CLOUDSTACK-10317: Fix SNAT rules for additional public nics (#2476)

* CLOUDSTACK-10317: Fix SNAT rules for additional public nics This allows networks with additional public nics to have correct SNAT iptables rules applied on configuration. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> * update based on Wei's suggested change Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
apache · Mar 8, 2018 · c0440e8 · c0440e8
1 parent c0b920f
commit c0440e8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
@@ -388,7 +388,7 @@ def fw_router(self):
             self.fw.append(["mangle", "",
                             "-A VPN_%s -j RETURN" % self.address['public_ip']])
             self.fw.append(["nat", "",
-                            "-A POSTROUTING -o eth2 -j SNAT --to-source %s" % self.address['public_ip']])
+                            "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())])
             self.fw.append(["mangle", "",
                             "-A PREROUTING -i %s -m state --state NEW " % self.dev +
                             "-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])