diff options
| author | Martin Schwenke <martin@meltin.net> | 2014-12-30 16:04:00 +1100 |
|---|---|---|
| committer | Amitay Isaacs <amitay@samba.org> | 2015-01-28 08:29:55 +0100 |
| commit | ab51f283e7a7f4fc82a94d39e7bb3a68e8aac554 (patch) | |
| tree | 74591568cf740359999cd8a5ea59a872bfb52df3 /ctdb | |
| parent | 9b67c1fa3748678552400a81172d124e59d5eb79 (diff) | |
| download | samba-ab51f283e7a7f4fc82a94d39e7bb3a68e8aac554.tar.gz samba-ab51f283e7a7f4fc82a94d39e7bb3a68e8aac554.tar.xz samba-ab51f283e7a7f4fc82a94d39e7bb3a68e8aac554.zip | |
ctdb-scripts: Call iptables/ip6tables directly from iptables_wrapper
Drops the iptables() and ip6tables() functions and, hence, the
hardcoding of paths /sbin/iptables and /sbin/ip6tables. The latter
avoids problems on openSUSE where (for example) /usr/sbin/iptables is
used instead.
This means that locking around ip*tables commands is only done when
iptables_wrapper is called directly. This is fine because the only
conflict is when "releaseip" or "takeip"/"updateip" events are run in
parallel. The other uses in 11.natgw and 70.iscsi are in events where
there will be no collisions.
Making 11.natgw support IPv6 is unnecessary. Just put a static IPv6
address on each interface - they're plentiful.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Jan 28 08:29:55 CET 2015 on sn-devel-104
Diffstat (limited to 'ctdb')
| -rwxr-xr-x | ctdb/config/functions | 16 | ||||
| -rwxr-xr-x | ctdb/tests/eventscripts/etc-ctdb/rc.local | 4 |
2 files changed, 8 insertions, 12 deletions
diff --git a/ctdb/config/functions b/ctdb/config/functions index 3bc9e3d29e..8c5e472f1a 100755 --- a/ctdb/config/functions +++ b/ctdb/config/functions @@ -1393,23 +1393,17 @@ ctdb_standard_event_handler () esac } -# iptables doesn't like being re-entered, so flock-wrap it. -iptables () -{ - flock -w 30 $CTDB_VARDIR/iptables-ctdb.flock /sbin/iptables "$@" -} -ip6tables () -{ - flock -w 30 $CTDB_VARDIR/iptables-ctdb.flock /sbin/ip6tables "$@" -} iptables_wrapper () { _family="$1" ; shift if [ "$_family" = "inet6" ] ; then - ip6tables "$@" + _iptables_cmd="ip6tables" else - iptables "$@" + _iptables_cmd="iptables" fi + + # iptables doesn't like being re-entered, so flock-wrap it. + flock -w 30 "${CTDB_VARDIR}/iptables-ctdb.flock" "$_iptables_cmd" "$@" } # AIX (and perhaps others?) doesn't have mktemp diff --git a/ctdb/tests/eventscripts/etc-ctdb/rc.local b/ctdb/tests/eventscripts/etc-ctdb/rc.local index 0dc531f828..0291e57458 100755 --- a/ctdb/tests/eventscripts/etc-ctdb/rc.local +++ b/ctdb/tests/eventscripts/etc-ctdb/rc.local @@ -51,8 +51,10 @@ get_proc () esac } -# Always succeeds +# Always succeed iptables () { : ; } +ip6tables () { : ; } +iptables_wrapper () { : ; } # Do not actually background - we want to see the output background_with_logging () |