Commit c0bdd396 by Bach Dániel

random fixes

parent 80bde00a
...@@ -40,18 +40,7 @@ Configure sudo:: ...@@ -40,18 +40,7 @@ Configure sudo::
$ sudo chmod 440 /etc/sudoers.d/firewall $ sudo chmod 440 /etc/sudoers.d/firewall
Configure /etc/rc.local:: Configure sysctl::
$ sudo tee /etc/rc.local <<END
#!/bin/sh -e
/etc/init.d/openvswitch-switch restart
/sbin/ip netns add fw
ovs-vsctl del-br firewall
/sbin/ip netns exec fw sysctl -f /etc/sysctl.d/60-circle-firewall.conf
/sbin/ip netns exec fw ip link set lo up
exit 0
END
$ sudo tee /etc/sysctl.d/60-circle-firewall.conf <<END $ sudo tee /etc/sysctl.d/60-circle-firewall.conf <<END
net.ipv4.ip_forward=1 net.ipv4.ip_forward=1
...@@ -83,7 +72,7 @@ Set up default Firewall configuration:: ...@@ -83,7 +72,7 @@ Set up default Firewall configuration::
export AMQP_URI="amqp://guest:guest@localhost:5672/vhost" export AMQP_URI="amqp://guest:guest@localhost:5672/vhost"
END END
$ exit $ exit
$ sudo cp ~fw/fwdriver/miscellaneous/firewall.conf /etc/init/ $ sudo cp ~fw/fwdriver/miscellaneous/firewall*.conf /etc/init/
......
description "CIRCLE firewall init"
start on runlevel [2345]
stop on runlevel [!2345]
pre-start script
/etc/init.d/openvswitch-switch restart
/sbin/ip netns add fw || true
ovs-vsctl del-br firewall || true
/sbin/ip netns exec fw sysctl -f /etc/sysctl.d/60-circle-firewall.conf
/sbin/ip netns exec fw ip link set lo up
end script
description "CIRCLE firewall" description "CIRCLE firewall"
start on runlevel [2345] start on (starting firewall-init and runlevel [2345])
stop on runlevel [!2345] stop on runlevel [!2345]
respawn respawn
...@@ -13,8 +13,12 @@ script ...@@ -13,8 +13,12 @@ script
cd /home/fw/fwdriver cd /home/fw/fwdriver
. /home/fw/.virtualenvs/fw/bin/postactivate . /home/fw/.virtualenvs/fw/bin/postactivate
. /home/fw/.virtualenvs/fw/bin/activate . /home/fw/.virtualenvs/fw/bin/activate
if [ "$LEGACY" = "TRUE" ]; then
exec celeryd -A fw -Q dhcp,firewall --loglevel=info -c 1
else
HOSTNAME=$(hostname -s) HOSTNAME=$(hostname -s)
exec celeryd -A fw -Q ${HOSTNAME}.firewall --loglevel=info -c 1 exec celeryd -A fw -Q ${HOSTNAME}.firewall --loglevel=info -c 1
fi
end script end script
...@@ -148,7 +148,6 @@ class Switch(object): ...@@ -148,7 +148,6 @@ class Switch(object):
if interface.tagged: if interface.tagged:
params.append('trunks=%s' % list(interface.tagged)) params.append('trunks=%s' % list(interface.tagged))
self._run(*params)
# move interface into namespace # move interface into namespace
try: try:
if interface.is_veth: if interface.is_veth:
...@@ -157,6 +156,7 @@ class Switch(object): ...@@ -157,6 +156,7 @@ class Switch(object):
self._setns(interface.name) self._setns(interface.name)
except: except:
pass pass
self._run(*params)
def delete_port(self, interface): def delete_port(self, interface):
self._run('del-port', self.brname, interface.external_name) self._run('del-port', self.brname, interface.external_name)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment