[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 1/5] hotplug/linux: Fix the vif script to handle_iptable for tap interfaces
The TAP interfaces need the same iptables rules as the VIF, without it, traffic will not be forwarded to/from them is the default FORWARD policy is DROP/REJECT Signed-off-by: Sylvain Munaut <s.munaut@xxxxxxxxxxxxxxxxxxxx> --- tools/hotplug/Linux/vif-bridge | 4 +--- tools/hotplug/Linux/vif-common.sh | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/tools/hotplug/Linux/vif-bridge b/tools/hotplug/Linux/vif-bridge index b7dcbd6..df44789 100644 --- a/tools/hotplug/Linux/vif-bridge +++ b/tools/hotplug/Linux/vif-bridge @@ -97,9 +97,7 @@ case "$command" in ;; esac -if [ "$type_if" = vif ]; then - handle_iptable -fi +handle_iptable call_hooks vif post diff --git a/tools/hotplug/Linux/vif-common.sh b/tools/hotplug/Linux/vif-common.sh index 73ee241..28ddae5 100644 --- a/tools/hotplug/Linux/vif-common.sh +++ b/tools/hotplug/Linux/vif-common.sh @@ -123,7 +123,7 @@ ip=$(xenstore_read_default "$XENBUS_PATH/ip" "$ip") frob_iptable() { - if [ "$command" == "online" ] + if [ "$command" == "online" -o "$command" == "add" ] then local c="-I" else @@ -135,7 +135,7 @@ frob_iptable() iptables "$c" FORWARD -m physdev --physdev-is-bridged --physdev-out "$dev" \ -j ACCEPT 2>/dev/null - if [ "$command" == "online" -a $? -ne 0 ] + if [ \( "$command" == "online" -o "$command" == "add" \) -a $? -ne 0 ] then log err "iptables setup failed. This may affect guest networking." fi -- 1.7.10.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |