Return-Path: <commits-return-55917-archive-asf-public=cust-asf.ponee.io@cloudstack.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 364052009EE
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 18 May 2016 21:55:19 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 3507A160A00; Wed, 18 May 2016 19:55:19 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 7B5F21609B0
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 18 May 2016 21:55:18 +0200 (CEST)
Received: (qmail 26421 invoked by uid 500); 18 May 2016 19:55:09 -0000
Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:commits@cloudstack.apache.org>
List-Id: <commits.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list commits@cloudstack.apache.org
Received: (qmail 26096 invoked by uid 99); 18 May 2016 19:55:09 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 May 2016 19:55:09 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id BDBE6E1894; Wed, 18 May 2016 19:55:08 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: swill@apache.org
To: commits@cloudstack.apache.org
Date: Wed, 18 May 2016 19:55:19 -0000
Message-Id: <b5c475de1c9c476aa8b600a01c2035fb@git.apache.org>
In-Reply-To: <3f5e24fdf5d34505aaf549c0b5da1507@git.apache.org>
References: <3f5e24fdf5d34505aaf549c0b5da1507@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [12/15] git commit: updated refs/heads/4.8 to 8f330b0
archived-at: Wed, 18 May 2016 19:55:19 -0000

Merge pull request #1482 from remibergsma/iptables-fix

Restore iptables at once using iptables-restore instead of calling iptables numerous timesThis makes handling the firewall rules about 50-60 times faster because it is generated in memory and then loaded once. It's work by @borisroman see PR #1400. Reopened it here because I think this is a great improvement.

* pr/1482:
  Resolve conflict as forceencap is already in master
  Split the cidr lists so we won't hit the iptables-resture limits
  Check the existence of 'forceencap' parameter before use
  Do not load previous firewall rules as we replace everyhing anyway
  Wait for dnsmasq to finish restart
  Remove duplicate spaces, and thus duplicate rules.
  Restore iptables at once using iptables-restore instead of calling iptables numerous times
  Add iptables copnversion script.

Signed-off-by: Will Stevens <williamstevens@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/9a20ab8b
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/9a20ab8b
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/9a20ab8b

Branch: refs/heads/4.8
Commit: 9a20ab8bcbbd39aa012a0ec5a65e66bcc737ee0e
Parents: 7a0b37a ebb7cb6
Author: Will Stevens <williamstevens@gmail.com>
Authored: Wed May 18 15:50:20 2016 -0400
Committer: Will Stevens <williamstevens@gmail.com>
Committed: Wed May 18 15:50:20 2016 -0400

----------------------------------------------------------------------
 .../debian/config/opt/cloud/bin/configure.py    |  39 ++--
 .../debian/config/opt/cloud/bin/cs/CsAddress.py |  31 ++-
 .../debian/config/opt/cloud/bin/cs/CsDhcp.py    |   2 +-
 .../config/opt/cloud/bin/cs/CsLoadBalancer.py   |  10 +-
 .../config/opt/cloud/bin/cs/CsNetfilter.py      |  72 +++---
 .../config/opt/cloud/bin/cs_iptables_save.py    | 227 +++++++++++++++++++
 6 files changed, 312 insertions(+), 69 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9a20ab8b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
diff --cc systemvm/patches/debian/config/opt/cloud/bin/configure.py
index b5f65e7,1e4469c..dc84916
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@@ -787,11 -805,11 +792,11 @@@ class CsForwardingRules(CsDataBag)
                  rule['public_ip'],
                  rule['protocol'],
                  rule['protocol'],
 -                self.portsToString(rule['public_ports'], ':'),
 +                public_fwports,
                  rule['internal_ip'],
 -                self.portsToString(rule['internal_ports'], '-')
 +                internal_fwports
                )
-         fw4 = "-j SNAT --to-source %s -A POSTROUTING -s %s -d %s/32 -o %s -p %s -m %s --dport %s" % \
+         fw4 = "-A POSTROUTING -j SNAT --to-source %s -s %s -d %s/32 -o %s -p %s -m %s --dport %s" % \
                (
                  self.getGuestIp(),
                  self.getNetworkByIp(rule['internal_ip']),

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9a20ab8b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
----------------------------------------------------------------------