etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,940 Commits 334 Branches 327 Tags 818 MiB
Commit Graph

450 Commits

Author SHA1 Message Date
David Bierce 646e0d99dd Always enter chap-secrets as a quoted field. In the event of special characters it creates and deletes the entry properly, in the event there are not special characters there is no change behavior. 
Signed-off-by: Remi Bergsma <apache@remi.nl>

This closes #307
 2015-05-27 13:42:48 +02:00
Ian Southam 56483436f0 Pep8 changes that got lost with the strange double push request problem last time 2015-05-26 07:07:43 -04:00
Abhinandan Prateek ad6ac9bb10 CLOUDSTACK-8488: network with LB fails to restart as the bash script mangles the escape characters, fixed 2015-05-22 16:24:20 +05:30
Ian Southam ab915b6c92 Allow forward to fix port forwarding rules 2015-05-19 12:54:38 +00:00
Rajani Karuturi 0b8355920e Merge branch 'volume-upload' into master 
This closes #206
 2015-04-29 11:12:53 +05:30
Rohit Yadav 6829399647 CLOUDSTACK-7493: ignore errors on removal of iptables chains that don't exist 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f26ae6eb39)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-23 14:19:46 +02:00
Rohit Yadav f55658dab2 vpn_l2tp: fix variable assignment, fails L2TP VPN 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 5cba410937)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-23 14:19:34 +02:00
wilderrodrigues 2fad87d3f3 Make the routers persistent 
- After configuration save the ipdated in files
    * /etc/iptables/router_rules.v4 and /etc/iptables/router_rules.v6
    * Reload the configuration on reboot via the /etc/rc.local using iptables-restore
 2015-04-14 15:09:47 +02:00
Rene Moser 0ada08aa85 CLOUDSTACK-6885: fix logrotate on VR to depend on size 
In 6ac06e5e5e logrotate was changed to run hourly.
Some logrotate configs still have set `daily` only which results in logs not
rotated hourly. The only way to ensure the log is rotated is to use size.

This closes #162

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-14 00:49:28 +05:30
wilderrodrigues cb2b9e870b Fixing the communication with VM via Public IP 
- Pub IP port forwarding and static NAT fixed for single VPCs
   - Pub IP port forwarding fixed for redundant VPCs

[wip] fix static NAT for redundant VPCs

This closes #150
 2015-04-08 16:04:55 +02:00
wilderrodrigues 3d22a16c4f Bump priority stragety is no longer used for redundant virtual routers 
- With the changes added by the rVPC work, the bump priority became deprecated.
     This commit includes a refactor to get it removed from the following resources:
     * Java classes
     * domain_router table - removing the is_priority_bumpup column
     * Fixing unit tests

All changes were tested with:

XenServer 6.2 running under our VMWare zone
CloudStack Management Server running on MacBook Pro
MySql running on MackBook Pro
Storage Type: Local
 2015-04-02 21:50:49 +02:00
Rohit Yadav 0540ba1b30 systemvm: fix socat usage 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 888f67f0bd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-30 13:50:39 +05:30
Abhinandan Prateek 6ac06e5e5e CLOUDSTACK-6885: rotate logs hourly on VR 2015-03-30 13:49:23 +05:30
Rene Moser 33280ade2e systemvm: fix/improve irqbalance on multicore VR. 
This is a known issue in irqbalance 1.0.3 and was partially fixed in 1.0.4.
Using the package 1.0.6 from wheezy backports helped on many VRs balancing the
interrupts, but not on all.

It seems only 1.0.7 fixes all issues regarding this, also see thread in user ML
http://mail-archives.apache.org/mod_mbox/cloudstack-users/201503.mbox/%3C5508540E.4090302%40renemoser.net%3E

This closes #119

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit a45f0e29e2)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-23 14:21:13 +05:30
Rohit Yadav eddcb101dc CLOUDSTACK-8331: have savepassword try all interfaces 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b819211476)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-18 14:40:23 +05:30
Rohit Yadav b011c9bad4 Add missing license headers from recent branch merge 3c429ee 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-18 11:03:54 +05:30
Rohit Yadav f0da19a060 vpc_passwd_server: use the improved Python based password server 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 3262b0bfd9)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-18 10:43:20 +05:30
Rohit Yadav 3c429ee6b5 Merge remote-tracking branch 'sbp/feature/persisten-systemvm-redundant-vpc-REBASE' 
This closes #118

