etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

VPC : fix for port forwarding

This commit is contained in:
anthony 2012-06-25 15:49:35 -07:00
parent b407b8831c
commit 781752b4c7
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
View File

@ -7334,11 +7334,11 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
boolean endResult = true;
for (PortForwardingRuleTO rule : cmd.getRules()) {
String args ="vpc_portforwarding " + routerIp;
String args ="vpc_portforwarding.sh " + routerIp;
args += rule.revoked() ? " -D" : " -A";
args += " -P " + rule.getProtocol().toLowerCase();
args += " -l " + rule.getSrcIp();
args += " -p " + rule.getStringSrcPortRange().replace(":", "-");
args += " -p " + rule.getStringSrcPortRange();
args += " -r " + rule.getDstIp();
args += " -d " + rule.getStringDstPortRange().replace(":", "-");

13
patches/systemvm/debian/config/opt/cloud/bin/vpc_portforwarding → patches/systemvm/debian/config/opt/cloud/bin/vpc_portforwarding.sh
View File

@ -41,7 +41,7 @@ tcp_or_udp_nat() {
instance ip=$instIp proto=$proto port=$port dport=$dport op=$op"
#if adding, this might be a duplicate, so delete the old one first
[ "$op" == "-A" ] && tcp_or_udp_entry "-D" $proto $publicIp $ports $instIp $dports
[ "$op" == "-A" ] && tcp_or_udp_nat "-D" $proto $publicIp $ports $instIp $dports
# the delete operation may have errored out but the only possible reason is
# that the rules didn't exist in the first place
# shortcircuit the process if error and it is an append operation
@ -66,9 +66,14 @@ tcp_or_udp_nat() {
sudo iptables -t nat $op PREROUTING $PROTO -d $publicIp $DEST_PORT -j DNAT \
$TO_DEST &>> $OUTFILE
local result=$?
logger -t cloud "$(basename $0): done port fwd entry for PAT: public ip=$publicIp op=$op result=$result"
# the rule may not exist
if [ "$op" == "-D" ]
then
return 0
fi
return $result
}
@ -184,6 +189,8 @@ do
esac
done
tcp_or_udp_entry $op $protocol $publicIp $ports $instanceIp $dports
OUTFILE=$(mktemp)
tcp_or_udp_nat $op $protocol $publicIp $ports $instanceIp $dports
result=$?
unlock_exit $result $lock $locked