xen/network-nat-open-SuSEfirewall2-FORWARD.patch

Open SuSEfirewall2 FORWARD rule when use xen nat

Index: xen-4.1.2-testing/tools/hotplug/Linux/network-nat
===================================================================
--- xen-4.1.2-testing.orig/tools/hotplug/Linux/network-nat
+++ xen-4.1.2-testing/tools/hotplug/Linux/network-nat
@@ -83,6 +83,7 @@ function dhcp_stop()
 op_start() {
 	echo 1 >/proc/sys/net/ipv4/ip_forward
 	iptables -t nat -A POSTROUTING -o ${netdev} -j MASQUERADE
+	iptables -P FORWARD ACCEPT
         [ "$dhcp" != 'no' ] && dhcp_start
 }
 
@@ -90,6 +91,7 @@ op_start() {
 op_stop() {
         [ "$dhcp" != 'no' ] && dhcp_stop
 	iptables -t nat -D POSTROUTING -o ${netdev} -j MASQUERADE
+	iptables -P FORWARD DROP
 }
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=73 2009-05-04 18:38:09 +02:00			`Open SuSEfirewall2 FORWARD rule when use xen nat`

- bnc#717650 - Unable to start VM - Update to Xen 4.1.2_rc2 c/s 23152 - bnc#716695 - domUs using tap devices will not start updated multi-xvdp.patch - Upstream patches from Jan 23803-intel-pmu-models.patch 23800-x86_64-guest-addr-range.patch 23795-intel-ich10-quirk.patch 23804-x86-IPI-counts.patch - bnc#706106 - Inconsistent reporting of VM names during migration xend-migration-domname-fix.patch - bnc#712823 - L3:Xen guest does not start reliable when rebooted xend-vcpu-affinity-fix.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=143 2011-09-15 23:43:21 +02:00			`Index: xen-4.1.2-testing/tools/hotplug/Linux/network-nat`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=76 2009-08-01 11:53:46 +02:00			`===================================================================`
- bnc#717650 - Unable to start VM - Update to Xen 4.1.2_rc2 c/s 23152 - bnc#716695 - domUs using tap devices will not start updated multi-xvdp.patch - Upstream patches from Jan 23803-intel-pmu-models.patch 23800-x86_64-guest-addr-range.patch 23795-intel-ich10-quirk.patch 23804-x86-IPI-counts.patch - bnc#706106 - Inconsistent reporting of VM names during migration xend-migration-domname-fix.patch - bnc#712823 - L3:Xen guest does not start reliable when rebooted xend-vcpu-affinity-fix.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=143 2011-09-15 23:43:21 +02:00			`--- xen-4.1.2-testing.orig/tools/hotplug/Linux/network-nat`
			`+++ xen-4.1.2-testing/tools/hotplug/Linux/network-nat`
- bnc#564406 - Make the new PV drivers work with older hosts that do not understand the new PV driver protocol. - Upstream Xen version renamed to 4.0.0 in changeset 20624 & 20625. - fate#307594: HP-MCBS: XEN: support NR_CPUS=256 This is a spec file change (xen.spec) - bnc#555152 - "NAME" column in xentop (SLES11) output limited to 10 characters unlike SLES10 The update to c/s 20572 includes this fix (at c/s 20567). - Modify xen-paths.diff - Merge xend-tap-fix.patch to xen-domUloader.diff remove part of it which accepted by upstream - Load gntdev module in xend init script similar to blkbk, netbk, etc. - Backport dmmd from sles11/xen block-dmmd xen-qemu-iscsi-fix.patch xen.spec - Fix regression when create_vbd for tap xend-tap-fix.patch - Temporarily disable libxl because of libconfig dependency. - fate#302864 domUloader support lvm in disk domUloader.py Note: for test in Beta1, if not good, remove it - fate#302864 domUloader support fs on whole disk domUloader.py - Turn KMPs back on now that kernel side fix is checked in. - fate#304415 VMM: ability to switch networking mode Add vif-route-ifup to handle routed configurations using sysconfig scripts. vif-route-ifup.patch - fate#307540 USB for Xen VMs usb-add.patch - fate#305545 XEN extra descriptive field within xenstore add_des.patch - Update to Xen version 3.5.0 for the following features. fate#304226 XEN: FlexMigration feature of VT-x2 support fate#305004 Add SR-IOV PF and VF drivers to Vt-d enabled Xen fate#306830 T states in Xen controlling by MSR fate#306832 Fix for xen panic on new processors fate#306833 Westmere and Nehalem-EX: Add support for Pause Loop exiting feature for Xen fate#306835 Xen: server virtual power management enhacement fate#306837 VT-d2 - PCI SIG ATS support fate#306872 Xen: Node manager support P/T-states change when Vt-d enable fate#306873 Xen: SMP guest live migration may fail with hap=1 on NHM fate#306875 Westmere: LT-SX (Xen) fate#306891 RAS features for Xen: Add support for Machine Check and CPU/Memory online/offline features fate#307322 1GB page support in Xen fate#307324 Xen IOMMU support OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=26 2010-01-16 01:12:54 +01:00			`@@ -83,6 +83,7 @@ function dhcp_stop()`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=73 2009-05-04 18:38:09 +02:00			`op_start() {`
			`echo 1 >/proc/sys/net/ipv4/ip_forward`
			`iptables -t nat -A POSTROUTING -o ${netdev} -j MASQUERADE`
			`+ iptables -P FORWARD ACCEPT`
			`[ "$dhcp" != 'no' ] && dhcp_start`
			`}`

