Signed-off-by: Hu XueJiao huxuejiao1@huawei.com --- sparrow/2-network/iptables | 1 + 1 file changed, 1 insertion(+)
diff --git a/sparrow/2-network/iptables b/sparrow/2-network/iptables index 7183145..0fd82e5 100755 --- a/sparrow/2-network/iptables +++ b/sparrow/2-network/iptables @@ -28,3 +28,4 @@ DOCKER0_SUBNET=172.17.0.0/16 firewall-cmd --zone=public --add-rich-rule="rule family=ipv4 source address=$DOCKER0_SUBNET accept" firewall-cmd --zone=public --add-rich-rule="rule family=ipv4 source address=$BR0_SUBNET accept" firewall-cmd --zone=public --add-rich-rule="rule family=ipv4 source address=0.0.0.0/32 accept" +firewall-cmd --zone=public --add-masquerade
On Wed, Sep 30, 2020 at 05:36:43PM +0800, Hu Xuejiao wrote:
Signed-off-by: Hu XueJiao huxuejiao1@huawei.com
sparrow/2-network/iptables | 1 + 1 file changed, 1 insertion(+)
diff --git a/sparrow/2-network/iptables b/sparrow/2-network/iptables index 7183145..0fd82e5 100755 --- a/sparrow/2-network/iptables +++ b/sparrow/2-network/iptables @@ -28,3 +28,4 @@ DOCKER0_SUBNET=172.17.0.0/16 firewall-cmd --zone=public --add-rich-rule="rule family=ipv4 source address=$DOCKER0_SUBNET accept" firewall-cmd --zone=public --add-rich-rule="rule family=ipv4 source address=$BR0_SUBNET accept" firewall-cmd --zone=public --add-rich-rule="rule family=ipv4 source address=0.0.0.0/32 accept" +firewall-cmd --zone=public --add-masquerade
why add this, fix which error?
Thanks, Yinsi
-- 2.23.0
+firewall-cmd --zone=public --add-masquerade
why add this, fix which error?
This patch is used to open masquerade function for firewalld's public zone.
In different os type, the state after opening the firewalld is different, masquerade of some os are turned on, some are turned off.
And we need that, so add this line.
-------- Thanks Yu Chuan
Thanks, Yinsi
-- 2.23.0
-
Hu Xuejiao -
Liu Yinsi -
Yu Chuan