Add and document the provider_fw method in virt/FakeConnection.

author: Todd Willey <todd@ansolabs.com> 2011-02-01 12:32:58 -0500
committer: Todd Willey <todd@ansolabs.com> 2011-02-01 12:32:58 -0500
commit: d552158b19bf1652da795e1681c9dc904bdc425b (patch)
tree: 4d121f73e448944d59fccf439afc7c466a4418e9
parent: d47886e16504cc92d0f9b33e02417229970d3efb (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/nova/virt/fake.py b/nova/virt/fake.py
index 161445b86..b16d53634 100644
--- a/nova/virt/fake.py
+++ b/nova/virt/fake.py
@@ -359,6 +359,22 @@ class FakeConnection(object):
         """
         return True
 
+    def refresh_provider_fw_rules(self):
+        """This triggers a firewall update based on database changes.
+
+        When this is called, rules have either been added or removed from the
+        datastore.  You can retrieve rules with
+        :method:`nova.db.api.provider_fw_rule_get_all`.
+
+        Provider rules take precedence over security group rules.  If an IP
+        would be allowed by a security group ingress rule, but blocked by
+        a provider rule, then packets from the IP are dropped.  This includes
+        intra-project traffic in the case of the allow_project_net_traffic
+        flag for the libvirt-derived classes.
+
+        """
+        pass
+
 
 class FakeInstance(object):
author	Todd Willey <todd@ansolabs.com>	2011-02-01 12:32:58 -0500
committer	Todd Willey <todd@ansolabs.com>	2011-02-01 12:32:58 -0500
commit	d552158b19bf1652da795e1681c9dc904bdc425b (patch)
tree	4d121f73e448944d59fccf439afc7c466a4418e9
parent	d47886e16504cc92d0f9b33e02417229970d3efb (diff)