Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Cloud:OpenStack:Juno
openstack-nova-doc
nova-network-filter-bnc777488.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File nova-network-filter-bnc777488.patch of Package openstack-nova-doc
Index: nova-2014.2.3.dev53/nova/network/linux_net.py =================================================================== --- nova-2014.2.3.dev53.orig/nova/network/linux_net.py +++ nova-2014.2.3.dev53/nova/network/linux_net.py @@ -365,6 +365,9 @@ class IptablesManager(object): # among the various nova components. It sits at the very top # of FORWARD and OUTPUT. for tables in [self.ipv4, self.ipv6]: + tables['filter'].add_chain('nova-filter-FORWARD-sitelocl', wrap=False) + tables['filter'].add_rule('FORWARD', '-j nova-filter-FORWARD-sitelocl', wrap=False, top=True) + tables['filter'].add_chain('nova-filter-top', wrap=False) tables['filter'].add_rule('FORWARD', '-j nova-filter-top', wrap=False, top=True) Index: nova-2014.2.3.dev53/nova/tests/test_iptables_network.py =================================================================== --- nova-2014.2.3.dev53.orig/nova/tests/test_iptables_network.py +++ nova-2014.2.3.dev53/nova/tests/test_iptables_network.py @@ -35,6 +35,8 @@ class IptablesManagerTestCase(test.NoDBT ':%s-local - [0:0]' % (binary_name), ':%s-OUTPUT - [0:0]' % (binary_name), ':nova-filter-top - [0:0]', + ':nova-filter-FORWARD-sitelocl - [0:0]', + '[0:0] -A FORWARD -j nova-filter-FORWARD-sitelocl', '[0:0] -A FORWARD -j nova-filter-top', '[0:0] -A OUTPUT -j nova-filter-top', '[0:0] -A nova-filter-top -j %s-local' % (binary_name), @@ -208,7 +210,15 @@ class IptablesManagerTestCase(test.NoDBT "Duplicate line: %s" % line) seen_lines.add(line) - for chain in ['FORWARD', 'OUTPUT']: + for chain in ['FORWARD']: + for line in new_lines: + if line.startswith('[0:0] -A %s' % chain): + self.assertTrue('-j nova-filter-FORWARD-sitelocl' in line, + "First %s rule does not " + "jump to nova-filter-FORWARD-sitelocl" % chain) + break + + for chain in ['OUTPUT']: for line in new_lines: if line.startswith('[0:0] -A %s' % chain): self.assertTrue('-j nova-filter-top' in line, @@ -247,7 +257,7 @@ class IptablesManagerTestCase(test.NoDBT def test_iptables_top_order(self): # Test iptables_top_regex current_lines = list(self.sample_filter) - current_lines[12:12] = ['[0:0] -A FORWARD -j iptables-top-rule'] + current_lines[13:13] = ['[0:0] -A FORWARD -j iptables-top-rule'] self.flags(iptables_top_regex='-j iptables-top-rule') new_lines = self.manager._modify_rules(current_lines, self.manager.ipv4['filter'], @@ -257,7 +267,7 @@ class IptablesManagerTestCase(test.NoDBT def test_iptables_bottom_order(self): # Test iptables_bottom_regex current_lines = list(self.sample_filter) - current_lines[26:26] = ['[0:0] -A FORWARD -j iptables-bottom-rule'] + current_lines[28:28] = ['[0:0] -A FORWARD -j iptables-bottom-rule'] self.flags(iptables_bottom_regex='-j iptables-bottom-rule') new_lines = self.manager._modify_rules(current_lines, self.manager.ipv4['filter'], @@ -267,8 +277,8 @@ class IptablesManagerTestCase(test.NoDBT def test_iptables_preserve_order(self): # Test both iptables_top_regex and iptables_bottom_regex current_lines = list(self.sample_filter) - current_lines[12:12] = ['[0:0] -A FORWARD -j iptables-top-rule'] - current_lines[27:27] = ['[0:0] -A FORWARD -j iptables-bottom-rule'] + current_lines[13:13] = ['[0:0] -A FORWARD -j iptables-top-rule'] + current_lines[29:29] = ['[0:0] -A FORWARD -j iptables-bottom-rule'] self.flags(iptables_top_regex='-j iptables-top-rule') self.flags(iptables_bottom_regex='-j iptables-bottom-rule') new_lines = self.manager._modify_rules(current_lines,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
