From f737a21881c436328c91ee2e74ed1c47ea98ec97 Mon Sep 17 00:00:00 2001
From: anthony <anthony@cloud.com>
Date: Fri, 6 Jul 2012 17:57:40 -0700
Subject: [PATCH] VPC : open 80 for vmdata

---
 .../debian/config/opt/cloud/bin/cloud-nic.sh        | 13 ++++++++++++-
 .../debian/config/opt/cloud/bin/vpc_guestnw.sh      |  2 ++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/patches/systemvm/debian/config/opt/cloud/bin/cloud-nic.sh b/patches/systemvm/debian/config/opt/cloud/bin/cloud-nic.sh
index 9ba5f1a441b..aa7cf4775e2 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/cloud-nic.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/cloud-nic.sh
@@ -16,7 +16,7 @@ unplug_nic() {
   sudo ip route flush table $tableName
   sudo sed -i /"$tableNo $tableName"/d /etc/iproute2/rt_tables 2>/dev/null
   sudo ip route flush cache
-  # remove rules
+  # remove network usage rules
   sudo iptables -t mangle -F NETWORK_STATS_$dev 2>/dev/null
   iptables-save -t mangle | grep NETWORK_STATS_$dev | grep "\-A"  | while read rule
   do
@@ -24,6 +24,17 @@ unplug_nic() {
     sudo iptables -t mangle $rule
   done
   sudo iptables -t mangle -X NETWORK_STATS_$dev 2>/dev/null
+  # remove rules on this dev
+  iptables-save -t mangle | grep $dev | grep "\-A"  | while read rule
+  do
+    rule=$(echo $rule | sed 's/\-A/\-D/')
+    sudo iptables -t mangle $rule
+  done
+  iptables-save | grep $dev | grep "\-A"  | while read rule
+  do
+    rule=$(echo $rule | sed 's/\-A/\-D/')
+    sudo iptables $rule
+  done
   # remove apache config for this eth
   rm -f /etc/apache2/conf.d/vhost$dev.conf
 }
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
index 761a5784591..8b976807137 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
@@ -40,12 +40,14 @@ setup_apache2() {
   sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/conf.d/vhost$dev.conf
   sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/conf.d/vhost$dev.conf
   service apache2 restart
+  sudo iptables -A INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
 }
 
 desetup_apache2() {
   logger_it "Desetting up apache web server for $dev"
   rm -f /etc/apache2/conf.d/vhost$dev.conf
   service apache2 restart
+  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
 }