Skip to content

Commit

Permalink
VR: Do not add iptables rules for the revoked ip addresses (apache#6189)
Browse files Browse the repository at this point in the history 
(cherry picked from commit c61ea9f)
Signed-off-by: Rohit Yadav <[email protected]>
  • Loading branch information
@weizhouapache @rohityadavcloud
weizhouapache authored and rohityadavcloud committed May 18, 2022
1 parent f2853d0 commit e23fded
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion systemvm/debian/opt/cloud/bin/cs/CsAddress.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -498,7 +498,7 @@ def fw_vpcrouter(self):
if not inf.startswith("eth"):
continue
for address in addresses:
if "nw_type" in address and address["nw_type"] == "guest":
if "nw_type" in address and address["nw_type"] == "guest" and address["add"]:
self.fw.append(["filter", "front", "-A FORWARD -s %s -d %s -j ACL_INBOUND_%s" %
(address["network"], self.address["network"], self.dev)])
self.fw.append(["filter", "front", "-A FORWARD -s %s -d %s -j ACL_INBOUND_%s" %
Expand Down

0 comments on commit e23fded

Please sign in to comment.