apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-04 00:02:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix Policy Based Routing for private gateway static routes (#3604)

Browse Source 
* Fix for routing table issue with NAT interfaces

* Mark only packets with the public ip as destination
This commit is contained in:
Dennis Konrad 2020-01-30 11:31:30 +01:00 committed by GitHub
parent 7a25e40d5a
commit 82d94a87c5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
systemvm/debian/opt/cloud/bin/configure.py
View File

@ -941,11 +941,11 @@ class CsForwardingRules(CsDataBag):
raise Exception("Ip address %s has no device in the ips databag" % rule["public_ip"])
self.fw.append(["mangle", "front",
"-A PREROUTING -s %s/32 -m state --state NEW -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" %
rule["internal_ip"]])
"-A PREROUTING -d %s/32 -m state --state NEW -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" %
rule["public_ip"]])
self.fw.append(["mangle", "front",
"-A PREROUTING -s %s/32 -m state --state NEW -j MARK --set-xmark %s/0xffffffff" %
(rule["internal_ip"], hex(100 + int(device[len("eth"):])))])
"-A PREROUTING -d %s/32 -m state --state NEW -j MARK --set-xmark %s/0xffffffff" %
(rule["public_ip"], hex(100 + int(device[len("eth"):])))])
self.fw.append(["nat", "front",
"-A PREROUTING -d %s/32 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])
self.fw.append(["nat", "front",