diff options
| author | Tushar Patil <tushar.vitthal.patil@gmail.com> | 2011-01-25 21:34:17 +0000 |
|---|---|---|
| committer | Tarmac <> | 2011-01-25 21:34:17 +0000 |
| commit | 705cbaa3d311c21cf2a7318e52a60eeadebb435a (patch) | |
| tree | 2cbae978038b7b8238dbea81798ba8840e8e0f7a | |
| parent | b2d0a77c53d1bd108d233e58f68655381cec4e16 (diff) | |
| parent | 1b259ba6ac7401d99eff2ded3100c73f3048728e (diff) | |
| download | nova-705cbaa3d311c21cf2a7318e52a60eeadebb435a.tar.gz nova-705cbaa3d311c21cf2a7318e52a60eeadebb435a.tar.xz nova-705cbaa3d311c21cf2a7318e52a60eeadebb435a.zip | |
In instance chains and rules for ipv4 and ipv6, ACCEPT target was missing.
| -rw-r--r-- | Authors | 1 | ||||
| -rw-r--r-- | nova/virt/libvirt_conn.py | 8 |
2 files changed, 5 insertions, 4 deletions
@@ -50,6 +50,7 @@ Soren Hansen <soren.hansen@rackspace.com> Thierry Carrez <thierry@openstack.org> Todd Willey <todd@ansolabs.com> Trey Morris <trey.morris@rackspace.com> +Tushar Patil <tushar.vitthal.patil@gmail.com> <tpatil@vertex.co.in> Vishvananda Ishaya <vishvananda@gmail.com> Youcef Laribi <Youcef.Laribi@eu.citrix.com> Zhixue Wu <Zhixue.Wu@citrix.com> diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py index 259e19a69..548d82ba9 100644 --- a/nova/virt/libvirt_conn.py +++ b/nova/virt/libvirt_conn.py @@ -1268,13 +1268,13 @@ class IptablesFirewallDriver(FirewallDriver): if(ip_version == 4): # Allow DHCP responses dhcp_server = self._dhcp_server_for_instance(instance) - our_rules += ['-A %s -s %s -p udp --sport 67 --dport 68' % - (chain_name, dhcp_server)] + our_rules += ['-A %s -s %s -p udp --sport 67 --dport 68 ' + '-j ACCEPT ' % (chain_name, dhcp_server)] elif(ip_version == 6): # Allow RA responses ra_server = self._ra_server_for_instance(instance) - our_rules += ['-A %s -s %s -p icmpv6' % - (chain_name, ra_server)] + our_rules += ['-A %s -s %s -p icmpv6 ' + '-j ACCEPT' % (chain_name, ra_server)] # If nothing matches, jump to the fallback chain our_rules += ['-A %s -j nova-fallback' % (chain_name,)] |