Merge "Remove unwated iptables NAT and forward rule"

manifests/function/k8scontrol-vm-infra/iptables-setup.yaml

@@ -33,6 +33,7 @@
 
       # activate ip_forwarding
       echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
-      iptables -A FORWARD -i REPLACEMENT_VM_INFRA_INTF -j ACCEPT
-      iptables -t nat -A POSTROUTING -s REPLACEMENT_VM_SUBNET_CIDR -o REPLACEMENT_MGMT_INTF -j MASQUERADE
+      # Uncomment the below two lines when SIP creates VMs on control plane nodes.
+      #iptables -A FORWARD -i REPLACEMENT_VM_INFRA_INTF -j ACCEPT
+      #iptables -t nat -A POSTROUTING -s REPLACEMENT_VM_SUBNET_CIDR -o REPLACEMENT_MGMT_INTF -j MASQUERADE
       exit 0