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-17 15:44:57 +05:30
Rohit Yadav 83736ab534 CLOUDSTACK-8331: savepassword should try all IPs on eth0 
The logic is same as passwd_server_ip script which runs password server on all
IPs on eth0 interface.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 294503a025)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-17 14:23:07 +05:30
Rohit Yadav e3c04c7147 savepassword: use eth0's IP address, as password server listens on that IP 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 488625b193)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-17 13:24:06 +05:30
Ian Southam 23c100d949 If master gets called and then within a few seconds backup (this can happen during provisioning), the master process will complete after the backup one. Not what we want. These commands must be serial 
Used a wee Unix socket to create a lock

We still need to find out why the flip flop occasionally happens. nopreempt should stop this ...
 2015-03-16 11:40:12 +01:00
Ian Southam 7bfccd699b Fixed Port forwarding (DNAT/SNAT) for isolated networks 
Fixed failure on using eth10 (which CS now supports)
Refactored CSForward to us CsInterface object instead of teh way it was kludged together
Fixed hex conversion for device numbers and iptables marks
 2015-03-16 11:40:12 +01:00
Ian Southam 6fc680be71 Fixed password server respawning issue 
Some changes to isolated network acl generation
 2015-03-16 11:40:11 +01:00
Ian Southam 5ddf87b2fd Use reload on keepalived 
restart causes the master status to flip unecessarily during provisioning tasks
 2015-03-16 11:40:11 +01:00
Ian Southam 585f5f7000 ACL issues 
ACL order issues
Do not block multicast traffic for vrrp
Many smaller bug fixes
checkrouter provided in /opt/cloud/bin
 2015-03-16 11:40:10 +01:00
Ian Southam 3cc0915a01 Work arounds for how CS adds and removes hosts 2015-03-16 11:40:08 +01:00
Ian Southam 748e2e51a9 Check both ip and hosts when building dhcp bag 2015-03-16 11:40:08 +01:00
Ian Southam c1ec5b0b16 nat rules added to incorrect interface 2015-03-16 11:40:07 +01:00
Ian Southam 7700e940ff dnsmasq should restart if config changes and hup if hosts change 2015-03-16 11:40:07 +01:00
wilderrodrigues e7969b640b No hardcoded passwords. 
- If for some reason the cmdLine json doesn't contain the password key, which is almost impossible to happen,
    we generate a password based on other unique data per VPC
 2015-03-16 11:40:06 +01:00
wilderrodrigues 4b6604318d generate random password for redundant VPC 2015-03-16 11:40:06 +01:00
Ian Southam baa758accc Utterley stupid 2015-03-16 11:40:06 +01:00
Ian Southam 639126da8b {ip: hosts} syntax goes wrong if ip contains 1:: 
Needs to anchore regexp
 2015-03-16 11:40:05 +01:00
Ian Southam aa6fdf853b A tab got in there somehow! 2015-03-16 11:40:05 +01:00
Ian Southam b3da2c54c2 Add network stats for isalated networks 2015-03-16 11:40:04 +01:00
Ian Southam 57d3ffaef8 Fixed password server, fixed more firewall issues 
Fixed issues with real IP and not virtual (gateway) IP being opened on the firewall
DNS now works on the vms
 2015-03-16 11:40:03 +01:00
wilderrodrigues e6b3ee318c Fix the checkrouter.sh script in order to report the routers state 2015-03-16 11:40:02 +01:00
Ian Southam 9e82281cc1 Fixed rules for dhcp towards v, 
Fixed fw rules for a bunch of things
Bring public interface up if no tier has been defined
 2015-03-16 11:39:58 +01:00
wilderrodrigues 4c9f4fcdd3 Make virtual router id unique per redundant group 
Customise the messages showed during VPC restart based on redundancy
Do not show "Make Redundant" option if VPC is already redundant
Show on VPC details if a VPC is redundant
 2015-03-16 11:39:58 +01:00
Ian Southam 7a9a356094 Switch control interface for vrrp to guest network 
Fix rRouter that was deleting the gateway interface
 2015-03-16 11:39:57 +01:00
Ian Southam 87d4171c53 Who changed my condition! 
De Morgans laws chaps
The negation of a conjunction is the disjunction of the negations.
The negation of a disjunction is the conjunction of the negations.
 2015-03-16 11:39:56 +01:00
Ian Southam db48a99678 Restart keepalived if a pub interface gets added or removed 2015-03-16 11:39:55 +01:00
Ian Southam c828653a0a Another correction 2015-03-16 11:39:54 +01:00
Ian Southam 267bc52579 Mistake no I set no priority! 2015-03-16 11:39:54 +01:00
Ian Southam 2b0c4c85a9 Fixed up get_dns for normal isolated vrs 2015-03-16 11:39:53 +01:00
Ian Southam bf6e3fa8b2 Fixed CsAddress destroying the VIP address on a redundant router 
Taken quite a bit of code out of CsRedundant
Fixed public IP in keepalived when there is no guest network
 2015-03-16 11:39:53 +01:00
Ian Southam 6d34f1f797 Set to EQUAL and noprempt - let keppalived decide who is boss 
Also removed bump as we really do not need this
 2015-03-16 11:39:53 +01:00
Ian Southam 3b1dd68ae9 Remove vpc_router_svcs because they will be the same as any other router (soon) 
One question is apache2
 2015-03-16 11:39:52 +01:00
Ian Southam 9bec4b64e7 This change breaks stuff 
This id is used to define the groups and will prevent the two vrrp instances from talking to each other
Result = MASTER MASTER
 2015-03-16 11:39:52 +01:00
wilderrodrigues b7a142800d Adding the router priority when the control interface is created 
Adding some logging to the check heartbeat script
 2015-03-16 11:39:52 +01:00
Ian Southam e95a6498b5 No bump for now 2015-03-16 11:39:51 +01:00
Ian Southam f5ef75ee7e Vrrp will fail if your own code keeps killing it off 2015-03-16 11:39:51 +01:00
wilderrodrigues ae53d5ede1 Fix router priuority using the same logic as the one for the state 
Fix the router state. do not show UNKNOW, but MASTER or BACKUP depending on the type of router
Implement the virtual_router_id to be passed as a boot parameter to the router
  - it is needed for the keepalived configuration
 2015-03-16 11:39:51 +01:00
wilderrodrigues a5d6f90f66 Implementing redundant router arguments to add redundant_state 
Implementing the arguments on the python side
 2015-03-16 11:39:51 +01:00
Ian Southam 279f1a2741 Lots of changes to do with redundancy 2015-03-16 11:39:50 +01:00
wilderrodrigues 62d586e2af Reverting the changes on CsAddress done in commit 374946e07748dd3ad659381c7d88e5e4140e4eeb 2015-03-16 11:39:50 +01:00
wilderrodrigues bd7799401b Removing guest interfaces form the VRRP list 
Removing the not is_redundant from the check that put interfaces UP.
  - it now checks only "not is_public"
 2015-03-16 11:39:50 +01:00
wilderrodrigues da53a5502e Fix restarting VPC 2015-03-16 11:39:50 +01:00
wilderrodrigues 0be56a5ff6 Fixing the timout )ssh hanging) on the CsApp.py file 
Adding kill_all() method on the CsProcess.py file (not being used yet)
Changing a bit the logic in the merge.py

