You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by an...@apache.org on 2012/07/28 01:04:17 UTC

[5/16] git commit: VPC : this is default iptables for vpc route

VPC : this is default iptables for vpc route


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/d5d6c9f5
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/d5d6c9f5
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/d5d6c9f5

Branch: refs/heads/vpc
Commit: d5d6c9f5f4ade8862e4bf3997270d786fc986721
Parents: 0369fa3
Author: anthony <an...@cloud.com>
Authored: Thu Jul 26 14:32:08 2012 -0700
Committer: anthony <an...@cloud.com>
Committed: Fri Jul 27 15:04:42 2012 -0700

----------------------------------------------------------------------
 .../debian/config/etc/iptables/iptables-vpcrouter  |    4 ++--
 .../debian/config/etc/iptables/rt_tables_init      |   11 +++++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/d5d6c9f5/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter b/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter
index c1d0c15..f60a1e4 100644
--- a/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter
+++ b/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter
@@ -9,10 +9,11 @@ COMMIT
 :OUTPUT ACCEPT [0:0]
 -A INPUT -d 224.0.0.18/32 -j ACCEPT
 -A INPUT -d 225.0.0.50/32 -j ACCEPT
--A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
+-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
 COMMIT
 *mangle
 :PREROUTING ACCEPT [0:0]
@@ -20,6 +21,5 @@ COMMIT
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 :POSTROUTING ACCEPT [0:0]
--A PREROUTING -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
 -A OUTPUT -p udp --dport bootpc -j CHECKSUM --checksum-fill
 COMMIT

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/d5d6c9f5/patches/systemvm/debian/config/etc/iptables/rt_tables_init
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/etc/iptables/rt_tables_init b/patches/systemvm/debian/config/etc/iptables/rt_tables_init
new file mode 100644
index 0000000..07ffaf3
--- /dev/null
+++ b/patches/systemvm/debian/config/etc/iptables/rt_tables_init
@@ -0,0 +1,11 @@
+#
+# reserved values
+#
+255     local
+254     main
+253     default
+0       unspec
+#
+# local
+#
+#1      inr.ruhep