VPC : CS-11503, deleting staticnat works even ip is not there.

this can fix the issue for VPC, but Cloudstack should not send out ipdeassociate before applying ruls on this ip
2012-07-11 14:02:46 -07:00 · 2012-07-11 14:02:46 -07:00 · c5f8712b4b
parent a0a0113b51
commit c5f8712b4b
2 changed files with 21 additions and 1 deletions
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_func.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_func.sh
@ -43,3 +43,17 @@ getVPCcidr () {
  done
  return 1
 }
+
+removeRulesForIp() {
+  local ip=$1
+  iptables-save -t mangle | grep $ip | grep "\-A"  | while read rule
+  do
+    rule=$(echo $rule | sed 's/\-A/\-D/')
+    sudo iptables -t mangle $rule
+  done
+  iptables-save -t filter | grep $ip | grep "\-A"  | while read rule
+  do
+    rule=$(echo $rule | sed 's/\-A/\-D/')
+    sudo iptables -t filter $rule
+  done
+}
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticnat.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticnat.sh
@ -92,7 +92,13 @@ ethDev=$(getEthByIp $publicIp)
 result=$?
 if [ $result -gt 0 ]
 then
-  unlock_exit $result $lock $locked
+  if [ "$op" == "-D" ]
+  then 
+    removeRulesForIp $publicIp
+    unlock_exit 0 $lock $locked
+  else
+    unlock_exit $result $lock $locked
+  fi
 fi
 OUTFILE=$(mktemp)