Reviewed: https://review.openstack.org/560075
Committed:
https://git.openstack.org/cgit/openstack/neutron/commit/?id=0b8bcc4d74187d4fdee26f6d57d72c70809ea70e
Submitter: Zuul
Branch: master
commit 0b8bcc4d74187d4fdee26f6d57d72c70809ea70e
Author: Nikita Gerasimov <nikita.gerasi...@oracle.com>
Date: Tue Apr 10 19:25:39 2018 +0300
Adds egress and ingress forward rules for trusted ports
Iptables firewall driver now adds rules for trusted ports to FORWARD
chain in EGRESS and INGRESS directions.
Unfiltered and trusted port rules are too wide. We have to match
traffic against security groups first.
Change-Id: I61e4dc92669e33a207adfb72a1692184884143e1
Closes-Bug: #1762736
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1762736
Title:
Iptables firewall driver adds forward rules for trusted ports only in
the ingress direction
Status in neutron:
Fix Released
Bug description:
Iptables firewall driver adds forward rules for trusted ports only in the
ingress direction.
But for normal working of ports like "network:router_ha_interface" egress
direction also required.
Version: queens
openstack-neutron-linuxbridge-12.0.1-1.el7.noarch
https://review.openstack.org/525607
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1762736/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
