openstack
/
openstack-ansible-os_neutron
Code Issues Proposed changes

Add heat metadata checksum fix for AIO-type network config 

Port 8000 is the heat metadata url that some heat resources
use for running heat-related hooks inside an instance.
Without this rule communication between the instance and the
service will fail.

This patch adds the checksum fix to the script implemented
in https://review.openstack.org/326396

Change-Id: I4aaec3f2921c2341dfd57577995e32c9ef038f2c
This commit is contained in:
Jesse Pretorius 2017-01-20 14:07:04 +00:00 committed by Jesse Pretorius (odyssey4me)
parent 72f21662a2
commit 61b6782aaf
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
files/post-up-metadata-checksum
View File

@ -26,6 +26,9 @@ if [ ! -z "${IPTABLES}" ]; then
if ! ${IPTABLES} -C POSTROUTING -t mangle -p tcp --sport 80 -j CHECKSUM --checksum-fill 2> /dev/null; then
${IPTABLES} -A POSTROUTING -t mangle -p tcp --sport 80 -j CHECKSUM --checksum-fill
fi
if ! ${IPTABLES} -C POSTROUTING -t mangle -p tcp --sport 8000 -j CHECKSUM --checksum-fill 2> /dev/null; then
${IPTABLES} -A POSTROUTING -t mangle -p tcp --sport 8000 -j CHECKSUM --checksum-fill
fi
fi
# Ip6tables path, used for ipv6 firewall.
@ -34,4 +37,7 @@ if [ ! -z "${IP6TABLES}" ]; then
if ! ${IP6TABLES} -C POSTROUTING -t mangle -p udp --sport 80 -j CHECKSUM --checksum-fill 2> /dev/null; then
${IP6TABLES} -A POSTROUTING -t mangle -p udp --sport 80 -j CHECKSUM --checksum-fill
fi
if ! ${IP6TABLES} -C POSTROUTING -t mangle -p udp --sport 8000 -j CHECKSUM --checksum-fill 2> /dev/null; then
${IP6TABLES} -A POSTROUTING -t mangle -p udp --sport 8000 -j CHECKSUM --checksum-fill
fi
fi