From 85afed5dd085c0de8a9e1879c6839c498301aa8a Mon Sep 17 00:00:00 2001
From: Random-Liu <taotaotheripper@gmail.com>
Date: Tue, 29 Nov 2016 15:40:31 -0800
Subject: [PATCH] Fix node e2e firewall configure.

---
 test/e2e_node/remote/remote.go | 38 +++++++++++++++++++++-------------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/test/e2e_node/remote/remote.go b/test/e2e_node/remote/remote.go
index 3a1d07bd88f..98f234c3051 100644
--- a/test/e2e_node/remote/remote.go
+++ b/test/e2e_node/remote/remote.go
@@ -194,23 +194,33 @@ func RunRemote(archive string, host string, cleanup bool, junitFilePrefix string
 
 	// Configure iptables firewall rules
 	// TODO: consider calling bootstrap script to configure host based on OS
-	cmd = getSSHCommand("&&",
-		`iptables -L INPUT | grep "Chain INPUT (policy DROP)"`,
-		"(iptables -C INPUT -w -p TCP -j ACCEPT || iptables -A INPUT -w -p TCP -j ACCEPT)",
-		"(iptables -C INPUT -w -p UDP -j ACCEPT || iptables -A INPUT -w -p UDP -j ACCEPT)",
-		"(iptables -C INPUT -w -p ICMP -j ACCEPT || iptables -A INPUT -w -p ICMP -j ACCEPT)")
-	output, err := SSH(host, "sh", "-c", cmd)
+	output, err := SSH(host, "iptables", "-L", "INPUT")
 	if err != nil {
-		glog.Errorf("Failed to configured firewall: %v output: %v", err, output)
+		return "", false, fmt.Errorf("failed to get iptables INPUT: %v output: %q", err, output)
 	}
-	cmd = getSSHCommand("&&",
-		`iptables -L FORWARD | grep "Chain FORWARD (policy DROP)" > /dev/null`,
-		"(iptables -C FORWARD -w -p TCP -j ACCEPT || iptables -A FORWARD -w -p TCP -j ACCEPT)",
-		"(iptables -C FORWARD -w -p UDP -j ACCEPT || iptables -A FORWARD -w -p UDP -j ACCEPT)",
-		"(iptables -C FORWARD -w -p ICMP -j ACCEPT || iptables -A FORWARD -w -p ICMP -j ACCEPT)")
-	output, err = SSH(host, "sh", "-c", cmd)
+	if strings.Contains(output, "Chain INPUT (policy DROP)") {
+		cmd = getSSHCommand("&&",
+			"(iptables -C INPUT -w -p TCP -j ACCEPT || iptables -A INPUT -w -p TCP -j ACCEPT)",
+			"(iptables -C INPUT -w -p UDP -j ACCEPT || iptables -A INPUT -w -p UDP -j ACCEPT)",
+			"(iptables -C INPUT -w -p ICMP -j ACCEPT || iptables -A INPUT -w -p ICMP -j ACCEPT)")
+		output, err := SSH(host, "sh", "-c", cmd)
+		if err != nil {
+			return "", false, fmt.Errorf("failed to configured firewall: %v output: %v", err, output)
+		}
+	}
+	output, err = SSH(host, "iptables", "-L", "FORWARD")
 	if err != nil {
-		glog.Errorf("Failed to configured firewall: %v output: %v", err, output)
+		return "", false, fmt.Errorf("failed to get iptables FORWARD: %v output: %q", err, output)
+	}
+	if strings.Contains(output, "Chain FORWARD (policy DROP)") {
+		cmd = getSSHCommand("&&",
+			"(iptables -C FORWARD -w -p TCP -j ACCEPT || iptables -A FORWARD -w -p TCP -j ACCEPT)",
+			"(iptables -C FORWARD -w -p UDP -j ACCEPT || iptables -A FORWARD -w -p UDP -j ACCEPT)",
+			"(iptables -C FORWARD -w -p ICMP -j ACCEPT || iptables -A FORWARD -w -p ICMP -j ACCEPT)")
+		output, err = SSH(host, "sh", "-c", cmd)
+		if err != nil {
+			return "", false, fmt.Errorf("failed to configured firewall: %v output: %v", err, output)
+		}
 	}
 
 	// Copy the archive to the staging directory