etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug CS-15972: Insert iptable rules to set vpn mark before vpn usage chain 

status CS-15972: resolved fixed
This commit is contained in:
kishan 2012-08-13 20:57:02 +05:30
parent 7e681a701c
commit 7c1a9658fc
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
patches/systemvm/debian/config/opt/cloud/bin/ipsectunnel.sh
View File

@ -54,9 +54,9 @@ start_ipsec() {
enable_iptables_subnets() {
for net in $rightnets
do
sudo iptables -A FORWARD -t mangle -s $leftnet -d $net -j MARK --set-mark $vpnoutmark
sudo iptables -I FORWARD -t mangle -s $leftnet -d $net -j MARK --set-mark $vpnoutmark
sudo iptables -A OUTPUT -t mangle -s $leftnet -d $net -j MARK --set-mark $vpnoutmark
sudo iptables -A FORWARD -t mangle -s $net -d $leftnet -j MARK --set-mark $vpninmark
sudo iptables -I FORWARD -t mangle -s $net -d $leftnet -j MARK --set-mark $vpninmark
sudo iptables -A INPUT -t mangle -s $net -d $leftnet -j MARK --set-mark $vpninmark
done
return 0