Fix TenantNIC and PublicNIC config

[apex.git] / ci / util.sh

diff --git a/ci/util.sh b/ci/util.sh
index ad7f078..8c09278 100755 (executable)
--- a/ci/util.sh
+++ b/ci/util.sh
@@ -5,7 +5,7 @@
 CONFIG=${CONFIG:-'/var/opt/opnfv'}
 RESOURCES=${RESOURCES:-"$CONFIG/images"}
 LIB=${LIB:-"$CONFIG/lib"}
-VALID_CMDS="undercloud overcloud debug-stack -h --help"
+VALID_CMDS="undercloud overcloud opendaylight debug-stack mock-detached -h --help"
 
 source $LIB/utility-functions.sh
 
@@ -27,6 +27,8 @@ display_usage() {
   echo -e "                                     user    Optional: Defaults to 'stack'\n"
   echo -e "                                     command Optional: Defaults to none\n"
   echo -e ""
+  echo -e "   opendaylight                      Connect to OpenDaylight Karaf console\n"
+  echo -e ""
   echo -e "   overcloud  [ node [ command ] ]   Connect to an Overcloud node and optionally execute a command\n"
   echo -e "                                     node    Required: in format controller|compute<number>.  Example: controller0\n"
   echo -e "                                     command Optional: Defaults to none\n"
@@ -79,19 +81,38 @@ parse_cmdline() {
                 fi
                 exit 0
             ;;
+        opendaylight)
+                opendaylight_connect
+                exit 0
+            ;;
         debug-stack)
                 undercloud_connect stack "$(typeset -f debug_stack); debug_stack"
                 exit 0
             ;;
         mock-detached)
                 if [ "$2" == "on" ]; then
-                    echo "Blocking output http and https traffic"
+                    echo "Ensuring we can talk to gerrit.opnfv.org"
+                    iptables -A OUTPUT -p tcp -d gerrit.opnfv.org --dport 443 -j ACCEPT
+                    echo "Blocking output http (80) traffic"
                     iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+                    iptables -A FORWARD -p tcp --dport 80 -j REJECT
+                    echo "Blocking output https (443) traffic"
                     iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+                    iptables -A FORWARD -p tcp --dport 443 -j REJECT
+                    echo "Blocking output dns (53) traffic"
+                    iptables -A FORWARD -p tcp --dport 53 -j REJECT
                 elif [ "$2" == "off" ]; then
-                    echo "Allowing output http and https traffic"
+                    echo "Cleaning gerrit.opnfv.org specific rule"
+                    iptables -D OUTPUT -p tcp -d gerrit.opnfv.org --dport 443 -j ACCEPT
+                    echo "Allowing output http (80) traffic"
                     iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+                    iptables -D FORWARD -p tcp --dport 80 -j REJECT
+                    echo "Allowing output https (443) traffic"
                     iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+                    iptables -D FORWARD -p tcp --dport 443 -j REJECT
+                    echo "Allowing output dns (53) traffic"
+                    iptables -D OUTPUT -p tcp --dport 53 -j REJECT
+                    iptables -D FORWARD -p tcp --dport 53 -j REJECT
                 else
                     display_usage
                 fi