Back out of implementing service shutoff via changes to before.rules
diff --git a/xos/synchronizers/vcpe/steps/sync_vcpetenant_vtn.yaml b/xos/synchronizers/vcpe/steps/sync_vcpetenant_vtn.yaml
index 1769e28..9fc3f2a 100644
--- a/xos/synchronizers/vcpe/steps/sync_vcpetenant_vtn.yaml
+++ b/xos/synchronizers/vcpe/steps/sync_vcpetenant_vtn.yaml
@@ -259,7 +259,7 @@
service: name={{ container_name }} state=started
- name: reload ufw
- shell: docker exec {{ container_name }} bash -c "/sbin/iptables -t nat -F PREROUTING; /sbin/iptables -F FORWARD; /usr/sbin/ufw reload"
+ shell: docker exec {{ container_name }} bash -c "/sbin/iptables -t nat -F PREROUTING; /usr/sbin/ufw reload"
# Use docker cp instead of single-file volume
# The reason is that changes to external file volume don't show up inside the container
diff --git a/xos/synchronizers/vcpe/templates/before.rules.j2 b/xos/synchronizers/vcpe/templates/before.rules.j2
index cbe2fa7..e6f7d4a 100644
--- a/xos/synchronizers/vcpe/templates/before.rules.j2
+++ b/xos/synchronizers/vcpe/templates/before.rules.j2
@@ -37,11 +37,6 @@
:ufw-not-local - [0:0]
# End required lines
-# Customer service status
-{% if status != "enabled" %}
--A FORWARD -o eth0 -j DROP
-{% endif %}
-
# allow all on loopback
-A ufw-before-input -i lo -j ACCEPT
-A ufw-before-output -o lo -j ACCEPT