[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Ovirt-devel] [PATCH]: Remove bogus iptables physdev iptables rule in ovirt init script



Chris Lalancette wrote:
    Remove the setting up of the physdev-is-bridged rule in the ovirt init script.
    This is now being properly handled by the ovirt-host-creator %post section.
Signed-off-by: Chris Lalancette <clalance redhat com>

ACK. For times when the ovirt-node is 'installed' on bare-metal F9, we'll have to provide an easy way for setting up bridges though which will include adding this iptables rule.

Perry

diff --git a/ovirt-managed-node/scripts/ovirt b/ovirt-managed-node/scripts/ovirt
index ba1f20c..232da49 100644
--- a/ovirt-managed-node/scripts/ovirt
+++ b/ovirt-managed-node/scripts/ovirt
@@ -11,10 +11,6 @@
 . /etc/init.d/ovirt-functions
start() {
-    # Regardless of how iptables is configured, we always need the physdev bridge,
-    # and it needs to be at the front of the forward chain
-    iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
-
     krb5_conf=/etc/krb5.conf
     krb5_tab=/etc/libvirt/krb5.tab
     # retrieve config from local oVirt partition if available

_______________________________________________
Ovirt-devel mailing list
Ovirt-devel redhat com
https://www.redhat.com/mailman/listinfo/ovirt-devel

--
|=-        Red Hat, Engineering, Emerging Technologies, Boston        -=|
|=-                     Email: pmyers redhat com                      -=|
|=-         Office: +1 412 474 3552   Mobile: +1 703 362 9622         -=|
|=- GnuPG: E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]