Wrap ipv6 rules, too

author: Soren Hansen <soren@linux2go.dk> 2011-02-21 14:39:02 +0100
committer: Soren Hansen <soren@linux2go.dk> 2011-02-21 14:39:02 +0100
commit: 3d2ec0f594e02018a32c8d0d7a8cc46f7ab4c849 (patch)
tree: 7841aa90041ffb418a27a21e5130cdb07b617bdc
parent: 18174983d861aeea39effb536670e2801ce7e090 (diff)
2 files changed, 19 insertions, 10 deletions
diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py
index b5d1323a1..f47219b2e 100644
--- a/nova/network/linux_net.py
+++ b/nova/network/linux_net.py
@@ -170,15 +170,23 @@ class IptablesManager(object):
                                     wrap=False)
 
         # Wrap the builtin chains
-        builtin_chains = {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
-                          'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']}
-
-        for table, chains in builtin_chains.iteritems():
-            for chain in chains:
-                self.ipv4[table].add_chain(chain)
-                self.ipv4[table].add_rule(chain,
-                                          '-j %s-%s' % (binary_name, chain),
-                                          wrap=False)
+        builtin_chains = { 4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
+                               'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']},
+                           6: {'filter': ['INPUT', 'OUTPUT', 'FORWARD']}}
+
+        for ip_version in builtin_chains:
+            if ip_version == 4:
+                tables = self.ipv4
+            elif ip_version == 6:
+                tables = self.ipv6
+
+            for table, chains in builtin_chains[ip_version].iteritems():
+                for chain in chains:
+                    tables[table].add_chain(chain)
+                    tables[table].add_rule(chain,
+                                           '-j %s-%s' % (binary_name, chain),
+                                           wrap=False)
+
         self.semaphore = semaphore.Semaphore()
 
     def apply(self):
diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index c9a62a391..f1d4fe133 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -76,7 +76,8 @@ COMMIT
 
         # TODO(soren): Add stuff for ipv6
         check_matrix = {4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
-                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']}}
+                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']},
+                        6: {'filter': ['INPUT', 'OUTPUT', 'FORWARD']}}
 
         for ip_version in check_matrix:
             ip = getattr(self.manager, 'ipv%d' % ip_version)
author	Soren Hansen <soren@linux2go.dk>	2011-02-21 14:39:02 +0100
committer	Soren Hansen <soren@linux2go.dk>	2011-02-21 14:39:02 +0100
commit	3d2ec0f594e02018a32c8d0d7a8cc46f7ab4c849 (patch)
tree	7841aa90041ffb418a27a21e5130cdb07b617bdc
parent	18174983d861aeea39effb536670e2801ce7e090 (diff)