Merge "remove the forward reject rule of iptables"

author: shuai chen <chenshuai@huawei.com> 2015-12-29 01:45:47 +0000
committer: Gerrit Code Review <gerrit@172.30.200.206> 2015-12-29 01:45:48 +0000
commit: ff1f58c46f35acad2c0ecb16b700d2784a653286 (patch)
tree: 558f37df8bcd6335d081512e9deec80c9a58b64b /deploy/network.sh
parent: 572e5d4727ab009e3b5411686422a373d601883f (diff)
parent: 73fcc70c718155dd91c592e09946ee4e15630e85 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/deploy/network.sh b/deploy/network.sh
index 836af0f9..c6d0df5d 100755
--- a/deploy/network.sh
+++ b/deploy/network.sh
@@ -1,4 +1,9 @@
 
+function clear_forward_rejct_rules()
+{
+    while sudo iptables -nL FORWARD --line-number|grep -E 'REJECT +all +-- +0.0.0.0/0 +0.0.0.0/0 +reject-with icmp-port-unreachable'|head -1|awk '{print $1}'|xargs sudo iptables -D FORWARD; do :; done
+}
+
 function setup_bridge_net()
 {
     net_name=$1
@@ -89,4 +94,5 @@ function create_nets() {
 
     # create external network
     setup_bridge_external
+    clear_forward_rejct_rules
 }
author	shuai chen <chenshuai@huawei.com>	2015-12-29 01:45:47 +0000
committer	Gerrit Code Review <gerrit@172.30.200.206>	2015-12-29 01:45:48 +0000
commit	ff1f58c46f35acad2c0ecb16b700d2784a653286 (patch)
tree	558f37df8bcd6335d081512e9deec80c9a58b64b /deploy/network.sh
parent	572e5d4727ab009e3b5411686422a373d601883f (diff)
parent	73fcc70c718155dd91c592e09946ee4e15630e85 (diff)