There is currently no vpcrouter type defined in patchsystemvm.sh, which
controls our init scripts in the system vms. This patch allows the
services that would normally start on a router to start also on the VPC
router, in particular the password server was missing.
Signed-off-by: Edison Su <sudison@gmail.com>
Implements
SetupGuestNetworkCommand,SetNetworkACLCommand,SetSourceNatCommand,IpAssocVpcCommand,SetPortForwardingRulesVpcCommand.
Passes basic functionality, though I'm sure there may be some honing to
do.
Also fixes a few minor things found along the way:
vpc_guestnw.sh wasn't successfully setting up apache due to default
listen IP of 10.1.1.1
vpc_guestnw.sh was referencing a 'logger_it' function, replaced with
'logger -t cloud'
system vms were running with OS type "Debian GNU/Linux 5.0(32-bit)",
which was not found in the KVMGuestOsMapper
the Xen implementation of SetupGuestNetworkCommand had apparently
copied its catch message from UnPlug Nic, fixed string
Send-by: Marcus Sorensen
RB: https://reviews.apache.org/r/6883
Signed-off-by: Chip Childers <chip.childers@gmail.com>
I've assumed that Gavin's commit is appropriate, based
on an assumption that we will keep these files in the source
tree. If https://issues.apache.org/jira/browse/LEGAL-146
results in a different opionion from the members, then we
will end up having to do something more drastic anyway.
According to ipsec.conf manual:
pfs
whether Perfect Forward Secrecy of keys is desired on the connection's keying
channel (with PFS, penetration of the key-exchange protocol does not compromise
keys negotiated earlier); Since there is no reason to ever refuse PFS, Openswan
will allow a connection defined with pfs=no to use PFS anyway. Acceptable values
are yes (the default) and no.
Found removing the option would make it impossible to work with no PFS setting
router. It may related to CS-15511.
