Make iptables persistent after reboot

[osm/devops.git] / installers / full_install_osm.sh

diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh
index 3160eb4..8c651e2 100755 (executable)
--- a/installers/full_install_osm.sh
+++ b/installers/full_install_osm.sh
@@ -823,8 +823,7 @@ function install_osm() {
     add_local_k8scluster
     track final_ops add_local_k8scluster_ok
 
-    echo -e "Fixup firewall so docker and LXD can share the host."
-    sudo iptables -I DOCKER-USER -j ACCEPT
+    arrange_docker_default_network_policy
 
     wget -q -O- https://osm-download.etsi.org/ftp/osm-13.0-thirteen/README2.txt &> /dev/null
     track end
@@ -887,6 +886,13 @@ function install_to_openstack() {
     return 0
 }
 
+function arrange_docker_default_network_policy() {
+    echo -e "Fixing firewall so docker and LXD can share the same host without affecting each other."
+    sudo iptables -I DOCKER-USER -j ACCEPT
+    sudo iptables-save | sudo tee /etc/iptables/rules.v4
+    sudo ip6tables-save | sudo tee /etc/iptables/rules.v6
+}
+
 function install_k8s_monitoring() {
     [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
     # install OSM monitoring