[GitHub] cloudstack pull request: RFC: improve iptables persistent on VR

[resmo]

GitHub user resmo opened a pull request:

    https://github.com/apache/cloudstack/pull/178

    RFC: improve iptables persistent on VR

    Iptables rules were loaded in `iptables-persistent` service during boot.  
So the first try was to save them where `iptables-persistent` reads them in 
/etc/iptables/rules.v4 / .v6.
    
    The problem was, that the service `cloud-early-config` resets  
/etc/iptables/rules.v4 / .v6 to the setup state. So even if you save iptables 
rules, they were overwritten during boot.
    
    That is why a fix was made in 2fad87d to workaround the problem.
    
    I reverted the workaround and made sure /etc/iptables/rules.v4 / .v6. won't 
get overwritten by  `cloud-early-config`
    
    Signed-off-by: Rene Moser <re...@apache.org>

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/resmo/cloudstack fix/iptables-persistent

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cloudstack/pull/178.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #178
    
----
commit 1740c15b6b212318c8dccd0db87c273d845883ef
Author: Rene Moser <re...@apache.org>
Date:   2015-04-17T09:17:11Z

    Revert "Make the routers persistent"
    
    This reverts commit 2fad87d3f3fec380ba5d595ee95f5caa88b37ee8.

commit cc2fc0a63fd496b816a3540463903ba21988f9d6
Author: Rene Moser <re...@apache.org>
Date:   2015-04-17T09:37:43Z

    make iptables persistent on VR
    
    Iptables rules were loaded in `iptables-persistent` service during boot.  
So the first try was to save them where `iptables-persistent` reads them in 
/etc/iptables/rules.v4 / .v6.
    
    The problem was, that the service `cloud-early-config` resets  
/etc/iptables/rules.v4 / .v6 to the setup state. So even if you save iptables 
rules, they were overwritten during boot.
    
    That is why a fix was made in 2fad87d3f3fec380ba5d595ee95f5caa88b37ee8 to 
workaround the problem.
    
    I reverted the workaround and made sure /etc/iptables/rules.v4 / .v6. won't 
get overwritten by  `cloud-early-config`
    
    Signed-off-by: Rene Moser <re...@apache.org>

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---