bug 11420: reduce duration of disruption

2025-11-02 20:02:29 +01:00 · 2011-09-13 23:32:24 -07:00 · 2011-09-13 23:32:24 -07:00 · 61fa7d8675
commit 61fa7d8675
parent 143036b4a7
1 changed files with 6 additions and 3 deletions
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@ -1053,8 +1053,8 @@ def network_rules(session, args):

    util.SMlog("Programming network rules for vm  %s seqno=%s numrules=%s signature=%s guestIp=%s,"\
              " update iptables, reason=%s" % (vm_name, seqno, len(lines), signature, vm_ip, reason))
-    util.pread2(['iptables', '-F', vmchain])
    
+    cmds = []
    for line in lines:
        tokens = line.split(':')
        if len(tokens) != 4:
@ -1088,7 +1088,7 @@ def network_rules(session, args):
                if start == "-1":
                    range = "any"
                    iptables = ['iptables', '-I', vmchain, '-p',  'icmp', '--icmp-type',  range,  '-m', 'set', '--match-set', ipsetname, 'src', '-j', 'ACCEPT']
-            util.pread2(iptables)
+            cmds.append(iptables)
            util.SMlog(iptables)
        
        if allow_any and protocol != 'all':
@ -1099,9 +1099,12 @@ def network_rules(session, args):
                if start == "-1":
                    range = "any"
                    iptables = ['iptables', '-I', vmchain, '-p',  'icmp', '--icmp-type',  range, '-j', 'ACCEPT']
-            util.pread2(iptables)
+            cmds.append(iptables)
            util.SMlog(iptables)
            
+    util.pread2(['iptables', '-F', vmchain])
+    for cmd in cmds:
+        util.pread2(cmd)
    util.pread2(['iptables', '-A', vmchain, '-j', 'DROP'])

    if write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, signature, seqno) == False: