etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CS-16409 : dhcp request doesn't have target ip, remove ip in the iptable rule

This commit is contained in:
Anthony Xu 2012-09-27 20:24:37 -07:00 committed by Alex Huang
parent 4cb4628bec
commit 1ff798ca76
1 changed files with 0 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
View File

@ -132,11 +132,6 @@ create_guest_network() {
sudo ip addr add dev $dev $ip/$mask brd +
sudo ip link set $dev up
sudo arping -c 3 -I $dev -A -U -s $ip $ip
# setup rules to allow dhcp/dns request
sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 67 -j ACCEPT
sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
sudo iptables -A INPUT -i $dev -d $ip -p udp -m udp --dport 67 -j ACCEPT
sudo iptables -A INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
# restore mark from connection mark
local tableName="Table_$dev"
sudo ip route add $subnet/$mask dev $dev table $tableName proto static
@ -155,8 +150,6 @@ destroy_guest_network() {
logger -t cloud " $(basename $0): Create network on interface $dev, gateway $gw, network $ip/$mask "
sudo ip addr del dev $dev $ip/$mask
sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 67 -j ACCEPT
sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
sudo iptables -t nat -D POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
destroy_acl_chain