From d0a09732d2bef46e0548ed0a07ef18d84205feb2 Mon Sep 17 00:00:00 2001
From: Naredula Janardhana Reddy <jana@cloud.com>
Date: Tue, 6 Mar 2012 13:11:36 +0530
Subject: [PATCH] Bug 14120:  Enabling SNAT for all the public NICs. Summary of
 changes:     - snat flag is set to true if it is first ip of the NIC.

reviewed-by: Abhi
---
 patches/systemvm/debian/config/root/ipassoc.sh              | 6 ++++--
 .../network/router/VirtualNetworkApplianceManagerImpl.java  | 4 ++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/patches/systemvm/debian/config/root/ipassoc.sh b/patches/systemvm/debian/config/root/ipassoc.sh
index d8401b6b960..e9d75caa3d6 100644
--- a/patches/systemvm/debian/config/root/ipassoc.sh
+++ b/patches/systemvm/debian/config/root/ipassoc.sh
@@ -208,13 +208,15 @@ add_routing() {
   return 0;
 }
 add_snat() {
+  local pubIp=$1
+  local ipNoMask=$(echo $1 | awk -F'/' '{print $1}')
   if [ "$sflag" == "0" ]
   then
+    logger -t cloud "$(basename $0):Remove SourceNAT $pubIp on interface $ethDev if it is present"
+    sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $ipNoMask ;
     return 0;
   fi
 
-  local pubIp=$1
-  local ipNoMask=$(echo $1 | awk -F'/' '{print $1}')
   logger -t cloud "$(basename $0):Added SourceNAT $pubIp on interface $ethDev"
   sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $ipNoMask ;
   sudo iptables -t nat -A POSTROUTING   -j SNAT -o $ethDev --to-source $ipNoMask ;
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index ca6c71c847b..c85b3c7ca31 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -2335,6 +2335,10 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
 
                 boolean add = (ipAddr.getState() == IpAddress.State.Releasing ? false : true);
                 boolean sourceNat = ipAddr.isSourceNat();
+                /* enable sourceNAT for the first ip of the public interface */
+                if (firstIP) {
+                    sourceNat = true;
+                }
                 String vlanId = ipAddr.getVlanTag();
                 String vlanGateway = ipAddr.getGateway();
                 String vlanNetmask = ipAddr.getNetmask();