Repository: cloudstack Updated Branches: refs/heads/4.8 62f218b7b -> 8c60ad214
More VR performance! Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/3eceb60f Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/3eceb60f Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/3eceb60f Branch: refs/heads/4.8 Commit: 3eceb60f5ca8b86b3308243ae2905bbfbd54bc39 Parents: 73c0242 Author: Boris Schrijver <bschrij...@schubergphilis.com> Authored: Wed Jan 20 13:34:09 2016 +0100 Committer: Boris Schrijver <bschrij...@schubergphilis.com> Committed: Thu Jan 21 11:51:03 2016 +0100 ---------------------------------------------------------------------- .../debian/config/opt/cloud/bin/configure.py | 51 +++++++++----------- 1 file changed, 24 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3eceb60f/systemvm/patches/debian/config/opt/cloud/bin/configure.py ---------------------------------------------------------------------- diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py index 8d00bdf..ac773a5 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py @@ -939,26 +939,6 @@ def main(argv): metadata = CsVmMetadata('vmdata', config) metadata.process() - # Always run both CsAcl().process() methods - # They fill the base rules in config.fw[] - acls = CsAcl('networkacl', config) - acls.process() - - acls = CsAcl('firewallrules', config) - acls.process() - - fwd = CsForwardingRules("forwardingrules", config) - fwd.process() - - vpns = CsSite2SiteVpn("site2sitevpn", config) - vpns.process() - - rvpn = CsRemoteAccessVpn("remoteaccessvpn", config) - rvpn.process() - - lb = CsLoadBalancer("loadbalancer", config) - lb.process() - if process_file in ["cmd_line.json", "network_acl.json"]: logging.debug("Configuring networkacl") iptables_change = True @@ -1000,10 +980,34 @@ def main(argv): # If iptable rules have changed, apply them. if iptables_change: + acls = CsAcl('networkacl', config) + acls.process() + + acls = CsAcl('firewallrules', config) + acls.process() + + fwd = CsForwardingRules("forwardingrules", config) + fwd.process() + + vpns = CsSite2SiteVpn("site2sitevpn", config) + vpns.process() + + rvpn = CsRemoteAccessVpn("remoteaccessvpn", config) + rvpn.process() + + lb = CsLoadBalancer("loadbalancer", config) + lb.process() + logging.debug("Configuring iptables rules") nf = CsNetfilters() nf.compare(config.get_fw()) + logging.debug("Configuring iptables rules done ...saving rules") + + # Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local + CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4") + CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6") + red = CsRedundant(config) red.set() @@ -1012,12 +1016,5 @@ def main(argv): static_routes = CsStaticRoutes("staticroutes", config) static_routes.process() - if iptables_change: - logging.debug("Configuring iptables rules done ...saving rules") - - # Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local - CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4") - CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6") - if __name__ == "__main__": main(sys.argv)
