Merge pull request #881 from jayapalu/CLOUDSTACK-8905

CLOUDSTACK-8905: Fixed hooking egress rulesAdded hooking the FIREWALL_EGRESS_RULES chain into FW_OUTBOUND chain. With this egress rules will effective. * pr/881: CLOUDSTACK-8905: Fixed hooking egress rules Signed-off-by: Remi Bergsma <github@remi.nl>
2015-09-24 15:36:03 +02:00 · 2015-09-24 15:36:03 +02:00 · 649a4bdc76
parent 4018d47ef8 2bf7fb4b63
commit 649a4bdc76
1 changed files with 1 additions and 0 deletions
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@ -124,6 +124,7 @@ class CsAcl(CsDataBag):
                                    " -m %s " % rule['protocol'] +
                                    " --dport %s -j RETURN" % rnge])
            if self.direction == 'egress':
+                self.fw.append(["filter", "", " -A FW_OUTBOUND -j FIREWALL_EGRESS_RULES"])
                if rule['protocol'] == "icmp":
                    self.fw.append(["filter", "front",
                                    " -A FIREWALL_EGRESS_RULES" +