Commit c0bdd396 by Bach Dániel

random fixes

parent 80bde00a
......@@ -40,18 +40,7 @@ Configure sudo::
$ sudo chmod 440 /etc/sudoers.d/firewall
Configure /etc/rc.local::
$ sudo tee /etc/rc.local <<END
#!/bin/sh -e
/etc/init.d/openvswitch-switch restart
/sbin/ip netns add fw
ovs-vsctl del-br firewall
/sbin/ip netns exec fw sysctl -f /etc/sysctl.d/60-circle-firewall.conf
/sbin/ip netns exec fw ip link set lo up
exit 0
END
Configure sysctl::
$ sudo tee /etc/sysctl.d/60-circle-firewall.conf <<END
net.ipv4.ip_forward=1
......@@ -83,7 +72,7 @@ Set up default Firewall configuration::
export AMQP_URI="amqp://guest:guest@localhost:5672/vhost"
END
$ exit
$ sudo cp ~fw/fwdriver/miscellaneous/firewall.conf /etc/init/
$ sudo cp ~fw/fwdriver/miscellaneous/firewall*.conf /etc/init/
......
description "CIRCLE firewall init"
start on runlevel [2345]
stop on runlevel [!2345]
pre-start script
/etc/init.d/openvswitch-switch restart
/sbin/ip netns add fw || true
ovs-vsctl del-br firewall || true
/sbin/ip netns exec fw sysctl -f /etc/sysctl.d/60-circle-firewall.conf
/sbin/ip netns exec fw ip link set lo up
end script
description "CIRCLE firewall"
start on runlevel [2345]
start on (starting firewall-init and runlevel [2345])
stop on runlevel [!2345]
respawn
......@@ -13,8 +13,12 @@ script
cd /home/fw/fwdriver
. /home/fw/.virtualenvs/fw/bin/postactivate
. /home/fw/.virtualenvs/fw/bin/activate
HOSTNAME=$(hostname -s)
exec celeryd -A fw -Q ${HOSTNAME}.firewall --loglevel=info -c 1
if [ "$LEGACY" = "TRUE" ]; then
exec celeryd -A fw -Q dhcp,firewall --loglevel=info -c 1
else
HOSTNAME=$(hostname -s)
exec celeryd -A fw -Q ${HOSTNAME}.firewall --loglevel=info -c 1
fi
end script
......@@ -148,7 +148,6 @@ class Switch(object):
if interface.tagged:
params.append('trunks=%s' % list(interface.tagged))
self._run(*params)
# move interface into namespace
try:
if interface.is_veth:
......@@ -157,6 +156,7 @@ class Switch(object):
self._setns(interface.name)
except:
pass
self._run(*params)
def delete_port(self, interface):
self._run('del-port', self.brname, interface.external_name)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment