netd: NatController: don't setup iptables hooks in constructor.

iptables top-level chain updates should happen within CommandListener() when it invokes the various modules' setupIptablesHooks(). And remove the extra DROP rule. Change-Id: I33d2cfbd5444516f855ff85152c472352944cc77
author: JP Abgrall <jpa@google.com> 2012-04-24 21:30:43 -0700
committer: JP Abgrall <jpa@google.com> 2012-04-26 16:30:46 -0700
commit: e4c501c3a78f21d6d6e4ff0ba9090185cff1be8c (patch)
tree: e233b9437cb2fb2ac80a9d11f28641e603905f02
parent: 73be1adb3b1a63185b97ecc9c61ae75a7994ee86 (diff)
download: netd-e4c501c3a78f21d6d6e4ff0ba9090185cff1be8c.tar.gz
1 files changed, 1 insertions, 7 deletions
diff --git a/NatController.cpp b/NatController.cpp
index db96ed38..77c4874d 100644
--- a/NatController.cpp
+++ b/NatController.cpp
@@ -37,9 +37,6 @@ extern "C" int system_nosh(const char *command);
 
 NatController::NatController(SecondaryTableController *ctrl) {
     secondaryTableCtrl = ctrl;
-
-    setupIptablesHooks();
-    setDefaults();
 }
 
 NatController::~NatController() {
@@ -88,6 +85,7 @@ int NatController::setupIptablesHooks() {
     if (runCmd(IPTABLES_PATH, "-t nat -A POSTROUTING -j natctrl_nat_POSTROUTING"))
         return -1;
 
+    setDefaults();
     return 0;
 }
 
@@ -232,10 +230,6 @@ int NatController::setForwardRules(bool add, const char *intIface, const char *
         return -1;
     }
 
-    snprintf(cmd, sizeof(cmd), "-%s natctrl_FORWARD -j DROP", (add ? "A" : "D"),
-            intIface, extIface);
-    runCmd(IPTABLES_PATH, cmd);
-
     return 0;
 }
author	JP Abgrall <jpa@google.com>	2012-04-24 21:30:43 -0700
committer	JP Abgrall <jpa@google.com>	2012-04-26 16:30:46 -0700
commit	e4c501c3a78f21d6d6e4ff0ba9090185cff1be8c (patch)
tree	e233b9437cb2fb2ac80a9d11f28641e603905f02
parent	73be1adb3b1a63185b97ecc9c61ae75a7994ee86 (diff)
download	netd-e4c501c3a78f21d6d6e4ff0ba9090185cff1be8c.tar.gz