- bnc#564406 - Make the new PV drivers work with older hosts that do not understand the new PV driver protocol. - Upstream Xen version renamed to 4.0.0 in changeset 20624 & 20625. - fate#307594: HP-MCBS: XEN: support NR_CPUS=256 This is a spec file change (xen.spec) - bnc#555152 - "NAME" column in xentop (SLES11) output limited to 10 characters unlike SLES10 The update to c/s 20572 includes this fix (at c/s 20567). - Modify xen-paths.diff - Merge xend-tap-fix.patch to xen-domUloader.diff remove part of it which accepted by upstream - Load gntdev module in xend init script similar to blkbk, netbk, etc. - Backport dmmd from sles11/xen block-dmmd xen-qemu-iscsi-fix.patch xen.spec - Fix regression when create_vbd for tap xend-tap-fix.patch - Temporarily disable libxl because of libconfig dependency. - fate#302864 domUloader support lvm in disk domUloader.py Note: for test in Beta1, if not good, remove it - fate#302864 domUloader support fs on whole disk domUloader.py - Turn KMPs back on now that kernel side fix is checked in. - fate#304415 VMM: ability to switch networking mode Add vif-route-ifup to handle routed configurations using sysconfig scripts. vif-route-ifup.patch - fate#307540 USB for Xen VMs usb-add.patch - fate#305545 XEN extra descriptive field within xenstore add_des.patch - Update to Xen version 3.5.0 for the following features. fate#304226 XEN: FlexMigration feature of VT-x2 support fate#305004 Add SR-IOV PF and VF drivers to Vt-d enabled Xen fate#306830 T states in Xen controlling by MSR fate#306832 Fix for xen panic on new processors fate#306833 Westmere and Nehalem-EX: Add support for Pause Loop exiting feature for Xen fate#306835 Xen: server virtual power management enhacement fate#306837 VT-d2 - PCI SIG ATS support fate#306872 Xen: Node manager support P/T-states change when Vt-d enable fate#306873 Xen: SMP guest live migration may fail with hap=1 on NHM fate#306875 Westmere: LT-SX (Xen) fate#306891 RAS features for Xen: Add support for Machine Check and CPU/Memory online/offline features fate#307322 1GB page support in Xen fate#307324 Xen IOMMU support OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=26 2010-01-16 01:12:54 +01:00			`@@ -90,6 +91,7 @@ op_start() {`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=73 2009-05-04 18:38:09 +02:00			`op_stop() {`
			`[ "$dhcp" != 'no' ] && dhcp_stop`
			`iptables -t nat -D POSTROUTING -o ${netdev} -j MASQUERADE`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=76 2009-08-01 11:53:46 +02:00			`+ iptables -P FORWARD DROP`
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=73 2009-05-04 18:38:09 +02:00			`}`