etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bugfix #7 vpc vr: allow servers in private gateway to reach internet via the VPC VR if it is gateway

This commit is contained in:
Wei Zhou 2020-11-19 08:35:59 +00:00 committed by dahn
parent 8fb2efee1c
commit a8c9b4531b
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
systemvm/debian/opt/cloud/bin/cs/CsAddress.py
View File

@ -492,6 +492,10 @@ class CsIP:
self.fw.append(["nat", "front",
"-A POSTROUTING -o %s -j SNAT --to-source %s" %
(self.dev, self.address['public_ip'])])
if self.get_gateway() == self.get_ip_address():
# Accept packet from private gateway if VPC VR is used as gateway
self.fw.append(["filter", "", "-A FORWARD -s %s ! -d %s -j ACCEPT" %
(self.address['network'], self.address['network'])])
if self.get_type() in ["public"]:
self.fw.append(