device = ip_lib.IPDevice(rtr_2_fip_name, namespace=ri.ns_name)
device.route.add_gateway(str(fip_2_rtr.ip), table=FIP_RT_TBL)
#setup the NAT rules and chains
- ri._handle_fip_nat_rules(rtr_2_fip_name, 'add_rules')
+ ri._handle_fip_nat_rules(rtr_2_fip_name)
def scan_fip_ports(self, ri):
# don't scan if not dvr or count is not None
floating_ips = super(DvrLocalRouter, self).get_floating_ips()
return [i for i in floating_ips if i['host'] == self.host]
- def _handle_fip_nat_rules(self, interface_name, action):
+ def _handle_fip_nat_rules(self, interface_name):
"""Configures NAT rules for Floating IPs for DVR.
Remove all the rules. This is safe because if
# Add back the jump to float-snat
self.iptables_manager.ipv4['nat'].add_rule('snat', '-j $float-snat')
- # And add them back if the action is add_rules
- if action == 'add_rules' and interface_name:
- rule = ('POSTROUTING', '! -i %(interface_name)s '
- '! -o %(interface_name)s -m conntrack ! '
- '--ctstate DNAT -j ACCEPT' %
- {'interface_name': interface_name})
- self.iptables_manager.ipv4['nat'].add_rule(*rule)
+ # And add the NAT rule back
+ rule = ('POSTROUTING', '! -i %(interface_name)s '
+ '! -o %(interface_name)s -m conntrack ! '
+ '--ctstate DNAT -j ACCEPT' %
+ {'interface_name': interface_name})
+ self.iptables_manager.ipv4['nat'].add_rule(*rule)
+
self.iptables_manager.apply()
def floating_ip_added_dist(self, fip, fip_cidr):
Code Review / openstack-build / neutron-build.git / commitdiff