From: Sylvain Munaut <s.munaut@whatever-company.com>
Date: Tue, 20 May 2014 14:56:43 +0000 (+0200)
Subject: hotplug/linux: Fix the vif script to handle_iptable for tap interfaces
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~4958
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=b08834a20e482be4771b5120b58b7dfee675e67b;p=xen.git

hotplug/linux: Fix the vif script to handle_iptable for tap interfaces

The TAP interfaces need the same iptables rules as the VIF, without it,
traffic will not be forwarded to/from them is the default FORWARD policy
is DROP/REJECT

Signed-off-by: Sylvain Munaut <s.munaut@whatever-company.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
---

diff --git a/tools/hotplug/Linux/vif-bridge b/tools/hotplug/Linux/vif-bridge
index b7dcbd63de..df447899d3 100644
--- a/tools/hotplug/Linux/vif-bridge
+++ b/tools/hotplug/Linux/vif-bridge
@@ -97,9 +97,7 @@ case "$command" in
         ;;
 esac
 
-if [ "$type_if" = vif ]; then
-    handle_iptable
-fi
+handle_iptable
 
 call_hooks vif post
 
diff --git a/tools/hotplug/Linux/vif-common.sh b/tools/hotplug/Linux/vif-common.sh
index 73ee24150a..28ddae583a 100644
--- a/tools/hotplug/Linux/vif-common.sh
+++ b/tools/hotplug/Linux/vif-common.sh
@@ -123,7 +123,7 @@ ip=$(xenstore_read_default "$XENBUS_PATH/ip" "$ip")
 
 frob_iptable()
 {
-  if [ "$command" == "online" ]
+  if [ "$command" == "online" -o "$command" == "add" ]
   then
     local c="-I"
   else
@@ -135,7 +135,7 @@ frob_iptable()
   iptables "$c" FORWARD -m physdev --physdev-is-bridged --physdev-out "$dev" \
     -j ACCEPT 2>/dev/null
 
-  if [ "$command" == "online" -a $? -ne 0 ]
+  if [ \( "$command" == "online" -o "$command" == "add" \) -a $? -ne 0 ]
   then
     log err "iptables setup failed. This may affect guest networking."
   fi