From b302e41785920a910013b07b40c0384b2294172c Mon Sep 17 00:00:00 2001
From: Peng Yong <ppyy@pubyun.com>
Date: Fri, 30 Mar 2012 23:25:32 +0800
Subject: Acccept metadata ip so packets aren't snatted

 * fixes bug 968453

Change-Id: I12a7967bb711fe5fd9a7ebc2473209833d33f546
---
 nova/network/linux_net.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py
index 2c81f71f0..a1054bbd0 100755
--- a/nova/network/linux_net.py
+++ b/nova/network/linux_net.py
@@ -441,6 +441,10 @@ def init_host(ip_range=None):
 
     add_snat_rule(ip_range)
 
+    iptables_manager.ipv4['nat'].add_rule('POSTROUTING',
+                                          '-s %s -d %s/32 -j ACCEPT' %
+                                          (ip_range, FLAGS.metadata_host))
+
     iptables_manager.ipv4['nat'].add_rule('POSTROUTING',
                                           '-s %s -d %s -j ACCEPT' %
                                           (ip_range, FLAGS.dmz_cidr))
-- 
cgit