apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

remove the default FORWARD rule on CentOS 5

Browse Source
This commit is contained in:
Edison Su 2011-07-06 13:52:06 -07:00
parent 399c1addb9
commit 5b4628f651
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
python/lib/cloudutils/serviceConfig.py
View File

@ -489,6 +489,7 @@ class firewallConfigBase(serviceCfgBase):
def __init__(self, syscfg): def __init__(self, syscfg):
super(firewallConfigBase, self).__init__(syscfg) super(firewallConfigBase, self).__init__(syscfg)
self.serviceName = "Firewall" self.serviceName = "Firewall"
self.rules = []
def allowPort(self, port): def allowPort(self, port):
status = False status = False
@ -504,7 +505,10 @@ class firewallConfigBase(serviceCfgBase):
try: try:
for port in self.ports: for port in self.ports:
self.allowPort(port) self.allowPort(port)
for rule in self.rules:
bash("iptables " + rule)
bash("iptables-save > /etc/sysconfig/iptables") bash("iptables-save > /etc/sysconfig/iptables")
self.syscfg.svo.stopService("iptables") self.syscfg.svo.stopService("iptables")
self.syscfg.svo.startService("iptables") self.syscfg.svo.startService("iptables")
@ -519,7 +523,8 @@ class firewallConfigAgent(firewallConfigBase):
def __init__(self, syscfg): def __init__(self, syscfg):
super(firewallConfigAgent, self).__init__(syscfg) super(firewallConfigAgent, self).__init__(syscfg)
self.ports = "22 16509 5900:6100 49152:49216".split() self.ports = "22 16509 5900:6100 49152:49216".split()
if syscfg.env.distribution.getVersion() == "CentOS":
self.rules = ["-D FORWARD -j RH-Firewall-1-INPUT"]
class cloudAgentConfig(serviceCfgBase): class cloudAgentConfig(serviceCfgBase):