etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug 11455: adding firewall rule chain to the main chain in the case when vpn chain is not present. 

Reviewed-by: Murali.Reddy@citrix.com
This commit is contained in:
Naredula Janardhana Reddy 2011-09-16 18:18:19 +05:30
parent 5a6671b139
commit 554978de37
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
patches/systemvm/debian/config/root/firewall_rule.sh
View File

@ -61,6 +61,12 @@ fw_chain_for_ip () {
sudo iptables -t mangle -I FIREWALL_$pubIp -m state --state RELATED,ESTABLISHED -j ACCEPT> /dev/null
#ensure that this table is after VPN chain
sudo iptables -t mangle -I PREROUTING 2 -d $pubIp -j FIREWALL_$pubIp
success=$?
if [ $success -gt 0 ]
then
# if VPN chain is not present for various reasons, try to add in to the first slot */
sudo iptables -t mangle -I PREROUTING -d $pubIp -j FIREWALL_$pubIp
fi
}
fw_entry_for_public_ip() {