CS-16207: Inver-Vlan-Routing: Creating ACL rules with traffic type "Egress" Fails

Reviewed-by: Vijayendra Bhamidipati Description: Capturing return status of iptables commands when setting ingress/egress ACL rules immediately after they execute.
2012-08-29 19:00:49 -07:00 · 2012-08-29 19:00:49 -07:00 · 106ccc5b7b
parent 494975e442
commit 106ccc5b7b
1 changed files with 4 additions and 1 deletions
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_acl.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_acl.sh
@ -121,9 +121,11 @@ acl_entry_for_guest_network() {
      then
        sudo iptables -I ACL_INBOUND_$dev -p $prot -s $lcidr  \
                    --icmp-type $typecode  -j ACCEPT
+        result=$?
      else
        sudo iptables -t mangle -I ACL_OUTBOUND_$dev -p $prot -d $lcidr  \
                    --icmp-type $typecode  -j ACCEPT
+        result=$?
        let egress++
      fi
    else
@ -131,13 +133,14 @@ acl_entry_for_guest_network() {
      then
        sudo iptables -I ACL_INBOUND_$dev -p $prot -s $lcidr \
                    $DPORT -j ACCEPT
+        result=$?
      else
        sudo iptables -t mangle -I ACL_OUTBOUND_$dev -p $prot -d $lcidr \
                    $DPORT -j ACCEPT
+        result=$?
        let egress++
      fi
    fi
-    result=$?
    [ $result -gt 0 ] && 
       logger -t cloud "Error adding iptables entry for guest network : $gcidr,inbound:$inbound:$prot:$sport:$eport:$cidrs" &&
       break