Fix #478: Remove unused public tcp port configuration (#480)

radiasoft · Apr 9, 2024 · 92036f5 · 92036f5
1 parent 0c93996
commit 92036f5
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 6 deletions.
diff --git a/rsconf/component/vm_devbox.py b/rsconf/component/vm_devbox.py
@@ -51,7 +51,6 @@ def _create_user_instances():
         rsconf.systemd.unit_prepare(
             self, self.j2_ctx, watch_files=(z.start_f, z.stop_f)
         )
-        self._network(jc, z)
         self._ssh(jc, z)
 
     def internal_build_write(self):
@@ -70,9 +69,6 @@ def internal_build_write(self):
             "vm_devbox/vm_devbox_unit_service", jc, jc.systemd.service_f
         )
 
-    def _network(self, jc, z):
-        self.buildt.get_component("network").add_public_tcp_ports([str(z.ssh_port)])
-
     def _ssh(self, jc, z):
         z.sshd_config_f = z.run_d.join("sshd_config")
         s = self.gen_identity_and_host_ssh_keys(jc, "host", encrypt_identity=True)

diff --git a/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/etc/sysconfig/iptables b/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/etc/sysconfig/iptables
@@ -9,7 +9,7 @@
     -A INPUT -i lo -j ACCEPT
     -A INPUT -i em1 -j ACCEPT
 -A INPUT -i em2 -m state --state RELATED,ESTABLISHED -j ACCEPT
-    -A INPUT -i em2 -p tcp -m state --state NEW -m tcp --match multiport --dports 11110,12000,12001,3100,3101,3102,3103,9999,http,pop3s,smtp,submission -j ACCEPT
+    -A INPUT -i em2 -p tcp -m state --state NEW -m tcp --match multiport --dports 12000,12001,3100,3101,3102,3103,9999,http,pop3s,smtp,submission -j ACCEPT
         -A INPUT -i em2 -s 192.168.1.0/24 -p tcp -m state --state NEW -m tcp --dport https  -j ACCEPT
         -A INPUT -i em2 -s 127.0.0.1 -p tcp -m state --state NEW -m tcp --dport https  -j ACCEPT
 -A INPUT -i em2 -m state --state INVALID -j REJECT --reject-with icmp-port-unreachable

diff --git a/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/network.sh b/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/network.sh
@@ -6,7 +6,7 @@ rsconf_install_access '444' 'root' 'root'
 rsconf_install_file '/etc/resolv.conf' 'c333a7a816c03062d4e61effd6d2a8ce'
 rsconf_install_file '/etc/sysconfig/network-scripts/ifcfg-em1' 'e225a3f7b4b071e5c204b1182c17ab94'
 rsconf_install_file '/etc/sysconfig/network-scripts/ifcfg-em2' '4f8c01335a3bf1a8a89ba5d09fdf28df'
-rsconf_install_file '/etc/sysconfig/iptables' 'f8567bf33d74dd471ad31d1fb2acea81'
+rsconf_install_file '/etc/sysconfig/iptables' 'f47d00b954357d473fc5397dcf0a3d6f'
 network_main
 }
 #!/bin/bash