diff options
author | Tim Rozet <trozet@redhat.com> | 2016-07-01 16:55:11 -0400 |
---|---|---|
committer | Tim Rozet <trozet@redhat.com> | 2016-07-01 16:55:11 -0400 |
commit | 8c00e9378e4d680b9db8b1fd08d5c72fd1604864 (patch) | |
tree | 8f22aa80f10790c2983bbc65209b5b51aab7b728 | |
parent | deef9dc543191e396e264637956fb9da353c05f0 (diff) |
Apex, Functest: Fixes iptables rule
Something in Apex is pushing the RETURN rule down the chain, and adding
REJECT reject-with icmp-port-unreachable. This enhances the check to
make sure not only does the rule exist, but it is at the top of the
chain.
Change-Id: I527bc45c30008aaf30d5bc9e1d474a14065b3fdf
Signed-off-by: Tim Rozet <trozet@redhat.com>
-rwxr-xr-x | jjb/functest/set-functest-env.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/jjb/functest/set-functest-env.sh b/jjb/functest/set-functest-env.sh index 3cbb4a515..d2e232de5 100755 --- a/jjb/functest/set-functest-env.sh +++ b/jjb/functest/set-functest-env.sh @@ -37,7 +37,7 @@ elif [[ ${INSTALLER_TYPE} == 'joid' ]]; then fi # Set iptables rule to allow forwarding return traffic for container -if ! sudo iptables -C FORWARD -j RETURN 2> ${redirect}; then +if ! sudo iptables -C FORWARD -j RETURN 2> ${redirect} || ! sudo iptables -L FORWARD | awk 'NR==3' | grep RETURN 2> ${redirect}; then sudo iptables -I FORWARD -j RETURN fi |