From: Dan Radez <dradez@redhat.com>
Date: Fri, 12 Aug 2016 15:00:03 +0000 (-0400)
Subject: adding DNS to ports to block in mock-detach
X-Git-Tag: colorado.1.0~78^2
X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=117b9035e519315d3c67bb53db44fc83103ba23d;p=apex.git

adding DNS to ports to block in mock-detach

Change-Id: Ic1be571650a301384b91981f3c2a362fa50c7414
Signed-off-by: Dan Radez <dradez@redhat.com>
---

diff --git a/ci/util.sh b/ci/util.sh
index 6681ff56..bcb3a3a7 100755
--- a/ci/util.sh
+++ b/ci/util.sh
@@ -91,13 +91,19 @@ parse_cmdline() {
             ;;
         mock-detached)
                 if [ "$2" == "on" ]; then
-                    echo "Blocking output http and https traffic"
+                    echo "Blocking output http (80) traffic"
                     iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+                    echo "Blocking output https (443) traffic"
                     iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+                    echo "Blocking output dns (53) traffic"
+                    iptables -A OUTPUT -p tcp --dport 53 -j REJECT
                 elif [ "$2" == "off" ]; then
-                    echo "Allowing output http and https traffic"
+                    echo "Allowing output http (80) traffic"
                     iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+                    echo "Allowing output https (443) traffic"
                     iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+                    echo "Allowing output dns (53) traffic"
+                    iptables -D OUTPUT -p tcp --dport 53 -j REJECT
                 else
                     display_usage
                 fi