Ryan Barry has uploaded a new change for review. Change subject: Insert iptables rules, don't append them ......................................................................
Insert iptables rules, don't append them Since the last rule set it to REJECT everything which hasn't previously matched, appending rules after that does not work. We should put them at the top instead. Change-Id: If2a7ae8f94f192c953fced52693cffba680affc3 Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1064255 Signed-off-by: Ryan Barry <[email protected]> --- M src/ovirtnode/ovirtfunctions.py 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/98/25098/1 diff --git a/src/ovirtnode/ovirtfunctions.py b/src/ovirtnode/ovirtfunctions.py index 40fba45..d634068 100644 --- a/src/ovirtnode/ovirtfunctions.py +++ b/src/ovirtnode/ovirtfunctions.py @@ -1725,7 +1725,7 @@ def manage_firewall_port(port, action="open", proto="tcp"): if action == "open": - opt = "-A" + opt = "-I" logger.info("Opening port " + port) elif action == "close": opt = "-D" -- To view, visit http://gerrit.ovirt.org/25098 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If2a7ae8f94f192c953fced52693cffba680affc3 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: master Gerrit-Owner: Ryan Barry <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
