diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-12-17 19:17:59 +0100 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-12-17 19:17:59 +0100 |
commit | 59163643073370c58a201b45c0e1dd5556e2b0f6 (patch) | |
tree | 952d89ceea3d2c5eb86ec41a7542071446e6481b | |
parent | 512968e7b23a077b7396e494624c94468afe9e38 (diff) |
[mas01] Fix iptables pillar compatibility format
Sync our reclass pillar data for mas01's iptables with latest formula
changes [1].
[1] https://github.com/salt-formulas/salt-formula-iptables/commit/e353ce3c
Change-Id: I66b2a75066ed512ab5ab4cc213d13d15c5c8cc7f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-rw-r--r-- | mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 | 42 |
1 files changed, 25 insertions, 17 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 index ee1d247ad..4b11478e4 100644 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 @@ -148,21 +148,29 @@ parameters: netmask: ${_param:opnfv_net_admin_mask} type: eth iptables: + schema: + epoch: 1 service: - enabled: True - chain: - POSTROUTING: - rules: - - table: nat - source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}' - jump: MASQUERADE - INPUT: - rules: - - table: filter - source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}' - jump: ACCEPT - INPUT: - rules: - - table: filter - destination_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}' - jump: ACCEPT + v4: + enabled: true + persistent_config: /etc/iptables/rules.v4 + v6: + enabled: false + tables: + v4: + filter: + chains: + INPUT: + ruleset: + 10: + rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask} + 11: + rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask} + nat: + chains: + POSTROUTING: + policy: ACCEPT + ruleset: + 10: + rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask} + action: MASQUERADE |