KVM security bug: no forwarding rule applied (cherry picked from commit e5c391fcf3852e50ebd99d4a72fd51d1753b05eb)
Signed-off-by: Animesh Chaturvedi <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/7b32e3da Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/7b32e3da Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/7b32e3da Branch: refs/heads/4.3 Commit: 7b32e3da2d1fa2b08fec929252d15a36dd57bdd1 Parents: cd2ba90 Author: Edison Su <[email protected]> Authored: Fri Mar 14 14:40:48 2014 -0700 Committer: Animesh Chaturvedi <[email protected]> Committed: Mon Mar 17 16:21:12 2014 -0700 ---------------------------------------------------------------------- scripts/vm/network/security_group.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7b32e3da/scripts/vm/network/security_group.py ---------------------------------------------------------------------- diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py index 1d94de3..704b279 100755 --- a/scripts/vm/network/security_group.py +++ b/scripts/vm/network/security_group.py @@ -978,7 +978,7 @@ def addFWFramework(brname): execute("iptables -N " + brfwin) try: - refs = execute("""iptables -n -L " + brfw + " | awk '/%s(.*)references/ {gsub(/\(/, "") ;print $3}'""" % brfw).strip() + refs = execute("""iptables -n -L %s | awk '/%s(.*)references/ {gsub(/\(/, "") ;print $3}'""" % (brfw,brfw)).strip() if refs == "0": execute("iptables -I FORWARD -i " + brname + " -j DROP") execute("iptables -I FORWARD -o " + brname + " -j DROP")
