diff options
| author | Gary Kotton <gkotton@redhat.com> | 2013-02-21 13:43:10 +0000 |
|---|---|---|
| committer | Gary Kotton <gkotton@redhat.com> | 2013-02-22 13:46:03 +0000 |
| commit | 81476d70c406d1b95a82df3dcaec64045fd68d20 (patch) | |
| tree | fe2c7e340f23de98b3a3bbc222a673d86ac109a1 /nova/tests | |
| parent | a42845e455c74f41852babbbd09a3514021ea71d (diff) | |
Enable VM DHCP request to reach DHCP agent
When using the firewall driver IptablesFirewallDriver and the
default INPUT and FORWARD rules are DISCARD then the DHCP
request from the VM is discarded prior to getting to the dnsmasq.
A new rule will be added that enables DHCP requests to pass.
This fixes bug 1131223
Change-Id: I50fad5b63c3c4b22a5d828e3e89353c1ed723332
Diffstat (limited to 'nova/tests')
| -rw-r--r-- | nova/tests/test_libvirt.py | 6 | ||||
| -rw-r--r-- | nova/tests/test_xenapi.py | 6 |
2 files changed, 8 insertions, 4 deletions
diff --git a/nova/tests/test_libvirt.py b/nova/tests/test_libvirt.py index b1135902d..1e9b44eb9 100644 --- a/nova/tests/test_libvirt.py +++ b/nova/tests/test_libvirt.py @@ -3908,8 +3908,10 @@ class IptablesFirewallTestCase(test.TestCase): ipv6 = self.fw.iptables.ipv6['filter'].rules ipv4_network_rules = len(ipv4) - len(inst_ipv4) - ipv4_len ipv6_network_rules = len(ipv6) - len(inst_ipv6) - ipv6_len - self.assertEquals(ipv4_network_rules, - ipv4_rules_per_addr * ipv4_addr_per_network * networks_count) + # Extra rule is for the DHCP request + rules = (ipv4_rules_per_addr * ipv4_addr_per_network * + networks_count) + 1 + self.assertEquals(ipv4_network_rules, rules) self.assertEquals(ipv6_network_rules, ipv6_rules_per_addr * ipv6_addr_per_network * networks_count) diff --git a/nova/tests/test_xenapi.py b/nova/tests/test_xenapi.py index 84c3caa63..10dc70741 100644 --- a/nova/tests/test_xenapi.py +++ b/nova/tests/test_xenapi.py @@ -2068,8 +2068,10 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase): ipv6 = self.fw.iptables.ipv6['filter'].rules ipv4_network_rules = len(ipv4) - len(inst_ipv4) - ipv4_len ipv6_network_rules = len(ipv6) - len(inst_ipv6) - ipv6_len - self.assertEquals(ipv4_network_rules, - ipv4_rules_per_addr * ipv4_addr_per_network * networks_count) + # Extra rule is for the DHCP request + rules = (ipv4_rules_per_addr * ipv4_addr_per_network * + networks_count) + 1 + self.assertEquals(ipv4_network_rules, rules) self.assertEquals(ipv6_network_rules, ipv6_rules_per_addr * ipv6_addr_per_network * networks_count) |