weizhouapache commented on code in PR #6942:
URL: https://github.com/apache/cloudstack/pull/6942#discussion_r1044739740
##########
services/secondary-storage/server/src/main/java/org/apache/cloudstack/storage/resource/NfsSecondaryStorageResource.java:
##########
@@ -2234,15 +2234,21 @@ public String allowOutgoingOnPrivate(String destCidr) {
command.add("-c");
command.add("iptables -I OUTPUT -o " + intf + " -d " + destCidr + " -p
tcp -m state --state NEW -m tcp -j ACCEPT");
- String result = command.execute();
- if (result != null) {
- s_logger.warn("Error in allowing outgoing to " + destCidr + ",
err=" + result);
- return "Error in allowing outgoing to " + destCidr + ", err=" +
result;
+ String msg = null;
+ for (int retry = 3; retry > 0; retry--) {
+ String result = command.execute();
Review Comment:
@rohityadavcloud
understood, your code is good.
I just wondered if it works as you expected. Have you faced any issue with
it ? if you know how to reproduce the issue, we could verify if it is fixed by
your PR.
I did a small test with the iptables command . the output is always empty,
exit code is 0 or 2.
1. iptables command fails
```
[root@mgmt1 ~]# output=$(bash -c 'iptables -I OUTPUT -o eth1 -d
300.300.300.300/24 -p tcp -m state --state NEW -m tcp -j ACCEPT')
iptables v1.4.21: host/network `300.300.300.300' not found
Try `iptables -h' or 'iptables --help' for more information.
[root@mgmt1 ~]# echo $?
2
[root@mgmt1 ~]# echo $output
[root@mgmt1 ~]#
```
2. iptables command succeeds
```
[root@mgmt1 ~]# output=$(bash -c 'iptables -I OUTPUT -o eth1 -d
100.100.100.100/24 -p tcp -m state --state NEW -m tcp -j ACCEPT')
[root@mgmt1 ~]# echo $?
0
[root@mgmt1 ~]# echo $output
[root@mgmt1 ~]#
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
