[
https://issues.apache.org/jira/browse/VCL-1031?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16022036#comment-16022036
]
ASF subversion and git services commented on VCL-1031:
------------------------------------------------------
Commit 1795977 from [email protected] in branch 'vcl/trunk'
[ https://svn.apache.org/r1795977 ]
VCL-1049
Added subroutines:
* iptables.pm::nat_delete_orphaned_reservation_chains
* iptables.pm::get_table_chain_names
* utils.pm::get_all_reservation_ids
VCL-1031
Updated regex's in iptables.pm::get_table_info to detect exclamation marks
enclosed in single quotes, as may be returned by 'firewall-cmd --permanent
--direct --get-all-rules'. The quotes were throwing off the detection of a
MASQERADE rule when a CentOS 7/firewalld host is used as a NAT host.
Commented out some notify messages in iptables.pm and firewalld.pm which were
generating a lot of noise.
> Update iptables.pm to be used for all iptables configuration
> ------------------------------------------------------------
>
> Key: VCL-1031
> URL: https://issues.apache.org/jira/browse/VCL-1031
> Project: VCL
> Issue Type: Improvement
> Components: vcld (backend)
> Reporter: Andy Kurth
> Assignee: Andy Kurth
> Fix For: 2.5
>
>
> The iptables.pm module was created when the NAT functionality was added. Up
> to this point, it is only being used to configure the firewall on the NAT
> host. The Linux OS modules are still used to configure iptables. With the
> addition of firewalld (VCL-972) and ufw (VCL-971), all of the Linux firewall
> code should be pulled out of the main OS module and into the dedicated file.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
