diff --git a/plugins/hypervisors/ovm/scripts/vm/hypervisor/ovm/OvmSecurityGroupModule.py b/plugins/hypervisors/ovm/scripts/vm/hypervisor/ovm/OvmSecurityGroupModule.py index d04d1044ac2..8ad41dab9c0 100755 --- a/plugins/hypervisors/ovm/scripts/vm/hypervisor/ovm/OvmSecurityGroupModule.py +++ b/plugins/hypervisors/ovm/scripts/vm/hypervisor/ovm/OvmSecurityGroupModule.py @@ -75,13 +75,9 @@ class OvmSecurityGroup(OvmObject): @staticmethod def add_fw_framework(bridge_name): try: - cfo = ConfigFileOps("/etc/sysctl.conf") - cfo.addEntry("net.bridge.bridge-nf-call-arptables", "1") - cfo.addEntry("net.bridge.bridge-nf-call-iptables", "1") - cfo.addEntry("net.bridge.bridge-nf-call-ip6tables", "1") - cfo.save() - - execute("sysctl -p /etc/sysctl.conf") + execute("sysctl -w net.bridge.bridge-nf-call-arptables=1") + execute("sysctl -w net.bridge.bridge-nf-call-iptables=1") + execute("sysctl -w net.bridge.bridge-nf-call-ip6tables=1") except: logging.debug("failed to turn on bridge netfilter") return False diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py index 31984d2e87e..4392d4871e6 100755 --- a/scripts/vm/network/security_group.py +++ b/scripts/vm/network/security_group.py @@ -960,13 +960,9 @@ def getBrfw(brname): def addFWFramework(brname): try: - cfo = configFileOps("/etc/sysctl.conf") - cfo.addEntry("net.bridge.bridge-nf-call-arptables", "1") - cfo.addEntry("net.bridge.bridge-nf-call-iptables", "1") - cfo.addEntry("net.bridge.bridge-nf-call-ip6tables", "1") - cfo.save() - - execute("sysctl -p /etc/sysctl.conf") + execute("sysctl -w net.bridge.bridge-nf-call-arptables=1") + execute("sysctl -w net.bridge.bridge-nf-call-iptables=1") + execute("sysctl -w net.bridge.bridge-nf-call-ip6tables=1") except: logging.debug("failed to turn on bridge netfilter") return False