Allow traffic from private gateway to internet

Rakesh Venkatesh · Rakesh Venkatesh · commit 25c576985542 · 2021-09-01T13:31:50.000+02:00
When private gateway is configured, the external server
which are connected through private gateway cannot send
traffic to outside world. Add a source iptable rule so
that the servers which are connected through private gateway
can ping the public IP's
diff --git a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
@@ -480,6 +480,8 @@ def fw_vpcrouter(self):
                             (self.dev, guestNetworkCidr, self.address['gateway'], self.dev)])
 
         if self.is_private_gateway():
+            # add rule to allow traffic to outside world
+            self.fw.append(["filter", "", "-A FORWARD -s %s -j ACCEPT" % (self.address['network'])])
             self.fw.append(["filter", "", "-A FORWARD -d %s -o %s -j ACL_INBOUND_%s" %
                             (self.address['network'], self.dev, self.dev)])
             self.fw.append(["filter", "", "-A ACL_INBOUND_%s -j DROP" % self.dev])
