summaryrefslogtreecommitdiffstats
path: root/patches/opnfv-fuel/0010-post-scripts-Allow-SSH-on-non-admin-ifaces.patch
diff options
context:
space:
mode:
Diffstat (limited to 'patches/opnfv-fuel/0010-post-scripts-Allow-SSH-on-non-admin-ifaces.patch')
-rw-r--r--patches/opnfv-fuel/0010-post-scripts-Allow-SSH-on-non-admin-ifaces.patch47
1 files changed, 0 insertions, 47 deletions
diff --git a/patches/opnfv-fuel/0010-post-scripts-Allow-SSH-on-non-admin-ifaces.patch b/patches/opnfv-fuel/0010-post-scripts-Allow-SSH-on-non-admin-ifaces.patch
deleted file mode 100644
index e098d47c..00000000
--- a/patches/opnfv-fuel/0010-post-scripts-Allow-SSH-on-non-admin-ifaces.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-Date: Tue, 12 Jul 2016 16:12:25 +0200
-Subject: [PATCH] post-scripts: Allow SSH on non-admin ifaces.
-
-By default, Fuel 9.0 configures iptables to only accept SSH connections
-on admin interface.
-
-If more than the admin interface is configured (e.g. by transplant script
-or manually in fuel menu), whitelist SSH connections on all ifaces.
-
-Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
----
- .../post-scripts/10_accept_ssh_all_ifaces.sh | 25 ++++++++++++++++++++++
- 1 file changed, 25 insertions(+)
- create mode 100755 build/f_isoroot/f_bootstrap/post-scripts/10_accept_ssh_all_ifaces.sh
-
-diff --git a/build/f_isoroot/f_bootstrap/post-scripts/10_accept_ssh_all_ifaces.sh b/build/f_isoroot/f_bootstrap/post-scripts/10_accept_ssh_all_ifaces.sh
-new file mode 100755
-index 0000000..b551516
---- /dev/null
-+++ b/build/f_isoroot/f_bootstrap/post-scripts/10_accept_ssh_all_ifaces.sh
-@@ -0,0 +1,25 @@
-+#/bin/sh
-+##############################################################################
-+# Copyright (c) 2016 Enea AB and others.
-+# Alexandru.Avadanii@enea.com
-+# All rights reserved. This program and the accompanying materials
-+# are made available under the terms of the Apache License, Version 2.0
-+# which accompanies this distribution, and is available at
-+# http://www.apache.org/licenses/LICENSE-2.0
-+##############################################################################
-+
-+# Only mess with iptables if we have additional interfaces configured
-+if grep -q "DEFROUTE=no" "/etc/sysconfig/network-scripts/ifcfg-eth0"; then
-+ echo "iptables: Allow SSH connections on all interfaces"
-+ # By default, Fuel 9.0 configures iptables to only accept SSH connections
-+ # on admin interface. Whitelist SSH connections on all ifaces.
-+ while [ $? -eq 0 ]; do
-+ # First, try removing the rule we want to add to prevent duplicates
-+ iptables -D INPUT -p tcp --dport ssh -j ACCEPT > /dev/null 2>&1;
-+ done
-+ iptables -A INPUT -p tcp --dport ssh -j ACCEPT
-+ service iptables save
-+ echo "iptables: Done configuring SSH"
-+else
-+ echo "iptables: Skipping configuring SSH for non-admin ifaces"
-+fi