CONFIG=${CONFIG:-'/var/opt/opnfv'}
RESOURCES=${RESOURCES:-"$CONFIG/images"}
LIB=${LIB:-"$CONFIG/lib"}
-VALID_CMDS="undercloud overcloud opendaylight debug-stack -h --help"
+VALID_CMDS="undercloud overcloud opendaylight debug-stack mock-detached -h --help"
source $LIB/utility-functions.sh
;;
mock-detached)
if [ "$2" == "on" ]; then
- echo "Blocking output http and https traffic"
+ echo "Ensuring we can talk to gerrit.opnfv.org"
+ iptables -A OUTPUT -p tcp -d gerrit.opnfv.org --dport 443 -j ACCEPT
+ echo "Blocking output http (80) traffic"
iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+ iptables -A FORWARD -p tcp --dport 80 -j REJECT
+ echo "Blocking output https (443) traffic"
iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+ iptables -A FORWARD -p tcp --dport 443 -j REJECT
+ echo "Blocking output dns (53) traffic"
+ iptables -A FORWARD -p tcp --dport 53 -j REJECT
elif [ "$2" == "off" ]; then
- echo "Allowing output http and https traffic"
+ echo "Cleaning gerrit.opnfv.org specific rule"
+ iptables -D OUTPUT -p tcp -d gerrit.opnfv.org --dport 443 -j ACCEPT
+ echo "Allowing output http (80) traffic"
iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+ iptables -D FORWARD -p tcp --dport 80 -j REJECT
+ echo "Allowing output https (443) traffic"
iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+ iptables -D FORWARD -p tcp --dport 443 -j REJECT
+ echo "Allowing output dns (53) traffic"
+ iptables -D OUTPUT -p tcp --dport 53 -j REJECT
+ iptables -D FORWARD -p tcp --dport 53 -j REJECT
else
display_usage
fi