File tree Expand file tree Collapse file tree 2 files changed +6
-3
lines changed
systemvm/debian/opt/cloud/bin Expand file tree Collapse file tree 2 files changed +6
-3
lines changed Original file line number Diff line number Diff line change @@ -181,19 +181,22 @@ def add_rule(self):
181181
182182 if self .direction == 'ingress' :
183183 for cidr in self .rule ['cidr' ]:
184+ action = self .rule ['action' ]
185+ if action == "ACCEPT" :
186+ action = "RETURN"
184187 if rule ['protocol' ] == "icmp" :
185188 self .fw .append (["mangle" , "front" ,
186189 " -A FIREWALL_%s" % self .ip +
187190 " -s %s " % cidr +
188191 " -p %s " % rule ['protocol' ] +
189- " --icmp-type %s -j %s" % (icmp_type , self . rule [ ' action' ] )])
192+ " --icmp-type %s -j %s" % (icmp_type , action )])
190193 else :
191194 self .fw .append (["mangle" , "front" ,
192195 " -A FIREWALL_%s" % self .ip +
193196 " -s %s " % cidr +
194197 " -p %s " % rule ['protocol' ] +
195198 " -m %s " % rule ['protocol' ] +
196- " %s -j %s" % (rnge , self . rule [ ' action' ] )])
199+ " %s -j %s" % (rnge , action )])
197200
198201 sflag = False
199202 dflag = False
Original file line number Diff line number Diff line change @@ -423,7 +423,7 @@ def fw_router(self):
423423 "-d %s/32 -j FIREWALL_%s" % (self .address ['public_ip' ], self .address ['public_ip' ])])
424424 self .fw .append (["mangle" , "front" ,
425425 "-A FIREWALL_%s " % self .address ['public_ip' ] +
426- "-m state --state RELATED,ESTABLISHED -j ACCEPT " ])
426+ "-m state --state RELATED,ESTABLISHED -j RETURN " ])
427427 self .fw .append (["mangle" , "" ,
428428 "-A FIREWALL_%s -j DROP" % self .address ['public_ip' ]])
429429 self .fw .append (["mangle" , "" ,
You can’t perform that action at this time.
0 commit comments