weizhouapache commented on code in PR #9552:
URL: https://github.com/apache/cloudstack/pull/9552#discussion_r1768085678
##########
systemvm/debian/opt/cloud/bin/cs/CsAddress.py:
##########
@@ -693,11 +693,8 @@ def post_config_change(self, method):
vpccidr = cmdline.get_vpccidr()
self.fw.append(
["filter", 3, "-A FORWARD -s %s ! -d %s -j ACCEPT" %
(vpccidr, vpccidr)])
- self.fw.append(
- ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s"
% (self.dev, self.address['public_ip'])])
- elif cmdline.get_source_nat_ip() and not self.is_private_gateway():
- self.fw.append(
- ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s"
% (self.dev, cmdline.get_source_nat_ip())])
+ self.fw.append(
Review Comment:
@DaanHoogland
to be clear, we need a rule for each public NIC, for example
```
-A POSTROUTING -j SNAT -o eth1 --to-source <source nat IP> # this is for
source nat NIC
-A POSTROUTING -j SNAT -o eth5 --to-source <first public IP on eth5> #
this is for additional public NIC
```
If I understand correctly, for the current changes , the rules are for
example,
```
-A POSTROUTING -j SNAT -o eth1 --to-source <source nat IP> # this is for
source nat NIC
-A POSTROUTING -j SNAT -o eth1 --to-source <second IP on source nat NIC>
# this is for source nat NIC
-A POSTROUTING -j SNAT -o eth1 --to-source <third IP on source nat NIC> #
this is for source nat NIC
-A POSTROUTING -j SNAT -o eth5 --to-source <first public IP on eth5> #
this is for additional public NIC
-A POSTROUTING -j SNAT -o eth5 --to-source <second public IP on eth5> #
this is for additional public NIC
-A POSTROUTING -j SNAT -o eth5 --to-source <third public IP on eth5> #
this is for additional public NIC
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
