Use the private port for the firewall rules (#4114)

Because of how CloudStack configures the firerwall on the router VM, you need to allow traffic to the private port instead of the public port.
10 years ago · 33f430bf25
parent 2102ded31c
commit 33f430bf25
1 changed files with 4 additions and 4 deletions
--- a/builder/cloudstack/step_configure_networking.go
+++ b/builder/cloudstack/step_configure_networking.go
@ -125,8 +125,8 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction
 		p.SetAclid(network.Aclid)
 		p.SetAction("allow")
 		p.SetCidrlist(config.CIDRList)
-		p.SetStartport(s.publicPort)
-		p.SetEndport(s.publicPort)
+		p.SetStartport(s.privatePort)
+		p.SetEndport(s.privatePort)
 		p.SetTraffictype("ingress")

 		// Create the network ACL rule.
@ -146,8 +146,8 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction

 		// Configure the firewall rule.
 		p.SetCidrlist(config.CIDRList)
-		p.SetStartport(s.publicPort)
-		p.SetEndport(s.publicPort)
+		p.SetStartport(s.privatePort)
+		p.SetEndport(s.privatePort)

 		fwRule, err := client.Firewall.CreateFirewallRule(p)
 		if err != nil {