Merge "Checksum all traffic traveling though the bridges"

2016-09-30 18:43:57 +00:00 · 2016-09-30 18:43:57 +00:00 · e8daf1fb2a
commit e8daf1fb2a
parent bd76f04030 0aa1ce62e5
1 changed files with 2 additions and 2 deletions
--- a/tests/roles/bootstrap-host/defaults/main.yml
+++ b/tests/roles/bootstrap-host/defaults/main.yml
@ -125,8 +125,8 @@ bridge_vlan_state_change_scripts: |
  post-down ip link del br-vlan-veth || true
 bridge_iptables_rules: |
  # To ensure ssh checksum is correct
-  up /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
-  down /sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
+  up /sbin/iptables -A POSTROUTING -t mangle -p tcp -o {{ public_interface }} -j CHECKSUM --checksum-fill
+  down /sbin/iptables -D POSTROUTING -t mangle -p tcp -o {{ public_interface }} -j CHECKSUM --checksum-fill
  # To provide internet connectivity to instances
  up /sbin/iptables -t nat -A POSTROUTING -o {{ public_interface }} -j MASQUERADE
  down /sbin/iptables -t nat -D POSTROUTING -o {{ public_interface }} -j MASQUERADE