The changes in the logic might be reverted, but they are causing no harm now.
 2015-03-16 11:39:50 +01:00
Ian Southam fb094ecafd get_dns via guest network returns blank dns servers 
fixed and added unit test
 2015-03-16 11:39:49 +01:00
wilderrodrigues 84ba06b87d Fix: the update_config.py was not parsing the incoming guest net configuration properly 
Added comments to the CitrixResourceBase class: do not destroy the cd-rom
 2015-03-16 11:39:49 +01:00
wilderrodrigues 2bb79b8115 Adding some info to the update_config.py 2015-03-16 11:39:49 +01:00
wilderrodrigues edd839ab10 Fix: allow multiple VIFs per Mac Address 
Fix: RTNETLINK errors
     - Management Server health check trying to create already existing interface
     - Changes on update_config.py, cs_guestnetwork.py, merger.py
Fix: replace RRouTER_LOG in the CsRedundant.py per log file location
Fix: Guest Net address association during Router restart
     - Changes on NicProfileHelper, NicProfileHelperImpl
Fix: aggregationExecution() method on VirtualNetworkApplianceManagerImpl
     - Do not send an AggregationControlCommand to a non-configured router

Some classes have been formatted.
 2015-03-16 11:39:48 +01:00
wilderrodrigues 460204fa9f Fixing CsDhcp.py 
Fixing assign IPv4 on GuestNetworkGuru.java
Fixing getRouters() on VpcVirtualRouterElement.java
Fixing Fixing paths on keepalived.conf.templ

