diff options
author | Ravi Geda <gravik@amdocs.com> | 2018-10-17 17:34:57 +0100 |
---|---|---|
committer | Ravi Geda <gravik@amdocs.com> | 2018-10-17 17:34:57 +0100 |
commit | 46075b8aeef53bfb6574fe536b9763a2918a54ca (patch) | |
tree | 46ad0dbee08e53dea2f103d5ea034683a9095017 /sidecar/tproxy-config | |
parent | dbf1f65a4231fa911f18514776eeb7030dcf1b8d (diff) |
Exempt Cassandra traffic from fproxy
The connection to cassandra is not http/https. Hence bypassing it from
going through the forward proxy.
Change-Id: Ic4f65222fca5f3698d6ed806333b265d0e392314
Issue-ID: AAF-572
Signed-off-by: Ravi Geda <gravik@amdocs.com>
Diffstat (limited to 'sidecar/tproxy-config')
-rw-r--r-- | sidecar/tproxy-config/src/main/bin/start.sh | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sidecar/tproxy-config/src/main/bin/start.sh b/sidecar/tproxy-config/src/main/bin/start.sh index c467d31..758a910 100644 --- a/sidecar/tproxy-config/src/main/bin/start.sh +++ b/sidecar/tproxy-config/src/main/bin/start.sh @@ -22,5 +22,9 @@ set -x set -eo pipefail +iptables -t nat -A OUTPUT -p tcp -j ACCEPT -s 127.0.0.1 --dport 61647 +iptables -t nat -A OUTPUT -p tcp -j ACCEPT --dport 9042 +iptables -t nat -A OUTPUT -p tcp -j ACCEPT --dport 9160 +iptables -t nat -A OUTPUT -p tcp -j ACCEPT --dport 61621 iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 10680 -m owner '!' --uid-owner 1001 iptables -t nat --list |