From e89eec45b660627ac01c4bce5467da55c44f8493 Mon Sep 17 00:00:00 2001 From: Chiradeep Vittal Date: Wed, 15 Feb 2012 15:32:01 -0800 Subject: [PATCH] bug 13734: allow dhcp requests and responses all the time Reviewed-by: Anthony --- scripts/vm/hypervisor/xenserver/vmops | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops index 973df43b16d..d7383770610 100755 --- a/scripts/vm/hypervisor/xenserver/vmops +++ b/scripts/vm/hypervisor/xenserver/vmops @@ -403,6 +403,8 @@ def can_bridge_firewall(session, args): try: util.pread2(['iptables', '-N', 'BRIDGE-FIREWALL']) util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '-m', 'state', '--state', 'RELATED,ESTABLISHED', '-j', 'ACCEPT']) + util.pread2(['iptables', '-A', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged', '-p', 'udp', '--dport', '67', '--sport', '68', '-j', 'ACCEPT']) + util.pread2(['iptables', '-A', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged', '-p', 'udp', '--dport', '68', '--sport', '67', '-j', 'ACCEPT']) util.pread2(['iptables', '-D', 'FORWARD', '-j', 'RH-Firewall-1-INPUT']) except: util.SMlog('Chain BRIDGE-FIREWALL already exists')