apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

vr: fix packet interface mismatch (#6656)

Browse Source 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Co-authored-by: Daan Hoogland <daan@onecht.net>
This commit is contained in:
Abhishek Kumar 2022-09-29 20:32:28 +05:30 committed by GitHub
parent 33bd08369b
commit 67024b036a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
systemvm/debian/opt/cloud/bin/configure.py
View File

@ -181,19 +181,22 @@ class CsAcl(CsDataBag):
if self.direction == 'ingress': if self.direction == 'ingress':
for cidr in self.rule['cidr']: for cidr in self.rule['cidr']:
action = self.rule['action']
if action == "ACCEPT":
action = "RETURN"
if rule['protocol'] == "icmp": if rule['protocol'] == "icmp":
self.fw.append(["mangle", "front", self.fw.append(["mangle", "front",
" -A FIREWALL_%s" % self.ip + " -A FIREWALL_%s" % self.ip +
" -s %s " % cidr + " -s %s " % cidr +
" -p %s " % rule['protocol'] + " -p %s " % rule['protocol'] +
" --icmp-type %s -j %s" % (icmp_type, self.rule['action'])]) " --icmp-type %s -j %s" % (icmp_type, action)])
else: else:
self.fw.append(["mangle", "front", self.fw.append(["mangle", "front",
" -A FIREWALL_%s" % self.ip + " -A FIREWALL_%s" % self.ip +
" -s %s " % cidr + " -s %s " % cidr +
" -p %s " % rule['protocol'] + " -p %s " % rule['protocol'] +
" -m %s " % rule['protocol'] + " -m %s " % rule['protocol'] +
" %s -j %s" % (rnge, self.rule['action'])]) " %s -j %s" % (rnge, action)])
sflag = False sflag = False
dflag = False dflag = False

2
systemvm/debian/opt/cloud/bin/cs/CsAddress.py
View File

@ -423,7 +423,7 @@ class CsIP:
"-d %s/32 -j FIREWALL_%s" % (self.address['public_ip'], self.address['public_ip'])]) "-d %s/32 -j FIREWALL_%s" % (self.address['public_ip'], self.address['public_ip'])])
self.fw.append(["mangle", "front", self.fw.append(["mangle", "front",
"-A FIREWALL_%s " % self.address['public_ip'] + "-A FIREWALL_%s " % self.address['public_ip'] +
"-m state --state RELATED,ESTABLISHED -j ACCEPT"]) "-m state --state RELATED,ESTABLISHED -j RETURN"])
self.fw.append(["mangle", "", self.fw.append(["mangle", "",
"-A FIREWALL_%s -j DROP" % self.address['public_ip']]) "-A FIREWALL_%s -j DROP" % self.address['public_ip']])
self.fw.append(["mangle", "", self.fw.append(["mangle", "",