cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From e...@apache.org
Subject [1/2] git commit: updated refs/heads/master to c78f58e
Date Wed, 20 May 2015 11:07:24 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/master ab7473eea -> c78f58e54


Allow forward to fix port forwarding rules


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/ab915b6c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/ab915b6c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/ab915b6c

Branch: refs/heads/master
Commit: ab915b6c921452fa7999c1f882add4ea3a82419a
Parents: dacdf97
Author: Ian Southam <isoutham@schubergphilis.com>
Authored: Tue May 19 12:54:38 2015 +0000
Committer: Ian Southam <isoutham@schubergphilis.com>
Committed: Tue May 19 12:54:38 2015 +0000

----------------------------------------------------------------------
 .../debian/config/opt/cloud/bin/configure.py    | 33 ++++++++++++++------
 1 file changed, 24 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ab915b6c/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index 799e279..c0b2ad5 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -529,7 +529,8 @@ class CsForwardingRules(CsDataBag):
 
     def forward_vr(self, rule):
         fw1 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j DNAT --to-destination
%s:%s" % \
-              ( rule['public_ip'],
+              (
+                rule['public_ip'],
                 self.getDeviceByIp(rule['public_ip']),
                 rule['protocol'],
                 rule['protocol'],
@@ -538,7 +539,8 @@ class CsForwardingRules(CsDataBag):
                 self.portsToString(rule['internal_ports'], '-')
               )
         fw2 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j DNAT --to-destination
%s:%s" % \
-              ( rule['public_ip'],
+              (
+                rule['public_ip'],
                 self.getDeviceByIp(rule['internal_ip']),
                 rule['protocol'],
                 rule['protocol'],
@@ -547,7 +549,8 @@ class CsForwardingRules(CsDataBag):
                 self.portsToString(rule['internal_ports'], '-')
               )
         fw3 = "-A OUTPUT -d %s/32 -p %s -m %s --dport %s -j DNAT --to-destination %s:%s"
% \
-              ( rule['public_ip'],
+              (
+                rule['public_ip'],
                 rule['protocol'],
                 rule['protocol'],
                 self.portsToString(rule['public_ports'], ':'),
@@ -555,35 +558,47 @@ class CsForwardingRules(CsDataBag):
                 self.portsToString(rule['internal_ports'], '-')
               )
         fw4 = "-j SNAT --to-source %s -A POSTROUTING -s %s -d %s/32 -o %s -p %s -m %s --dport
%s" % \
-              ( self.getGatewayByIp(rule['internal_ip']),
+              (
+                self.getGatewayByIp(rule['internal_ip']),
                 self.getNetworkByIp(rule['internal_ip']),
                 rule['internal_ip'],
                 self.getDeviceByIp(rule['internal_ip']),
                 rule['protocol'],
                 rule['protocol'],
                 self.portsToString(rule['internal_ports'], ':')
-              )  
+              )
         fw5 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j MARK --set-xmark %s/0xffffffff"
% \
-              ( rule['public_ip'],
+              (
+                rule['public_ip'],
                 self.getDeviceByIp(rule['public_ip']),
                 rule['protocol'],
                 rule['protocol'],
                 self.portsToString(rule['public_ports'], ':'),
                 hex(int(self.getDeviceByIp(rule['public_ip'])[3:]))
-              )  
+              )
         fw6 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -m state --state NEW -j
CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" % \
-              ( rule['public_ip'],
+              (
+                rule['public_ip'],
                 self.getDeviceByIp(rule['public_ip']),
                 rule['protocol'],
                 rule['protocol'],
                 self.portsToString(rule['public_ports'], ':'),
-              )  
+              )
+        fw7 = "-A FORWARD -i %s -o %s -p %s -m %s --dport %s -m state --state NEW -j ACCEPT"
% \
+              (
+                self.getDeviceByIp(rule['public_ip']),
+                self.getDeviceByIp(rule['internal_ip']),
+                rule['protocol'],
+                rule['protocol'],
+                self.portsToString(rule['internal_ports'], ':')
+              )
         self.fw.append(["nat", "", fw1])
         self.fw.append(["nat", "", fw2])
         self.fw.append(["nat", "", fw3])
         self.fw.append(["nat", "", fw4])
         self.fw.append(["nat", "", fw5])
         self.fw.append(["nat", "", fw6])
+        self.fw.append(["", "", fw7])
 
     def forward_vpc(self, rule):
         fw_prerout_rule = "-A PREROUTING -d %s/32 -i %s" % (rule["public_ip"], self.getDeviceByIp(rule['public_ip']))


Mime
View raw message