openstack
/
instack-undercloud
Code Issues Proposed changes

Remove hardcoded eth0 MASQUERADE rule 

Any data that should be masqueraded will be masqueraded
by the following rule which is earlier in the chain.

  iptables -t nat-A BOOTSTACK_MASQ_NEW -s $NETWORK ! -d $NETWORK -j MASQUERADE

Closes-Bug: #1690584
Change-Id: Ic30b24959ca3259974160abcfa213e6a14c953f5
(cherry picked from commit 333ca292fc)
This commit is contained in:
Harald Jensas 2017-05-14 16:55:50 +02:00 committed by Emilien Macchi
parent a32574baa5
commit 2849da2b6f
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
elements/undercloud-install/os-apply-config/var/opt/undercloud-stack/masquerade
View File

@ -10,7 +10,6 @@ NETWORK={{.}}
# Workaround iptables not permitting two -d parameters in one call.
iptables -w -t nat -A BOOTSTACK_MASQ_NEW -s $NETWORK -d 192.168.122.1 -j RETURN
iptables -w -t nat -A BOOTSTACK_MASQ_NEW -s $NETWORK ! -d $NETWORK -j MASQUERADE
iptables -w -t nat -A POSTROUTING -s $NETWORK -o eth0 -j MASQUERADE
{{/masquerade_networks}}
# Link it in.
iptables -w -t nat -I POSTROUTING -j BOOTSTACK_MASQ_NEW