Set ufw default policy for routed and outgoing

The charm neglected to set default policy for routed which cases applications deployed to containers to fail to deploy. This change explicitly sets default policy allow for routed and outgoing. Closes-Bug: #1747032 Change-Id: I440e5e040ad433bf0cf6c4ce99439da456476914
2018-02-02 07:57:19 -08:00 · 2018-02-02 07:57:19 -08:00 · 6c549d8018
parent af2eaad19b
commit 6c549d8018
1 changed files with 2 additions and 0 deletions
--- a/hooks/swift_storage_hooks.py
+++ b/hooks/swift_storage_hooks.py
@ -99,6 +99,8 @@ def initialize_ufw():
    # this charm will monitor exclusively the ports used, using 'allow' as
    # default policy enables sharing the machine with other services
    ufw.default_policy('allow', 'incoming')
+    ufw.default_policy('allow', 'outgoing')
+    ufw.default_policy('allow', 'routed')
    # Rsync manages its own ACLs
    ufw.service('rsync', 'open')
    # Guarantee SSH access