diff options
| -rw-r--r-- | nova/network/linux_net.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py index 57c1d0c28..dc0d2caa0 100644 --- a/nova/network/linux_net.py +++ b/nova/network/linux_net.py @@ -511,6 +511,17 @@ def get_dhcp_hosts(context, network_ref): return '\n'.join(hosts) +def _add_dnsmasq_accept_rules(dev): + """Allow DHCP and DNS traffic through to dnsmasq.""" + table = iptables_manager.ipv4['filter'] + for port in [67, 53]: + for proto in ['udp', 'tcp']: + args = {'dev' : dev, 'port' : port, 'proto' : proto} + table.add_rule('INPUT', + '-i %(dev)s -p %(proto)s -m %(proto)s ' + '--dport %(port)s -j ACCEPT' % args) + iptables_manager.apply() + # NOTE(ja): Sending a HUP only reloads the hostfile, so any # configuration options (like dchp-range, vlan, ...) # aren't reloaded. @@ -565,6 +576,7 @@ def update_dhcp(context, dev, network_ref): _execute(*cmd, run_as_root=True) + _add_dnsmasq_accept_rules(dev) @utils.synchronized('radvd_start') def update_ra(context, dev, network_ref): |