Merge "Remove hardcoded libvirt default network iptalbes rules"

2017-05-24 01:20:22 +00:00 · 2017-05-24 01:20:22 +00:00 · f50ecef245
parent 918940b0d2 9261a868b6
commit f50ecef245
2 changed files with 0 additions and 6 deletions
--- a/elements/puppet-stack-config/puppet-stack-config.yaml.template
+++ b/elements/puppet-stack-config/puppet-stack-config.yaml.template
@ -966,10 +966,6 @@ tripleo::firewall::firewall_rules:
  '140 network cidr nat':
    chain: FORWARD
    destination: {{NETWORK_CIDR}}
-  # TODO: Do we still want this?
-  '141 libvirt network nat':
-    chain: FORWARD
-    destination: 192.168.122.0/24
  '142 tripleo-ui':
    dport:
      - 3000
--- a/elements/undercloud-install/os-apply-config/var/opt/undercloud-stack/masquerade
+++ b/elements/undercloud-install/os-apply-config/var/opt/undercloud-stack/masquerade
@ -7,8 +7,6 @@ iptables -w -t nat -N BOOTSTACK_MASQ_NEW
 # Build the chain we want.
 {{#masquerade_networks}}
 NETWORK={{.}}
-# Workaround iptables not permitting two -d parameters in one call.
-iptables -w -t nat -A BOOTSTACK_MASQ_NEW -s $NETWORK -d 192.168.122.1 -j RETURN
 iptables -w -t nat -A BOOTSTACK_MASQ_NEW -s $NETWORK ! -d $NETWORK -j MASQUERADE
 {{/masquerade_networks}}
 # Link it in.