From efc3694a3a9b6cc7ea5ce02a7a969e16553d6992 Mon Sep 17 00:00:00 2001
From: Dan Prince <dprince@redhat.com>
Date: Wed, 16 May 2012 22:24:07 -0400
Subject: Make Iptables FW Driver handle dhcp_server None.

Updates the IptablesFirewallDriver so it doesn't set iptables rules
for the DHCP server if dhcp_server is None in network info.

Fixes LP Bug #1000522.

Change-Id: I08bcae49fb75f685c9eab4e10936fdab5b304e2b
---
 nova/virt/firewall.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/nova/virt/firewall.py b/nova/virt/firewall.py
index b70e164b1..aa05a2261 100644
--- a/nova/virt/firewall.py
+++ b/nova/virt/firewall.py
@@ -209,8 +209,9 @@ class IptablesFirewallDriver(FirewallDriver):
         dhcp_servers = [info['dhcp_server'] for (_n, info) in network_info]
 
         for dhcp_server in dhcp_servers:
-            ipv4_rules.append('-s %s -p udp --sport 67 --dport 68 '
-                              '-j ACCEPT' % (dhcp_server,))
+            if dhcp_server:
+                ipv4_rules.append('-s %s -p udp --sport 67 --dport 68 '
+                                  '-j ACCEPT' % (dhcp_server,))
 
     def _do_project_network_rules(self, ipv4_rules, ipv6_rules, network_info):
         cidrs = [network['cidr'] for (network, _i) in network_info]
-- 
cgit