[mas01] Fix iptables pillar compatibility format

Sync our reclass pillar data for mas01's iptables with latest formula changes [1]. [1] https://github.com/salt-formulas/salt-formula-iptables/commit/e353ce3c Change-Id: I66b2a75066ed512ab5ab4cc213d13d15c5c8cc7f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
author: Alexandru Avadanii <Alexandru.Avadanii@enea.com> 2018-12-17 19:17:59 +0100
committer: Alexandru Avadanii <Alexandru.Avadanii@enea.com> 2018-12-17 19:17:59 +0100
commit: 59163643073370c58a201b45c0e1dd5556e2b0f6 (patch)
tree: 952d89ceea3d2c5eb86ec41a7542071446e6481b /mcp/reclass/classes/cluster
parent: 512968e7b23a077b7396e494624c94468afe9e38 (diff)
1 files changed, 25 insertions, 17 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
index ee1d247ad..4b11478e4 100644
--- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
+++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
@@ -148,21 +148,29 @@ parameters:
           netmask: ${_param:opnfv_net_admin_mask}
           type: eth
   iptables:
+    schema:
+      epoch: 1
     service:
-      enabled: True
-      chain:
-        POSTROUTING:
-          rules:
-            - table: nat
-              source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
-              jump: MASQUERADE
-        INPUT:
-          rules:
-            - table: filter
-              source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
-              jump: ACCEPT
-        INPUT:
-          rules:
-            - table: filter
-              destination_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
-              jump: ACCEPT
+      v4:
+        enabled: true
+        persistent_config: /etc/iptables/rules.v4
+      v6:
+        enabled: false
+    tables:
+      v4:
+        filter:
+          chains:
+            INPUT:
+              ruleset:
+                10:
+                  rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
+                11:
+                  rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask}
+        nat:
+          chains:
+            POSTROUTING:
+              policy: ACCEPT
+              ruleset:
+                10:
+                  rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
+                  action: MASQUERADE
author	Alexandru Avadanii <Alexandru.Avadanii@enea.com>	2018-12-17 19:17:59 +0100
committer	Alexandru Avadanii <Alexandru.Avadanii@enea.com>	2018-12-17 19:17:59 +0100
commit	59163643073370c58a201b45c0e1dd5556e2b0f6 (patch)
tree	952d89ceea3d2c5eb86ec41a7542071446e6481b /mcp/reclass/classes/cluster
parent	512968e7b23a077b7396e494624c94468afe9e38 (diff)