CLOUDSTACK-10317: Fix SNAT rules for additional public nics (#2476)

* CLOUDSTACK-10317: Fix SNAT rules for additional public nics This allows networks with additional public nics to have correct SNAT iptables rules applied on configuration. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> * update based on Wei's suggested change Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2018-03-08 10:01:36 +01:00 · 2018-03-08 10:01:36 +01:00 · c0440e8124
parent c0b920f740
commit c0440e8124
1 changed files with 1 additions and 1 deletions
--- a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
@ -388,7 +388,7 @@ class CsIP:
            self.fw.append(["mangle", "",
                            "-A VPN_%s -j RETURN" % self.address['public_ip']])
            self.fw.append(["nat", "",
-                            "-A POSTROUTING -o eth2 -j SNAT --to-source %s" % self.address['public_ip']])
+                            "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())])
            self.fw.append(["mangle", "",
                            "-A PREROUTING -i %s -m state --state NEW " % self.dev +
                            "-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])