From 271b1ee58a6804f82cf13cc875231f076583eb98 Mon Sep 17 00:00:00 2001
From: Kelven Yang <kelven@cloud.com>
Date: Tue, 28 Dec 2010 17:14:41 -0800
Subject: [PATCH] add consoleproxy.disable.rpfilter configuration variable to
 get rid of the annoying access issue in development environment.

set it to true for development environment, it will allows traffic that comes in from public interface to be able to be routed back from private interface
---
 .../consoleproxy/ConsoleProxyResource.java       | 16 ++++++++++++++++
 server/src/com/cloud/configuration/Config.java   |  1 +
 .../consoleproxy/ConsoleProxyManagerImpl.java    |  8 +++++++-
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java b/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
index a5f4deb1776..efe6ea3861f 100644
--- a/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
+++ b/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
@@ -161,6 +161,17 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
     	
         return new Answer(cmd, success, errorStr!=null?errorStr:successStr);
     }
+    
+    private void disableRpFilter() {
+    	try {
+			FileWriter fstream = new FileWriter("/proc/sys/net/ipv4/conf/eth2/rp_filter");
+			BufferedWriter out = new BufferedWriter(fstream);
+			out.write("0");
+			out.close();
+    	} catch(IOException e) {
+    		s_logger.warn("Unable to disable rp_filter");
+    	}
+    }
 
 	private boolean copyCertToDirectory(String certificate, String filePath) throws IOException {
 		boolean success;
@@ -302,6 +313,11 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
         
         _pubIp = (String)params.get("public.ip");
         
+        value = (String)params.get("disable_rp_filter");
+        if(value != null && value.equalsIgnoreCase("true")) {
+        	disableRpFilter();
+        }
+        
         if(s_logger.isInfoEnabled())
         	s_logger.info("Receive proxyVmId in ConsoleProxyResource configuration as " + _proxyVmId);
         
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index a3fe5052336..f12828019e4 100644
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -97,6 +97,7 @@ public enum Config {
 	ConsoleProxyRamSize("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.ram.size", "1024", "RAM size (in MB) used to create new console proxy VMs", null),
 	ConsoleProxySessionMax("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.session.max", "50", "The max number of viewer sessions console proxy is configured to serve for", null),
 	ConsoleProxySessionTimeout("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.session.timeout", "300000", "Timeout(in milliseconds) that console proxy tries to maintain a viewer session before it times out the session for no activity", null),
+	ConsoleProxyDisableRpFilter("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.disable.rpfilter", "false", "disable rp_filter on console proxy VM public interface", null),
 	
 	// ConsoleProxyURLPort("Console Proxy", ManagementServer.class, Integer.class, "consoleproxy.url.port", "80", "Console proxy port for AJAX viewer", null),
 	
diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index da41b0e05b1..4ccbe5b508d 100644
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -262,7 +262,7 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
     private int _ssh_sleep;
     private boolean _use_lvm;
     private boolean _use_storage_vm;
-
+    private boolean _disable_rp_filter = false;
     private String _domain;
     private String _instance;
     
@@ -1844,6 +1844,10 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
         if (value != null) {
             _consoleProxyUrlPort = NumbersUtil.parseInt(value, ConsoleProxyManager.DEFAULT_PROXY_URL_PORT);
         }
+        
+        value = configs.get(Config.ConsoleProxyDisableRpFilter.key());
+        if(value != null && value.equalsIgnoreCase("true"))
+        	_disable_rp_filter = true;
 
         value = configs.get("system.vm.use.local.storage");
         if (value != null && value.equalsIgnoreCase("true")) {
@@ -1948,6 +1952,8 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
         buf.append(" pod=").append(dest.getPod().getId());
         buf.append(" guid=Proxy.").append(profile.getId());
         buf.append(" proxy_vm=").append(profile.getId());
+        if(_disable_rp_filter)
+            buf.append(" disable_rp_filter=true");
 
         boolean externalDhcp = false;
         String externalDhcpStr = _configDao.getValue("direct.attach.network.externalIpAllocator.enabled");