[node-patches] Change in ovirt-node[node-3.0]: Insert iptables rules, don't append them
fabiand at fedoraproject.org
fabiand at fedoraproject.org
Mon Apr 28 12:57:39 UTC 2014
Hello Ryan Barry,
I'd like you to do a code review. Please visit
http://gerrit.ovirt.org/27146
to review the following change.
Change subject: Insert iptables rules, don't append them
......................................................................
Insert iptables rules, don't append them
Since the last rule set it to REJECT everything which hasn't
previously matched, appending rules after that does not work. We
should put them at the top instead.
Change-Id: If2a7ae8f94f192c953fced52693cffba680affc3
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1064255
Signed-off-by: Ryan Barry <rbarry at redhat.com>
---
M src/ovirtnode/ovirtfunctions.py
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/46/27146/1
diff --git a/src/ovirtnode/ovirtfunctions.py b/src/ovirtnode/ovirtfunctions.py
index 0369cbc..f232f1a 100644
--- a/src/ovirtnode/ovirtfunctions.py
+++ b/src/ovirtnode/ovirtfunctions.py
@@ -1725,7 +1725,7 @@
def manage_firewall_port(port, action="open", proto="tcp"):
if action == "open":
- opt = "-A"
+ opt = "-I"
logger.info("Opening port " + port)
elif action == "close":
opt = "-D"
--
To view, visit http://gerrit.ovirt.org/27146
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: If2a7ae8f94f192c953fced52693cffba680affc3
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: node-3.0
Gerrit-Owner: Fabian Deutsch <fabiand at fedoraproject.org>
Gerrit-Reviewer: Ryan Barry <rbarry at redhat.com>
More information about the node-patches
mailing list