You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by nv...@apache.org on 2022/04/12 16:26:57 UTC

[cloudstack] branch 4.16 updated: VR: add rules for traffic between static nat and private gateway static routes (#6153)

This is an automated email from the ASF dual-hosted git repository.

nvazquez pushed a commit to branch 4.16
in repository https://gitbox.apache.org/repos/asf/cloudstack.git


The following commit(s) were added to refs/heads/4.16 by this push:
     new 19a7774cab3 VR: add rules for traffic between static nat and private gateway static routes (#6153)
19a7774cab3 is described below

commit 19a7774cab344d4b4ded32722a64f23fd1485c7b
Author: Wei Zhou <we...@apache.org>
AuthorDate: Tue Apr 12 18:26:51 2022 +0200

    VR: add rules for traffic between static nat and private gateway static routes (#6153)
---
 systemvm/debian/opt/cloud/bin/configure.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/systemvm/debian/opt/cloud/bin/configure.py b/systemvm/debian/opt/cloud/bin/configure.py
index 940a3b2e74d..d9b779d7fa6 100755
--- a/systemvm/debian/opt/cloud/bin/configure.py
+++ b/systemvm/debian/opt/cloud/bin/configure.py
@@ -852,6 +852,20 @@ class CsForwardingRules(CsDataBag):
                 interfaces.append(interface)
         return interfaces
 
+    def getStaticRoutes(self):
+        static_routes = CsStaticRoutes("staticroutes", self.config)
+        routes = []
+        if not static_routes:
+            return routes
+        for item in static_routes.get_bag():
+            if item == "id":
+                continue
+            static_route = static_routes.get_bag()[item]
+            if static_route['revoke']:
+                continue
+            routes.append(static_route)
+        return routes
+
     def portsToString(self, ports, delimiter):
         ports_parts = ports.split(":", 2)
         if ports_parts[0] == ports_parts[1]:
@@ -997,6 +1011,10 @@ class CsForwardingRules(CsDataBag):
         for private_gw in private_gateways:
             self.fw.append(["mangle", "front", "-A %s -d %s -j RETURN" %
                             (chain_name, private_gw.get_network())])
+        static_routes = self.getStaticRoutes()
+        for static_route in static_routes:
+            self.fw.append(["mangle", "front", "-A %s -d %s -j RETURN" %
+                            (chain_name, static_route['network'])])
 
         self.fw.append(["nat", "front",
                         "-A PREROUTING -d %s/32 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])