Skip to content

Commit 0618754

Browse files
ustcweizhouustcweizhou
committed
bugfix apache#7 vpc vr: allow servers in private gateway to reach internet via the VPC VR if it is gateway
1 parent 47b1a76 commit 0618754

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

systemvm/debian/opt/cloud/bin/cs/CsAddress.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -492,6 +492,10 @@ def fw_vpcrouter(self):
492492
self.fw.append(["nat", "front",
493493
"-A POSTROUTING -o %s -j SNAT --to-source %s" %
494494
(self.dev, self.address['public_ip'])])
495+
if self.get_gateway() == self.get_ip_address():
496+
# Accept packet from private gateway if VPC VR is used as gateway
497+
self.fw.append(["filter", "", "-A FORWARD -s %s ! -d %s -j ACCEPT" %
498+
(self.address['network'], self.address['network'])])
495499

496500
if self.get_type() in ["public"]:
497501
self.fw.append(

0 commit comments

Comments
 (0)