Merge branch 'master' into upgrade33

author: Devan Goodwin <dgoodwin@redhat.com> 2016-07-04 10:10:04 -0300
committer: Devan Goodwin <dgoodwin@redhat.com> 2016-07-04 10:10:04 -0300
commit: 7f04025263b19ac07c27198f8c1e3358a6206fd5 (patch)
tree: 06e10770b216c6b2f85e047675e62d7ed93f2b3d /roles/os_firewall
parent: 0071ab46bf9ae73bbb09c9fa0c9eb8a342a81ba1 (diff)
parent: 34f5de4185b0ae475367e9316a44bdf58fce1dc9 (diff)
download: openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.tar.gz
openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.tar.bz2
openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.tar.xz
openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/roles/os_firewall/library/os_firewall_manage_iptables.py b/roles/os_firewall/library/os_firewall_manage_iptables.py
index 1cb539a8c..190016c14 100755
--- a/roles/os_firewall/library/os_firewall_manage_iptables.py
+++ b/roles/os_firewall/library/os_firewall_manage_iptables.py
@@ -37,14 +37,14 @@ class IpTablesSaveError(IpTablesError):
 
 
 class IpTablesCreateChainError(IpTablesError):
-    def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long
+    def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
         super(IpTablesCreateChainError, self).__init__(msg, cmd, exit_code,
                                                        output)
         self.chain = chain
 
 
 class IpTablesCreateJumpRuleError(IpTablesError):
-    def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long
+    def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
         super(IpTablesCreateJumpRuleError, self).__init__(msg, cmd, exit_code,
                                                           output)
         self.chain = chain
@@ -152,11 +152,11 @@ class IpTablesManager(object): # pylint: disable=too-many-instance-attributes
                             continue
                         last_rule_target = rule[1]
 
-                # Naively assume that if the last row is a REJECT rule, then
-                # we can add insert our rule right before it, otherwise we
+                # Naively assume that if the last row is a REJECT or DROP rule,
+                # then we can insert our rule right before it, otherwise we
                 # assume that we can just append the rule.
                 if (last_rule_num and last_rule_target
-                        and last_rule_target == 'REJECT'):
+                        and last_rule_target in ['REJECT', 'DROP']):
                     # insert rule
                     cmd = self.cmd + ['-I', self.jump_rule_chain,
                                       str(last_rule_num)]
author	Devan Goodwin <dgoodwin@redhat.com>	2016-07-04 10:10:04 -0300
committer	Devan Goodwin <dgoodwin@redhat.com>	2016-07-04 10:10:04 -0300
commit	7f04025263b19ac07c27198f8c1e3358a6206fd5 (patch)
tree	06e10770b216c6b2f85e047675e62d7ed93f2b3d /roles/os_firewall
parent	0071ab46bf9ae73bbb09c9fa0c9eb8a342a81ba1 (diff)
parent	34f5de4185b0ae475367e9316a44bdf58fce1dc9 (diff)
download	openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.tar.gz openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.tar.bz2 openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.tar.xz openshift-7f04025263b19ac07c27198f8c1e3358a6206fd5.zip