[16/51] [abbrv] git commit: VPC : revert iptables-router

Fri, 15 Jun 2012 15:38:08 -0700 

VPC : revert iptables-router


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/c7e440a1
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/c7e440a1
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/c7e440a1

Branch: refs/heads/vpc
Commit: c7e440a1ded8c722fd42d1859054bc2c7308f6b3
Parents: fb7fc6f
Author: anthony <[email protected]>
Authored: Mon Jun 11 17:44:26 2012 -0700
Committer: Alena Prokharchyk <[email protected]>
Committed: Fri Jun 15 14:30:23 2012 -0700

----------------------------------------------------------------------
 .../debian/config/etc/iptables/iptables-router     |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/c7e440a1/patches/systemvm/debian/config/etc/iptables/iptables-router
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-router 
b/patches/systemvm/debian/config/etc/iptables/iptables-router
index 193d54f..e1972e3 100644
--- a/patches/systemvm/debian/config/etc/iptables/iptables-router
+++ b/patches/systemvm/debian/config/etc/iptables/iptables-router
@@ -10,9 +10,20 @@ COMMIT
 -A INPUT -d 224.0.0.18/32 -j ACCEPT
 -A INPUT -d 225.0.0.50/32 -j ACCEPT
 -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
 -A INPUT -i lo -j ACCEPT
--A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
+-A INPUT -i eth0 -p udp -m udp --dport 67 -j ACCEPT
+-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT
+-A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
+-A INPUT -i eth0 -p tcp -m state --state NEW --dport 8080 -j ACCEPT
+-A INPUT -i eth0 -p tcp -m state --state NEW --dport 80 -j ACCEPT
+-A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A FORWARD -i eth0 -o eth2 -j ACCEPT
+-A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A FORWARD -i eth0 -o eth0 -m state --state NEW -j ACCEPT
+-A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
 COMMIT
 *mangle
 :PREROUTING ACCEPT [0:0]

Reply via email to