summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTim Rozet <trozet@redhat.com>2016-07-01 16:55:11 -0400
committerTim Rozet <trozet@redhat.com>2016-07-01 16:55:11 -0400
commit8c00e9378e4d680b9db8b1fd08d5c72fd1604864 (patch)
tree8f22aa80f10790c2983bbc65209b5b51aab7b728
parentdeef9dc543191e396e264637956fb9da353c05f0 (diff)
Apex, Functest: Fixes iptables rule
Something in Apex is pushing the RETURN rule down the chain, and adding REJECT reject-with icmp-port-unreachable. This enhances the check to make sure not only does the rule exist, but it is at the top of the chain. Change-Id: I527bc45c30008aaf30d5bc9e1d474a14065b3fdf Signed-off-by: Tim Rozet <trozet@redhat.com>
-rwxr-xr-xjjb/functest/set-functest-env.sh2
1 files changed, 1 insertions, 1 deletions
diff --git a/jjb/functest/set-functest-env.sh b/jjb/functest/set-functest-env.sh
index 3cbb4a515..d2e232de5 100755
--- a/jjb/functest/set-functest-env.sh
+++ b/jjb/functest/set-functest-env.sh
@@ -37,7 +37,7 @@ elif [[ ${INSTALLER_TYPE} == 'joid' ]]; then
fi
# Set iptables rule to allow forwarding return traffic for container
-if ! sudo iptables -C FORWARD -j RETURN 2> ${redirect}; then
+if ! sudo iptables -C FORWARD -j RETURN 2> ${redirect} || ! sudo iptables -L FORWARD | awk 'NR==3' | grep RETURN 2> ${redirect}; then
sudo iptables -I FORWARD -j RETURN
fi