Commit 32adb956 authored by Leigh Stoller's avatar Leigh Stoller

Ack, the client side subsitution code is too blunt, had to change the

names.
parent 5ab5f8d5
...@@ -177,12 +177,12 @@ if ($VIRTNODE_NETWORK =~ /^(\d+\.\d+\.\d+)\.0$/) { ...@@ -177,12 +177,12 @@ if ($VIRTNODE_NETWORK =~ /^(\d+\.\d+\.\d+)\.0$/) {
# #
# Sorry these are hardwired. # Sorry these are hardwired.
# #
my $EMULAB_VCNET_BOSS = "172.17.254.254"; my $EMULAB_VCBOSS = "172.17.254.254";
my $EMULAB_VCNET_OPS = "172.17.253.254"; my $EMULAB_VCOPS = "172.17.253.254";
$str = "replace into default_firewall_vars values ". $str = "replace into default_firewall_vars values ".
"('EMULAB_VCNET_BOSS', '$EMULAB_VCNET_BOSS'), ". "('EMULAB_VCBOSS', '$EMULAB_VCBOSS'), ".
"('EMULAB_VCNET_OPS', '$EMULAB_VCNET_OPS')"; "('EMULAB_VCOPS', '$EMULAB_VCOPS')";
print "$str\n" print "$str\n"
if (!$doit); if (!$doit);
......
...@@ -83,7 +83,7 @@ iptables -A OUTSIDE -s EMULAB_GWIP,EMULAB_VGWIP -j ACCEPT # BASIC,CLOSED,ELABINE ...@@ -83,7 +83,7 @@ iptables -A OUTSIDE -s EMULAB_GWIP,EMULAB_VGWIP -j ACCEPT # BASIC,CLOSED,ELABINE
# On a non-segmented control network (like an IG rack), boss/ops # On a non-segmented control network (like an IG rack), boss/ops
# have aliases on the virtual node network. Allows these though. # have aliases on the virtual node network. Allows these though.
iptables -A OUTSIDE -s EMULAB_VCNET_BOSS,EMULAB_VCNET_OPS -j ACCEPT # BASIC,CLOSED,ELABINELAB iptables -A OUTSIDE -s EMULAB_VCBOSS,EMULAB_VCOPS -j ACCEPT # BASIC,CLOSED,ELABINELAB
# #
# No one on the inside can talk to other experiments' nodes and visa-versa. # No one on the inside can talk to other experiments' nodes and visa-versa.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment