diff options
| author | Chet Burgess <cfb@metacloud.com> | 2013-02-06 07:32:03 +0000 |
|---|---|---|
| committer | Chet Burgess <cfb@metacloud.com> | 2013-02-11 13:38:14 +0000 |
| commit | 5d6546a2b17ee6190d1a823d881118aeec8388f8 (patch) | |
| tree | a4ebc4f2e5e40da20d7816418613e40f249b1626 /nova/utils.py | |
| parent | 0b50669946a1eda587290154118fbaf6b455b670 (diff) | |
| download | nova-5d6546a2b17ee6190d1a823d881118aeec8388f8.tar.gz nova-5d6546a2b17ee6190d1a823d881118aeec8388f8.tar.xz nova-5d6546a2b17ee6190d1a823d881118aeec8388f8.zip | |
preserve order of pre-existing iptables chains
Adds new configuration options:
iptables_top_regex='' (Default)
When set treated as a regular expression to match
iptables rules that should always be placed at the
top of the table before the nova chains.
iptables_bottom_regex='' (Default)
When set treated as a regular expression to match
iptables rules that should always be placed at the
bottom of the table right before the COMMIT
Additionally the existing iptables tests were no longer
actually testing the chains we use. In some cases we
were looking for chains that haven't existed in the
code base for 2 years. I took the oppurtunity to update
all tests to actually test for the chains we care about.
Flags: DocImpact
Change-Id: I335ca3712d6dd37051cc8e46e1237aaf66a4a94e
Fixes: bug #1116562
Diffstat (limited to 'nova/utils.py')
0 files changed, 0 insertions, 0 deletions