Merge pull request #74 from sdodson/issue73

Add iptables rule to allow forwarding from clusternetwork

ovssubnet/bin/openshift-sdn-kube-subnet-setup.sh

@@ -38,6 +38,9 @@ iptables -D INPUT -i ${TUN} -m comment --comment "traffic from docker for intern
 lineno=$(iptables -nvL INPUT --line-numbers | grep "state RELATED,ESTABLISHED" | awk '{print $1}')
 iptables -I INPUT $lineno -p udp -m multiport --dports 4789 -m comment --comment "001 vxlan incoming" -j ACCEPT
 iptables -I INPUT $((lineno+1)) -i ${TUN} -m comment --comment "traffic from docker for internet" -j ACCEPT
+fwd_lineno=$(iptables -nvL FORWARD --line-numbers | grep "reject-with icmp-host-prohibited" tail -n 1 | awk '{print $1}')
+iptables -I FORWARD $fwd_lineno -d ${cluster_subnet} -j ACCEPT
+iptables -I FORWARD $fwd_lineno -s ${cluster_subnet} -j ACCEPT
 
 ## docker
 if [[ -z "${DOCKER_NETWORK_OPTIONS}" ]]