Add missing fallback chain for ipv6.

author: Soren Hansen <soren@linux2go.dk> 2011-03-14 22:17:14 +0100
committer: Soren Hansen <soren@linux2go.dk> 2011-03-14 22:17:14 +0100
commit: 337bda95a9e12d395f838e81e279c875b056aba9 (patch)
tree: a0216f1237f6bb0af198eb284d414ace6879e7cd
parent: 119bbe04f3c1de06a8c40502c314f13c89561564 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 0b306c950..03f046cbd 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -1597,6 +1597,9 @@ class IptablesFirewallDriver(FirewallDriver):
 
         self.iptables.ipv4['filter'].add_chain('sg-fallback')
         self.iptables.ipv4['filter'].add_rule('sg-fallback', '-j DROP')
+        if FLAGS.use_ipv6:
+            self.iptables.ipv6['filter'].add_chain('sg-fallback')
+            self.iptables.ipv6['filter'].add_rule('sg-fallback', '-j DROP')
 
     def setup_basic_filtering(self, instance):
         """Use NWFilter from libvirt for this."""
author	Soren Hansen <soren@linux2go.dk>	2011-03-14 22:17:14 +0100
committer	Soren Hansen <soren@linux2go.dk>	2011-03-14 22:17:14 +0100
commit	337bda95a9e12d395f838e81e279c875b056aba9 (patch)
tree	a0216f1237f6bb0af198eb284d414ace6879e7cd
parent	119bbe04f3c1de06a8c40502c314f13c89561564 (diff)