From 0201256507355a8e2a7320b037f59fb4cbc270ee Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 2 Oct 2018 16:57:25 +0200
Subject: [redsocks] Always exclude boot server

---
 core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'core/modules/redsocks')

diff --git a/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy b/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy
index 94135bc3..68501f20 100755
--- a/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy
+++ b/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy
@@ -61,6 +61,11 @@ iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
 iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
 HEREDOCBROWN
 
+if [ -n "$SLX_PXE_SERVER_IP" ]; then
+	# Exclude boot server; we wouldn't be here if it weren't reachable directly
+	echo "iptables -t nat -A REDSOCKS -d '$SLX_PXE_SERVER_IP' -j RETURN" >> "$tfile"
+fi
+
 if [ -n "$SLX_PROXY_BLACKLIST" ]; then
 	for ADDR in $SLX_PROXY_BLACKLIST; do
 		echo "iptables -t nat -A REDSOCKS -d '$ADDR'-j RETURN"
-- 
cgit v1.2.3-55-g7522