Commit 6ef02284 authored by Leigh B Stoller's avatar Leigh B Stoller

Minor bug fixes.

parent 13f5110a
...@@ -254,7 +254,7 @@ sub Online() ...@@ -254,7 +254,7 @@ sub Online()
" -j OUTGOING_${vnode_id}") " -j OUTGOING_${vnode_id}")
== 0 or return -1; == 0 or return -1;
DoIPtables("-A OUTPUT -d $vnode_id -j ACCEPT") DoIPtables("-A OUTPUT -d $vnode_ip -j ACCEPT")
== 0 or return -1; == 0 or return -1;
} }
# Start a tmcc proxy (handles both TCP and UDP) # Start a tmcc proxy (handles both TCP and UDP)
...@@ -428,7 +428,7 @@ sub Offline() ...@@ -428,7 +428,7 @@ sub Offline()
" --physdev-out $vif -j INCOMING_${vnode_id}"); " --physdev-out $vif -j INCOMING_${vnode_id}");
DoIPtables("-D INPUT -s $vnode_ip ". DoIPtables("-D INPUT -s $vnode_ip ".
" -j OUTGOING_${vnode_id}"); " -j OUTGOING_${vnode_id}");
DoIPtables("-D OUTPUT -d $vnode_id -j ACCEPT"); DoIPtables("-D OUTPUT -d $vnode_ip -j ACCEPT");
} }
# tmcc # tmcc
......
...@@ -554,6 +554,12 @@ sub rootPreConfig($) ...@@ -554,6 +554,12 @@ sub rootPreConfig($)
# #
# Need these to avoid overflowing the NAT tables. # Need these to avoid overflowing the NAT tables.
# #
mysystem2("$MODPROBE nf_conntrack");
if ($?) {
print STDERR "ERROR: could not load nf_conntrack module!\n";
TBScriptUnlock();
return -1;
}
mysystem("$SYSCTL -w ". mysystem("$SYSCTL -w ".
" net.netfilter.nf_conntrack_generic_timeout=120"); " net.netfilter.nf_conntrack_generic_timeout=120");
mysystem("$SYSCTL -w ". mysystem("$SYSCTL -w ".
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment