You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by da...@apache.org on 2022/09/29 15:02:35 UTC
[cloudstack] branch main updated: vr: fix packet interface mismatch (#6656)
This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/main by this push:
new 67024b036a vr: fix packet interface mismatch (#6656)
67024b036a is described below
commit 67024b036a0640ee1ee9aa79d0496ce6606aa58c
Author: Abhishek Kumar <ab...@gmail.com>
AuthorDate: Thu Sep 29 20:32:28 2022 +0530
vr: fix packet interface mismatch (#6656)
Signed-off-by: Abhishek Kumar <ab...@gmail.com>
Co-authored-by: Daan Hoogland <da...@onecht.net>
---
systemvm/debian/opt/cloud/bin/configure.py | 7 +++++--
systemvm/debian/opt/cloud/bin/cs/CsAddress.py | 2 +-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/systemvm/debian/opt/cloud/bin/configure.py b/systemvm/debian/opt/cloud/bin/configure.py
index 67e575bfb7..2d873f8c97 100755
--- a/systemvm/debian/opt/cloud/bin/configure.py
+++ b/systemvm/debian/opt/cloud/bin/configure.py
@@ -181,19 +181,22 @@ class CsAcl(CsDataBag):
if self.direction == 'ingress':
for cidr in self.rule['cidr']:
+ action = self.rule['action']
+ if action == "ACCEPT":
+ action = "RETURN"
if rule['protocol'] == "icmp":
self.fw.append(["mangle", "front",
" -A FIREWALL_%s" % self.ip +
" -s %s " % cidr +
" -p %s " % rule['protocol'] +
- " --icmp-type %s -j %s" % (icmp_type, self.rule['action'])])
+ " --icmp-type %s -j %s" % (icmp_type, action)])
else:
self.fw.append(["mangle", "front",
" -A FIREWALL_%s" % self.ip +
" -s %s " % cidr +
" -p %s " % rule['protocol'] +
" -m %s " % rule['protocol'] +
- " %s -j %s" % (rnge, self.rule['action'])])
+ " %s -j %s" % (rnge, action)])
sflag = False
dflag = False
diff --git a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
index e676bb5aed..91422602bd 100755
--- a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
@@ -423,7 +423,7 @@ class CsIP:
"-d %s/32 -j FIREWALL_%s" % (self.address['public_ip'], self.address['public_ip'])])
self.fw.append(["mangle", "front",
"-A FIREWALL_%s " % self.address['public_ip'] +
- "-m state --state RELATED,ESTABLISHED -j ACCEPT"])
+ "-m state --state RELATED,ESTABLISHED -j RETURN"])
self.fw.append(["mangle", "",
"-A FIREWALL_%s -j DROP" % self.address['public_ip']])
self.fw.append(["mangle", "",