Refactor on the other files
 2015-03-16 11:39:17 +01:00
wilderrodrigues ddbc565bc4 Log an error when removing keepalived.strikes file and it doesn't exit. 2015-03-16 11:39:17 +01:00
wilderrodrigues 40eb579115 TK-3135 fixes for VPC restart 
* removed the "is redundant" flag form the addVpcRouterToGuestNetwork() method
* removed the "is redundant" flag from the removeVpcRouterFromGuestNetwork() method
* changed the path of the master.py file in the keepalived.conf.temp file
* the call to routerDao.addRouterToGuestNetwork() in the VpcRouterDeploymentDefinition is not needed. That step will be performed once a VM is created
  - In addition, when restarting a VPC the routers will have the guest net configured, if any exists.

* Pushing the POM.xml as well, to use the old Jetty for now. Could not fix the logging problem. Will replace the POM with master version after VPC is done.
 2015-03-16 11:39:17 +01:00
wilderrodrigues 35151961be Fixing call on AclIP class. Instead of self.fw = fw we have to do self.fw = fw.get_fw() 
Fixing the master.py path in the keepalived.conf.templ
 2015-03-16 11:39:16 +01:00
wilderrodrigues 84bf46dc2f Java: Fixing the redundant flag for the router control nic and the guest network command; 
Python: fix the redundant setup in the CsRedundant class
 2015-03-16 11:39:15 +01:00
wilderrodrigues 3b6f247d40 Fix problem with reading invalid key form the dictionary 
I did in the same way Ian did for other files, but we have to find a better way to fix it.
 2015-03-16 11:39:15 +01:00
wilderrodrigues 370fe518f2 Fixing delete_leases function. 
It was refering a non-existing variable.
 2015-03-16 11:39:14 +01:00
Ian Southam 636dfd6217 New unit test 
Some stupid typos
pep8
 2015-03-16 11:39:14 +01:00
Ian Southam 406af7e855 Sorting out redundancy 
some new unit testing
stupid bug in CsCmdLine refactor
 2015-03-16 11:39:14 +01:00
Ian Southam bdda01d269 Countless bug fixes, mostly do do with VR redundancy 
Also added some new unit tests and adjusted the code to make them work
 2015-03-16 11:38:18 +01:00
Ian Southam 24c8de3c13 Some convenience methods 2015-03-16 11:38:17 +01:00
Ian Southam 8a6a407114 Dhcp refactor 
Loads of tiny bugs squashed and some big ones
Tested with domR needs VPC testing now
TODO:  Unit tests CsDhcp
 2015-03-16 11:38:17 +01:00
Ian Southam 31266d354f Broken code during guest network merge 2015-03-16 11:38:17 +01:00
Hugo Trippaers 75dda0b5b2 Fix imports 2015-03-16 11:38:17 +01:00
Ian Southam 40eb8423b9 Fixed hostname on router 2015-03-16 11:38:16 +01:00
Ian Southam d89c1e28ab Forgot to add append method 2015-03-16 11:38:16 +01:00
Ian Southam ec09f04b88 Small bug 2015-03-16 11:38:16 +01:00
Ian Southam 84624091fd Load balancer config 2015-03-16 11:38:16 +01:00
Ian Southam 7d0df32560 Lots of fixes from the testing 
firewallrules implemented sperately from networkacl (ugly but best that can be done ATM)
Some refactoring in CsDHCP as it made no sense to do it that way anymore
processmonitoring implemented
Domain not correctly sourced in VR
 2015-03-16 11:38:15 +01:00
Ian Southam 08d2e10cb9 pep8 2015-03-16 11:38:15 +01:00
Ian Southam 0496ba7a00 firewallrules (VR) and metworkacl (VPC) did not as I believe they shgould get combined 
in the underlying java code
Have split them out again.
Omce tested this will need some refactorinfg because it is currently PFU
 2015-03-16 11:38:15 +01:00
Ian Southam f924a9755d Adding port forwarding ranges exposes a rather unfortunate typo 2015-03-16 11:38:15 +01:00
Ian Southam 467374c981 This time after running the unittests <blush> 2015-03-16 11:38:14 +01:00
Ian Southam cca4b58d50 A couple of firewall fixes for DomRouter code 2015-03-16 11:38:14 +01:00
