etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,850 Commits 323 Branches 325 Tags 929 MiB
Commit Graph

381 Commits

Author SHA1 Message Date
Sheng Yang 76abb27a3c S2S VPN: Add back pfs=no for ipsec.conf 
According to ipsec.conf manual:

pfs

whether Perfect Forward Secrecy of keys is desired on the connection's keying
channel (with PFS, penetration of the key-exchange protocol does not compromise
keys negotiated earlier); Since there is no reason to ever refuse PFS, Openswan
will allow a connection defined with pfs=no to use PFS anyway. Acceptable values
are yes (the default) and no.

Found removing the option would make it impossible to work with no PFS setting
router. It may related to CS-15511.
 2012-07-23 19:33:11 -07:00
Sheng Yang 67557f313a S2S VPN: Support for multiply VPN connections per VPC/VPN gateway 2012-07-23 19:02:52 -07:00
anthony 165b85fab5 empty dhcp information when start domr 2012-07-23 16:48:13 -07:00
anthony 5e3e3a7a1c CS-15635 : fixed the part introduced by VPC, there is anther part needs to be fixed for regular network 2012-07-23 16:11:47 -07:00
Vijayendra Bhamidipati f7be2a9352 CS-15657: Mgmt server fails to associate ip addess to public interface on VPC router VM 
Description:

	Fixing syntax error in ipassoc.sh.
 2012-07-23 11:17:54 -07:00
Sheng Yang 664c8b3b2c CS-15511: Fix parameter transfer in bash 2012-07-18 15:31:59 -07:00
Sheng Yang 0ff69f11a4 CS-15536: Insert VPN mangle policy to FORWARD and OUTPUT 
In order to get traffic tagged while ACL chain involved in PREROUTING chain.

Also using more generic tag checking in nat table.
 2012-07-17 17:22:00 -07:00
Sheng Yang c36de737db S2S VPN: Use source NAT ip address for VPN gateway 2012-07-17 17:22:00 -07:00
anthony 065eeb6141 VPC : remove rules in nat table if ip is removed 2012-07-11 16:05:15 -07:00
anthony c5f8712b4b VPC : CS-11503, deleting staticnat works even ip is not there. 
this can fix the issue for VPC,
  but Cloudstack should not send out ipdeassociate before applying ruls on this ip
 2012-07-11 14:44:32 -07:00
anthony 5d224ed592 VPC : in no route in setStaticRoute, just remove all routes 2012-07-10 18:41:13 -07:00
anthony d7fe4468f2 VPC : CS-15520, fix for acl revoke 2012-07-10 16:19:12 -07:00
anthony ed0b6c07ec VPC : CS-15492, fix static route 2012-07-10 15:16:15 -07:00
anthony 815584ead0 VPC : CS-15507, use correct chain for lb 2012-07-09 18:33:37 -07:00
anthony 5cd6516d21 CS-15506 : allow traffic going out domr in FORWARD chain 2012-07-09 18:33:37 -07:00
anthony 87a7fd1a26 VPC : CS-15501, outbound only work on new connection 2012-07-09 11:48:28 -07:00
anthony 417c435622 VPC : loadbalance go through inbound chain 2012-07-09 10:16:33 -07:00
anthony 94e26a00f4 VPC : VMs may access this static nat ip 2012-07-09 09:53:52 -07:00
anthony c18da90355 VPC : move egress chain to PREROUTING 2012-07-06 19:05:01 -07:00
anthony f737a21881 VPC : open 80 for vmdata 2012-07-06 17:59:26 -07:00
anthony 0f3f69f095 VPC : do not set mark for static nat 2012-07-06 16:11:05 -07:00
anthony e0fec2ef22 VPC : configure apache2 for each guest network 2012-07-06 16:09:07 -07:00
anthony af45bf03ad VPC : clean up host file for domr 2012-07-06 16:09:07 -07:00
anthony c258664a69 VPC : CS-15463 allow input traffic for established connection 2012-07-05 14:24:52 -07:00
Murali Reddy 2195f3ad83 VPC : CS-15424 default route & gateway is missing for private network in VPC virtual router on Vmware 
reviewd by : Anthony

adding route configuration through eth0 when VPC router
 2012-07-05 13:45:29 -07:00
anthony 38befcd228 CS-15427 : always provide gateway as DNS server due to no traffic is allowed by ACL, the external DNS doesn't work by default 2012-07-03 19:13:44 -07:00
anthony 051acd2306 VPC : clean up rt_table when stop domr 2012-07-03 12:25:25 -07:00
Sheng Yang 7e4841a117 CS-6840: Fix wrong path of check s2s vpn script 2012-07-03 11:09:00 -07:00
anthony 079d7ef1aa VPC : setup hairpin 2012-07-02 17:59:40 -07:00
anthony 2967ccd0d9 VPC : fix in unplug 2012-07-02 17:53:18 -07:00
anthony b5e8f7943f VPC : acl use eth* as chain name 2012-07-02 17:50:45 -07:00
anthony 810fe381bf VPC : static route, add route table in cloud-early-config 2012-07-02 17:42:10 -07:00
anthony 2af007a739 VPC : add static route 2012-07-02 17:28:54 -07:00
Sheng Yang 618d2541c8 CS-6840: Add status checking for site 2 site VPN 2012-06-29 18:58:52 -07:00
anthony 25ecac3d7b VPC : fix for nic unplug script 2012-06-29 18:22:47 -07:00
anthony adabf516fa VPC : network usage, the first colomn is output, the second colome is input 2012-06-29 17:39:04 -07:00
anthony 0f06bc6643 VPC : network usage works in VPC 2012-06-29 17:33:17 -07:00
anthony f25ee3844e VPC : create/destroy network usage chain 2012-06-29 15:52:14 -07:00
anthony 700ce361ff VPC : network usage 2012-06-29 15:52:13 -07:00
anthony 1109ef717a VPC : add vpc_staticroute.sh 2012-06-28 17:44:17 -07:00
anthony fddf23a986 VPC : loadbalancer works 2012-06-28 17:16:54 -07:00
Sheng Yang 6be53d847a CS-6840: Update ipsectunnel.sh 2012-06-27 19:06:18 -07:00
Clayton Weise ffe66c4917 CS-6840: Add ipsectunnel script 2012-06-27 19:05:22 -07:00
anthony 9775675d97 VPC : fixes for static nat 2012-06-27 11:20:19 -07:00
anthony 7dae3361c6 VPC : listeth.sh is used to list all eth devices in domr 2012-06-26 16:37:30 -07:00
anthony 08b2f7e37e VPC : handle staticnat and loadbalaner 2012-06-26 16:13:03 -07:00
anthony cd73f633a9 VPC : add vpc_staticnat 2012-06-26 13:54:05 -07:00
anthony 493560e370 VPC : fix for CONNMARK 2012-06-25 20:47:01 -07:00
anthony 669029b8cd VPC : fix for connection mark 2012-06-25 16:29:10 -07:00
anthony 781752b4c7 VPC : fix for port forwarding 2012-06-25 15:49:53 -07:00