weizhouapache commented on code in PR #9552: URL: https://github.com/apache/cloudstack/pull/9552#discussion_r1730855919
########## systemvm/debian/opt/cloud/bin/cs/CsAddress.py: ########## @@ -693,11 +693,8 @@ def post_config_change(self, method): vpccidr = cmdline.get_vpccidr() self.fw.append( ["filter", 3, "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)]) - self.fw.append( - ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])]) - elif cmdline.get_source_nat_ip() and not self.is_private_gateway(): - self.fw.append( - ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, cmdline.get_source_nat_ip())]) + self.fw.append( Review Comment: if there are multiple public ips (in multiple ranges), will there be same amount of rules ? ########## systemvm/debian/opt/cloud/bin/cs/CsAddress.py: ########## @@ -554,7 +554,7 @@ def fw_vpcrouter(self): if self.address["source_nat"]: self.fw.append(["nat", "front", "-A POSTROUTING -o %s -j SNAT --to-source %s" % - (self.dev, self.address['public_ip'])]) + (self.address['device'], self.address['public_ip'])]) Review Comment: it looks like this code snippet (line 554 to 557) can be removed. It has been covered by line 696-697 (new code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org