maas-cert-server

Merge ~rodsmith/maas-cert-server:fix-startnat into maas-cert-server:master

  1. Git
  2. lp:~rodsmith/maas-cert-server
  3. fix-startnat
  4. Merge into master
Proposed by Rod Smith
Status: Merged
Approved by: Rod Smith
Approved revision: ec685bfeed4e9606311f753f8e19a2b62d0a98d9
Merged at revision: ce15d1f0dc979763e072c64308e8b0016415def1
Proposed branch: ~rodsmith/maas-cert-server:fix-startnat
Merge into: maas-cert-server:master
Diff against target: 31 lines (+11/-4)
2 files modified
debian/changelog (+7/-0)
usr/sbin/startnat.sh (+4/-4)
Reviewer Review Type Date Requested Status
Jeff Lane  Approve
Review via email: mp+397575@code.launchpad.net

Commit message

Remove hard-coded paths to iptables from startnat.sh; let $PATH find the binary.

To post a comment you must log in.
Revision history for this message
Jeff Lane  (bladernr) wrote :

Looks good to me. Thanks for fixing this issue quickly.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index c3016fa..8103ea9 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+maas-cert-server (0.6.1-0ppa1) focal; urgency=medium
7+
8+ * Remove hard-coded path from calls to iptables in startnat.sh; let
9+ $PATH find iptables
10+
11+ -- Rod Smith <rod.smith@canonical.com> Fri, 05 Feb 2021 09:06:01 -0500
12+
13 maas-cert-server (0.6.0-0ppa1) focal; urgency=medium
14
15 * Support for maniacs-setup on Ubuntu 20.04 using snaps
16diff --git a/usr/sbin/startnat.sh b/usr/sbin/startnat.sh
17index 5602e17..269b94d 100755
18--- a/usr/sbin/startnat.sh
19+++ b/usr/sbin/startnat.sh
20@@ -8,8 +8,8 @@ if [ -f /etc/maas-cert-server/config ] ; then
21 fi
22
23 echo 1 > /proc/sys/net/ipv4/ip_forward
24-/sbin/iptables -t nat -A POSTROUTING -o $EXTERNAL_NET -j MASQUERADE
25-/sbin/iptables -A FORWARD -i $EXTERNAL_NET -o $INTERNAL_NET -m state \
26- --state RELATED,ESTABLISHED -j ACCEPT
27-/sbin/iptables -A FORWARD -i $INTERNAL_NET -o $EXTERNAL_NET -j ACCEPT
28+iptables -t nat -A POSTROUTING -o $EXTERNAL_NET -j MASQUERADE
29+iptables -A FORWARD -i $EXTERNAL_NET -o $INTERNAL_NET -m state \
30+ --state RELATED,ESTABLISHED -j ACCEPT
31+iptables -A FORWARD -i $INTERNAL_NET -o $EXTERNAL_NET -j ACCEPT
32

Subscribers

People subscribed via source and target branches