From: John Anderson <sontek@gmail.com>
Date: Mon, 28 Dec 2015 07:10:29 +0000 (+0800)
Subject: remove the forward reject rule of iptables
X-Git-Tag: brahmaputra.1.0~103^2
X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=73fcc70c718155dd91c592e09946ee4e15630e85;p=compass4nfv.git

remove the forward reject rule of iptables

  * Functest's testcase running in the docker, and need access openstack's
    network. But the libvirt nat networks will create forward iptable rules,
    which reject the connection from the docker.

Change-Id: Id0122879aa133ccb81a0bba1ea8d06ac36a65290
Author: carey.xu<carey.xuhan@huawei.com>
Signed-off-by: carey.xu <carey.xuhan@huawei.com>
---

diff --git a/deploy/network.sh b/deploy/network.sh
index 836af0f9..c6d0df5d 100755
--- a/deploy/network.sh
+++ b/deploy/network.sh
@@ -1,4 +1,9 @@
 
+function clear_forward_rejct_rules()
+{
+    while sudo iptables -nL FORWARD --line-number|grep -E 'REJECT +all +-- +0.0.0.0/0 +0.0.0.0/0 +reject-with icmp-port-unreachable'|head -1|awk '{print $1}'|xargs sudo iptables -D FORWARD; do :; done
+}
+
 function setup_bridge_net()
 {
     net_name=$1
@@ -89,4 +94,5 @@ function create_nets() {
 
     # create external network
     setup_bridge_external
+    clear_forward_rejct_rules
 }