You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ah...@apache.org on 2012/10/05 00:39:12 UTC

[1/2] git commit: CS-16409 : dhcp request doesn't have target ip, remove ip in the iptable rule

Updated Branches:
  refs/heads/4.0 0c6bdd278 -> 1ff798ca7


CS-16409 : dhcp request doesn't have target ip, remove ip in the iptable rule


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/1ff798ca
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/1ff798ca
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/1ff798ca

Branch: refs/heads/4.0
Commit: 1ff798ca76da0ea1c9c1eb6cb5ad5340f464e483
Parents: 4cb4628
Author: Anthony Xu <an...@cloud.com>
Authored: Thu Sep 27 20:24:37 2012 -0700
Committer: Alex Huang <al...@citrix.com>
Committed: Thu Oct 4 15:38:28 2012 -0700

----------------------------------------------------------------------
 .../debian/config/opt/cloud/bin/vpc_guestnw.sh     |    7 -------
 1 files changed, 0 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1ff798ca/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
index e5845fa..faf62c6 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
@@ -132,11 +132,6 @@ create_guest_network() {
   sudo ip addr add dev $dev $ip/$mask brd +
   sudo ip link set $dev up
   sudo arping -c 3 -I $dev -A -U -s $ip $ip
-  # setup rules to allow dhcp/dns request
-  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -d $ip -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
   # restore mark from  connection mark
   local tableName="Table_$dev"
   sudo ip route add $subnet/$mask dev $dev table $tableName proto static
@@ -155,8 +150,6 @@ destroy_guest_network() {
   logger -t cloud " $(basename $0): Create network on interface $dev,  gateway $gw, network $ip/$mask "
 
   sudo ip addr del dev $dev $ip/$mask
-  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
   sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
   sudo iptables -t nat -D POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
   destroy_acl_chain