From d3ecb0099cb8b1121739af52c576c0c5f868e4a9 Mon Sep 17 00:00:00 2001
From: Leo Simons <lsimons@schubergphilis.com>
Date: Mon, 21 Jul 2014 13:09:14 +0200
Subject: [PATCH] CLOUDSTACK-7143: cleanup configure_conntrack.sh code

---
 .../systemvmtemplate/configure_conntrack.sh   | 28 ++++++++++++++-----
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh b/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
index 7fbd33a65be..bd431985d30 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
@@ -1,12 +1,22 @@
-# This is actually a bug in the conntrackd package. The comment in the conf file says stats logging is off by default but the parameter is set to on.
-# After a couple weeks logrotate will rotate the conntrackd-stats.log file ans start conntracking even if we don't want it to (on non-redundant routers for instance).
-fix_conntrackd() {
+#!/bin/bash
+
+set -e
+set -x
+
+# This is actually a bug in the conntrackd package. The comment in the conf file says stats logging is off by default
+# but the parameter is set to on.
+# After a couple weeks logrotate will rotate the conntrackd-stats.log file ans start conntracking even if we don't want
+# it to (on non-redundant routers for instance).
+function disable_conntrack_logging() {
+  grep "LogFile off" /etc/conntrackd/conntrackd.conf && return
+
   sed -i '/Stats {/,/}/ s/LogFile on/LogFile off/' /etc/conntrackd/conntrackd.conf
   rm -f /var/log/conntrackd-stats.log
 }
 
-# Preload these module otherwise the sysctl settings will not be set, and pasive ftp will not work.
-fix_modules() {
+function load_conntrack_modules() {
+  grep nf_conntrack_ipv4 /etc/modules && return
+
   cat >> /etc/modules << EOF
 nf_conntrack_ipv4
 nf_conntrack
@@ -15,5 +25,9 @@ nf_nat_ftp
 EOF
 }
 
-fix_conntrackd
-fix_modules
+function configure_conntrack() {
+  disable_conntrack_logging
+  load_conntrack_modules
+}
+
+return 2>/dev/null || configure_conntrack