random fixes

c0bdd396 · Bach Dániel · 80bde00a · c0bdd396 · c0bdd396 · c0bdd396
Commit c0bdd396 authored Apr 19, 2014 by Bach Dániel
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 17 deletions

docs/install.rst
+2 -13

miscellaneous/firewall-init.conf
+13 -0

miscellaneous/firewall.conf
+7 -3

ovs.py
+1 -1

No files found.
--- a/docs/install.rst
+++ b/docs/install.rst
@@ -40,18 +40,7 @@ Configure sudo::
  $ sudo chmod 440 /etc/sudoers.d/firewall


-Configure /etc/rc.local::
-
-  $ sudo tee /etc/rc.local <<END
-  #!/bin/sh -e
-
-  /etc/init.d/openvswitch-switch restart
-  /sbin/ip netns add fw
-  ovs-vsctl del-br firewall
-  /sbin/ip netns exec fw sysctl -f /etc/sysctl.d/60-circle-firewall.conf
-  /sbin/ip netns exec fw ip link set lo up
-  exit 0
-  END
+Configure sysctl::

  $ sudo tee /etc/sysctl.d/60-circle-firewall.conf <<END
  net.ipv4.ip_forward=1
@@ -83,7 +72,7 @@ Set up default Firewall configuration::
  export AMQP_URI="amqp://guest:guest@localhost:5672/vhost"
  END
  $ exit
-  $ sudo cp ~fw/fwdriver/miscellaneous/firewall.conf /etc/init/
+  $ sudo cp ~fw/fwdriver/miscellaneous/firewall*.conf /etc/init/




--- a/miscellaneous/firewall-init.conf
+++ b/miscellaneous/firewall-init.conf
+description     "CIRCLE firewall init"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+pre-start script
+	/etc/init.d/openvswitch-switch restart
+	/sbin/ip netns add fw || true
+	ovs-vsctl del-br firewall || true
+	/sbin/ip netns exec fw sysctl -f /etc/sysctl.d/60-circle-firewall.conf
+	/sbin/ip netns exec fw ip link set lo up
+
+end script
--- a/miscellaneous/firewall.conf
+++ b/miscellaneous/firewall.conf
 description     "CIRCLE firewall"

-start on runlevel [2345]
+start on (starting firewall-init and runlevel [2345])
 stop on runlevel [!2345]

 respawn
@@ -13,8 +13,12 @@ script
    cd /home/fw/fwdriver
    . /home/fw/.virtualenvs/fw/bin/postactivate
    . /home/fw/.virtualenvs/fw/bin/activate
-    HOSTNAME=$(hostname -s)
-    exec celeryd -A fw -Q ${HOSTNAME}.firewall --loglevel=info -c 1
+    if [ "$LEGACY" = "TRUE" ]; then
+        exec celeryd -A fw -Q dhcp,firewall --loglevel=info -c 1
+    else
+        HOSTNAME=$(hostname -s)
+        exec celeryd -A fw -Q ${HOSTNAME}.firewall --loglevel=info -c 1
+    fi

 end script

--- a/ovs.py
+++ b/ovs.py
@@ -148,7 +148,6 @@ class Switch(object):
        if interface.tagged:
            params.append('trunks=%s' % list(interface.tagged))

-        self._run(*params)
        # move interface into namespace
        try:
            if interface.is_veth:
@@ -157,6 +156,7 @@ class Switch(object):
                self._setns(interface.name)
        except:
            pass
+        self._run(*params)

    def delete_port(self, interface):
        self._run('del-port', self.brname, interface.external_name)