diff options
| author | Jenkins <jenkins@review.openstack.org> | 2012-02-17 19:07:23 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2012-02-17 19:07:23 +0000 |
| commit | 1a3aa2d55f99c8598ea61883bc25d1f86ec153da (patch) | |
| tree | 9b0a2b464991829d45a325204a11019bbc250ab6 /nova | |
| parent | 00d2781b50031c01550192e3bbd8e43b491a17ee (diff) | |
| parent | 181d8de082090f77bb6f5b8b816e172005f6a38c (diff) | |
| download | nova-1a3aa2d55f99c8598ea61883bc25d1f86ec153da.tar.gz nova-1a3aa2d55f99c8598ea61883bc25d1f86ec153da.tar.xz nova-1a3aa2d55f99c8598ea61883bc25d1f86ec153da.zip | |
Merge "Run ovs-ofctl as root"
Diffstat (limited to 'nova')
| -rwxr-xr-x | nova/network/linux_net.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py index d7465e461..987a063db 100755 --- a/nova/network/linux_net.py +++ b/nova/network/linux_net.py @@ -1098,10 +1098,11 @@ class LinuxOVSInterfaceDriver(LinuxNetInterfaceDriver): # If we weren't instructed to act as a gateway then add the # appropriate flows to block all non-dhcp traffic. _execute('ovs-ofctl', - 'add-flow', bridge, "priority=1,actions=drop") + 'add-flow', bridge, "priority=1,actions=drop", + run_as_root=True) _execute('ovs-ofctl', 'add-flow', bridge, "udp,tp_dst=67,dl_dst=%s,priority=2,actions=normal" % - mac_address) + mac_address, run_as_root=True) # .. and make sure iptbles won't forward it as well. iptables_manager.ipv4['filter'].add_rule('FORWARD', '--in-interface %s -j DROP' % bridge) |