aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Anderson <sontek@gmail.com>2015-12-28 15:10:29 +0800
committercarey.xu <carey.xuhan@huawei.com>2015-12-29 08:38:57 +0800
commit73fcc70c718155dd91c592e09946ee4e15630e85 (patch)
tree7c6208a53b75fb0716679ffe173e91e2636f2501
parentc1f8ed8e836fb05eec5814e1a721352e64bc84d0 (diff)
remove the forward reject rule of iptables
* Functest's testcase running in the docker, and need access openstack's network. But the libvirt nat networks will create forward iptable rules, which reject the connection from the docker. Change-Id: Id0122879aa133ccb81a0bba1ea8d06ac36a65290 Author: carey.xu<carey.xuhan@huawei.com> Signed-off-by: carey.xu <carey.xuhan@huawei.com>
-rwxr-xr-xdeploy/network.sh6
1 files changed, 6 insertions, 0 deletions
diff --git a/deploy/network.sh b/deploy/network.sh
index 836af0f9..c6d0df5d 100755
--- a/deploy/network.sh
+++ b/deploy/network.sh
@@ -1,4 +1,9 @@
+function clear_forward_rejct_rules()
+{
+ while sudo iptables -nL FORWARD --line-number|grep -E 'REJECT +all +-- +0.0.0.0/0 +0.0.0.0/0 +reject-with icmp-port-unreachable'|head -1|awk '{print $1}'|xargs sudo iptables -D FORWARD; do :; done
+}
+
function setup_bridge_net()
{
net_name=$1
@@ -89,4 +94,5 @@ function create_nets() {
# create external network
setup_bridge_external
+ clear_forward_rejct_rules
}