Exempt Cassandra traffic from fproxy

The connection to cassandra is not http/https. Hence bypassing it from
going through the forward proxy.

Change-Id: Ic4f65222fca5f3698d6ed806333b265d0e392314
Issue-ID: AAF-572
Signed-off-by: Ravi Geda <gravik@amdocs.com>

diff --git a/sidecar/tproxy-config/src/main/bin/start.sh b/sidecar/tproxy-config/src/main/bin/start.sh
index c467d31..758a910 100644 (file)
--- a/sidecar/tproxy-config/src/main/bin/start.sh
+++ b/sidecar/tproxy-config/src/main/bin/start.sh
@@ -22,5 +22,9 @@
 set -x
 set -eo pipefail
 
+iptables -t nat -A OUTPUT -p tcp -j ACCEPT -s 127.0.0.1 --dport 61647
+iptables -t nat -A OUTPUT -p tcp -j ACCEPT --dport 9042
+iptables -t nat -A OUTPUT -p tcp -j ACCEPT --dport 9160
+iptables -t nat -A OUTPUT -p tcp -j ACCEPT --dport 61621
 iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 10680 -m owner '!' --uid-owner 1001
 iptables -t nat --list