diff options
author | Tom Joseph <tomjoseph@in.ibm.com> | 2018-10-17 15:44:52 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-10-23 20:29:39 +0300 |
commit | 08589c246f425a055e3295d8f4bbbb89816bacc1 (patch) | |
tree | 8007badcb8f60bc800da58c239c8412ff0a805e7 /meta-phosphor | |
parent | 980acd4fcb868e8a59ac0acc66d7f69a013b6436 (diff) | |
download | openbmc-08589c246f425a055e3295d8f4bbbb89816bacc1.tar.xz |
ipmi-net: Restore the persisted iptables filter
If the persisted iptables filter exist restore the filter.
Tested: The iptables filter is restored when the phosphor-ipmi-net
(From meta-phosphor rev: c2cb2970beac78a2abca0825a2440b553f0fe2cc)
Change-Id: I3d37050322c23b1baf405b06957a90637cde644e
Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-phosphor')
3 files changed, 13 insertions, 0 deletions
diff --git a/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/ipmi-net-firewall.sh b/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/ipmi-net-firewall.sh new file mode 100644 index 000000000..ca32f985a --- /dev/null +++ b/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/ipmi-net-firewall.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +if [ -f $IPTABLESRULE ]; then + iptables-restore < $IPTABLESRULE +fi diff --git a/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/phosphor-ipmi-net.service b/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/phosphor-ipmi-net.service index 2d61b90da..6b836b604 100644 --- a/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/phosphor-ipmi-net.service +++ b/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net/phosphor-ipmi-net.service @@ -11,6 +11,8 @@ Wants=mapper-wait@-xyz-openbmc_project-control-host0-restriction_mode.service After=mapper-wait@-xyz-openbmc_project-control-host0-restriction_mode.service [Service] +Environment=IPTABLESRULE=/var/lib/iptables_rules +ExecStartPre=/usr/bin/env ipmi-net-firewall.sh ExecStart=/usr/bin/env netipmid SyslogIdentifier=netipmid Restart=always diff --git a/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net_git.bb b/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net_git.bb index c5984f14b..27837fd6c 100644 --- a/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net_git.bb +++ b/meta-phosphor/recipes-phosphor/ipmi/phosphor-ipmi-net_git.bb @@ -23,10 +23,16 @@ USERADD_PACKAGES = "${PN}" GROUPADD_PARAM_${PN} = "ipmi" SRC_URI += "git://github.com/openbmc/phosphor-net-ipmid" +SRC_URI += "file://ipmi-net-firewall.sh" SRCREV = "5e452093830644245b83a817b8dad2fdb36ea550" S = "${WORKDIR}/git" +do_install_append() { + install -m 0755 ${WORKDIR}/ipmi-net-firewall.sh \ + ${D}${sbindir}/ipmi-net-firewall.sh +} + SYSTEMD_SERVICE_${PN} = " \ ${PN}.service \ ${PN}.socket \ |