wilderrodrigues 099add4fd6 Removing "global" declaration from if block 
In python an "if" block doesn't change the scope. So, global not needed as it was creating an warning.
 2015-03-16 11:38:13 +01:00
wilderrodrigues 185975f6ac Adding [ERROR] tag before error message to ease identification 2015-03-16 11:38:13 +01:00
Hugo Trippaers 67ee33ff8a More pep8 checks and fixes 2015-03-16 11:38:12 +01:00
Hugo Trippaers 5c4d221c34 Let's stick to CamelCase for now 2015-03-16 11:38:12 +01:00
Hugo Trippaers e10545506d Add boilerplates for module unittests 2015-03-16 11:38:12 +01:00
Hugo Trippaers 628af2f973 Get started with some tests on the python code 2015-03-16 11:38:11 +01:00
Ian Southam 6b0c40ed3e iAdd chains before provisioning rules 2015-03-16 11:38:11 +01:00
Ian Southam 50ee12c6e3 Corrected basic firewalling setup 2015-03-16 11:38:10 +01:00
Ian Southam 13b7ca1b3f New code must not run on systemvm 2015-03-16 11:38:10 +01:00
Ian Southam 4cdaada380 Bugger 2015-03-16 11:38:10 +01:00
Ian Southam dce2c9e35a Syntax error 2015-03-16 11:38:10 +01:00
Ian Southam 092c8924c9 Bug corrections 2015-03-16 11:38:09 +01:00
Ian Southam 5249df8799 Splitting router and vpc 2015-03-16 11:38:09 +01:00
Ian Southam 99d7c8f457 Fix syntax error 2015-03-16 11:38:09 +01:00
Ian Southam 945cc0bcfb Aligning router chain names correctly 2015-03-16 11:38:08 +01:00
Hugo Trippaers a2e7f30542 Fix license headers 2015-03-16 11:38:08 +01:00
Hugo Trippaers 18f517a8b1 pep8 2015-03-16 11:38:08 +01:00
Hugo Trippaers 9385f071d7 Fix PEP8 compliance 2015-03-16 11:38:07 +01:00
Hugo Trippaers acaeec9a27 Fix indent 2015-03-16 11:38:07 +01:00
Ian Southam 5dcdf26328 Typo 2015-03-16 11:38:07 +01:00
Ian Southam 54f5c53a20 Decided not at this stage to combine VPC and VR code 2015-03-16 11:38:06 +01:00
Hugo Trippaers 0afe0153a7 Fix tab characters 2015-03-16 11:38:06 +01:00
Ian Southam 2f8352bf96 Daft mistake that left more data getting merged than we would have liked 2015-03-16 11:38:06 +01:00
Hugo Trippaers 76d0669656 Avoid confusion and make sure the file is put in only one location 2015-03-16 11:38:06 +01:00
Hugo Trippaers 01acd3d8ec VR interfaces need the proper network type in ips 2015-03-16 11:38:05 +01:00
Hugo Trippaers 4632936733 We actually don't need all the process stuff 2015-03-16 11:38:05 +01:00
Hugo Trippaers a9c5f91223 Fix indents 2015-03-16 11:35:37 +01:00
Ian Southam ba4684d53d Updated incorrect file. 
This led to the file loading twice
 2015-03-16 11:35:37 +01:00
Ian Southam e30da35879 Interfaces were not coming up on non redundant router 2015-03-16 11:35:37 +01:00
Hugo Trippaers 4cfe2a32c0 Fix a few things introduced by the rebase 2015-03-16 11:35:35 +01:00
Ian Southam 55c008f569 Cockup during the adding of the Apache licence 2015-03-16 11:35:31 +01:00
Ian Southam f0b783bb11 Removed stuff that is moved to CsRedundant 2015-03-16 11:35:30 +01:00
Ian Southam 7b95b78223 backup fault and master implemented 
Some more refactoring to decluter the bin directory
New config class to carry around the log, command line and firewall data
 2015-03-16 11:35:29 +01:00
Ian Southam 8a2391336c Getting redundancy to work via teh configuration files 
Some refactoring to make class loading a little more logical
Removed fw global (does not persist accross modules)
Added first tests
Added command line call to set and disable redundancy
Added command line call to set master
 2015-03-16 11:35:29 +01:00
Ian Southam 093749eaae A start on the redundancy code 
This will not break anything but also will not work
 2015-03-16 11:35:29 +01:00
Ian Southam a01e9082cd New code for ACLs (VPN configuration) failed functional tests 
