Make the routers persistent

wilderrodrigues · wilderrodrigues · commit 2fad87d3f3fe · 2015-04-14T15:09:47.000+02:00
- After configuration save the ipdated in files
    * /etc/iptables/router_rules.v4 and /etc/iptables/router_rules.v6
    * Reload the configuration on reboot via the /etc/rc.local using iptables-restore
diff --git a/systemvm/patches/debian/config/etc/rc.local b/systemvm/patches/debian/config/etc/rc.local
@@ -46,3 +46,16 @@ python /opt/cloud/bin/baremetal-vr.py &
 
 date > /var/cache/cloud/boot_up_done
 logger -t cloud "Boot up process done"
+
+#Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
+ipv4="/etc/iptables/router_rules.v4"
+if [ -e $ipv4 ]
+then
+   iptables-restore < $ipv4
+fi
+
+ipv6="/etc/iptables/router_rules.v6"
+if [ -e $ipv6 ]
+then
+   iptables-restore < $ipv6
+fi
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -676,6 +676,10 @@ def main(argv):
 
     mon = CsMonitor("monitorservice", config)
     mon.process()
-
+    
+    #Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
+    CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
+    CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
+    
 if __name__ == "__main__":
     main(sys.argv)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
@@ -16,7 +16,7 @@
 # specific language governing permissions and limitations
 # under the License.
 """ General helper functions
-for use in the configuation process
+for use in the configuration process
 
 """
 import subprocess
@@ -27,7 +27,6 @@
 from netaddr import *
 from pprint import pprint
 
-
 def is_mounted(name):
     for i in execute("mount"):
         vals = i.lstrip().split()
@@ -163,6 +162,19 @@ def execute(command):
     return result.splitlines()
 
 
+def save_iptables(command, iptables_file):
+    """ Execute command """
+    logging.debug("Saving iptables for %s" % command)
+    
+    result = execute(command)
+    fIptables = open(iptables_file, "w+")
+    
+    for line in result:
+        fIptables.write(line)
+        fIptables.write("\n")
+    fIptables.close()
+
+
 def execute2(command):
     """ Execute command """
     logging.debug("Executing %s" % command)
