level=logging.DEBUG, format='%(asctime)s %(funcName)s:%(lineno)d %(message)s')
# first commandline argument should be the file to process
if (len(sys.argv) != 2):

2
tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
View File

@ -28,7 +28,7 @@ function install_vhd_util() {
function debconf_packages() {
echo 'sysstat sysstat/enable boolean true' | debconf-set-selections
echo "openswan openswan/install_x509_certificate boolean false" | debconf-set-selections
echo "strongswan strongswan/install_x509_certificate boolean false" | debconf-set-selections
echo "openswan openswan/install_x509_certificate seen true" | debconf-set-selections
echo "iptables-persistent iptables-persistent/autosave_v4 boolean true" | debconf-set-selections
echo "iptables-persistent iptables-persistent/autosave_v6 boolean true" | debconf-set-selections