Make the routers persistent

- After configuration save the ipdated in files * /etc/iptables/router_rules.v4 and /etc/iptables/router_rules.v6 * Reload the configuration on reboot via the /etc/rc.local using iptables-restore
2015-04-14 15:03:35 +02:00 · 2015-04-14 15:03:35 +02:00 · 2fad87d3f3
parent e81161def8
commit 2fad87d3f3
3 changed files with 32 additions and 3 deletions
--- a/systemvm/patches/debian/config/etc/rc.local
+++ b/systemvm/patches/debian/config/etc/rc.local
@ -46,3 +46,16 @@ python /opt/cloud/bin/baremetal-vr.py &

 date > /var/cache/cloud/boot_up_done
 logger -t cloud "Boot up process done"
+
+#Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
+ipv4="/etc/iptables/router_rules.v4"
+if [ -e $ipv4 ]
+then
+   iptables-restore < $ipv4
+fi
+
+ipv6="/etc/iptables/router_rules.v6"
+if [ -e $ipv6 ]
+then
+   iptables-restore < $ipv6
+fi
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@ -676,6 +676,10 @@ def main(argv):

    mon = CsMonitor("monitorservice", config)
    mon.process()
-
+    
+    #Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
+    CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
+    CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
+    
 if __name__ == "__main__":
    main(sys.argv)
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
@ -16,7 +16,7 @@
 # specific language governing permissions and limitations
 # under the License.
 """ General helper functions
-for use in the configuation process
+for use in the configuration process

 """
 import subprocess
@ -27,7 +27,6 @@ import shutil
 from netaddr import *
 from pprint import pprint

-
 def is_mounted(name):
    for i in execute("mount"):
        vals = i.lstrip().split()
@ -163,6 +162,19 @@ def execute(command):
    return result.splitlines()


+def save_iptables(command, iptables_file):
+    """ Execute command """
+    logging.debug("Saving iptables for %s" % command)
+    
+    result = execute(command)
+    fIptables = open(iptables_file, "w+")
+    
+    for line in result:
+        fIptables.write(line)
+        fIptables.write("\n")
+    fIptables.close()
+
+
 def execute2(command):
    """ Execute command """
    logging.debug("Executing %s" % command)