apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

vrouter: remove a POSTROUTING rule for port forwarding in VPC router (#3952)

Browse Source 
As discussed in #3937 (comment)
a rule for port forwarding in VPC router might not be needed.

This fixes the failed result of health check for network VRs.
This commit is contained in:
Wei Zhou 2020-08-04 07:55:28 +02:00 committed by GitHub
parent eec56025c8
commit 407e34d4e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
systemvm/debian/opt/cloud/bin/configure.py
View File

@ -918,15 +918,6 @@ class CsForwardingRules(CsDataBag):
if not rule["internal_ports"] == "any":
fw_prerout_rule += ":" + self.portsToString(rule["internal_ports"], "-")
fw_postrout_rule = "-A POSTROUTING -d %s/32 " % rule["public_ip"]
if not rule["protocol"] == "any":
fw_postrout_rule += " -m %s -p %s" % (rule["protocol"], rule["protocol"])
if not rule["public_ports"] == "any":
fw_postrout_rule += " --dport %s" % self.portsToString(rule["public_ports"], ":")
fw_postrout_rule += " -j SNAT --to-source %s" % rule["internal_ip"]
if not rule["internal_ports"] == "any":
fw_postrout_rule += ":" + self.portsToString(rule["internal_ports"], "-")
fw_output_rule = "-A OUTPUT -d %s/32" % rule["public_ip"]
if not rule["protocol"] == "any":
fw_output_rule += " -m %s -p %s" % (rule["protocol"], rule["protocol"])
@ -948,7 +939,6 @@ class CsForwardingRules(CsDataBag):
)
self.fw.append(["nat", "", fw_prerout_rule])
self.fw.append(["nat", "", fw_postrout_rule])
self.fw.append(["nat", "", fw_postrout_rule2])
self.fw.append(["nat", "", fw_output_rule])