Some corrections
 2015-03-16 11:35:28 +01:00
Ian Southam f7d0a11a34 Process VPN requests\ 
No tests (yet)
 2015-03-16 11:35:28 +01:00
Ian Southam b95d8257a4 Merge operation for site2site vpn 2015-03-16 11:35:28 +01:00
Ian Southam 725c040d5c Added code to configure netusage for vpc and domR devices 
Removed code from existing scripts that does the same
Fixed some more issues with CsNetfilter
Added rsync for/etc/iptables in rsync
 2015-03-16 11:35:27 +01:00
Ian Southam 3cdaa55462 icmp-type parameter was being skipped 2015-03-16 11:35:27 +01:00
Ian Southam 2765a506dc Moved databag into a separate file 2015-03-16 11:35:26 +01:00
Ian Southam 733bc19eac Include base rule sets in Acls 
Also made some adjustments to the base rule sets to ensure my parsing routine works
 2015-03-16 11:35:26 +01:00
Hugo Trippaers a7338387c1 Sourcenat is handled differently for routers and vpc routers 2015-03-16 11:35:26 +01:00
Hugo Trippaers 576564e744 If a file doesn't exist, create it 2015-03-16 11:35:26 +01:00
Ian Southam 762e05ddee Bug fixed: 
Default drop rul for inbound chain gets dropped by CsNetFilter
This would have been bad (tm)
 2015-03-16 11:35:25 +01:00
Ian Southam 8b38bff962 A lot of corner cases dealt with 
Need now to expand the test data to ensure I have got them all
Also failure to match because bizarrely some strings were unicode and some not
 2015-03-16 11:35:25 +01:00
Ian Southam 5137d7e136 Removed dhcpopts.conf for now as, it is the routing options and they seem to be dealt with dofferently in the new arrangement 
Changed the dhcp tests to avoid handing out the broadcast and gateway addresses :)
 2015-03-16 11:35:25 +01:00
Hugo Trippaers f21b90a73e Add missing sourcenat rule 2015-03-16 11:35:25 +01:00
Hugo Trippaers 6d12d94e0c Add the public source nat rule 2015-03-16 11:35:24 +01:00
Hugo Trippaers 80a149abb7 Add port forwarding and static nat to the convergence infrastructure 2015-03-16 11:35:24 +01:00
Hugo Trippaers 8c5dba31d0 Fix the forwardingrule databag 2015-03-16 11:35:24 +01:00
Ian Southam 7fc3365459 Implemented delete (add : false) for cs_dhcp 
Added some tests to the test_update_config tests for dhcp entries
 2015-03-16 11:35:24 +01:00
Ian Southam e6e47de6ff Stupid stupd bug 
a or b is of course not the same as a | b
 2015-03-16 11:35:23 +01:00
Ian Southam c318bd6337 Corrected bug (I love tests) 
The dhcp server will only start listening after a host has been added
In this condition, HUP is not enough
Changed so that if it is adding a first host it will restart the server
 2015-03-16 11:35:23 +01:00
Ian Southam 0e8c79c7f1 That is the acls. 
Need to check the order stays good
 2015-03-16 11:35:23 +01:00
Hugo Trippaers f273fd4659 Add the static nat rules to the merge procedure 2015-03-16 11:35:23 +01:00
Hugo Trippaers a789e8bf57 Fix a bug that would add updated control ip address instead of replace 2015-03-16 11:35:22 +01:00
Ian Southam 8f4461567d That should be all the dhcp settings correct 
CsGuestNetwork moved out of configure
dnsmasq config all switched to CsDhcp
 2015-03-16 11:35:22 +01:00
Ian Southam b45c71ee31 Acl code linked in 
Dhcp code
Test file for dhcp entry
 2015-03-16 11:35:22 +01:00
Hugo Trippaers 683e660d60 Small (but important) fixes 2015-03-16 11:35:22 +01:00
Ian Southam 574fa2c0a0 Call update_config.py if it is there 2015-03-16 11:35:21 +01:00
Ian Southam 8abf1a22ab Auto create missing chains 
Auto delete superfluous rules
TO DO: Priorities
 2015-03-16 11:35:21 +01:00
Ian Southam 19fd0b4b57 Added logic to create all necessary firewall rules 
TODO:  Auto add chains
TODO:  Delete rules that should not be there
TODO: Deal with precidence
 2015-03-16 11:35:21 +01:00