registry team mailing list archive
-
registry team
-
Mailing list archive
-
Message #23794
[Bug 659135] [NEW] Security Group ingress filtering doesn't work if traffic is routed
Public bug reported:
Security Group ingress filtering doesn't for routed traffic. I.e. if the
VM's are connected to a bridge, traffic coming into the host on an
interface that isn't on the same bridge, the incoming traffic escapes
filtering. This is due to a shortcoming in libvirt's nwfilter code which
didn't get updated in response to a change in the linux kernel that
removed support for --physdev-out filtering for non-bridged traffic.
https://bugzilla.redhat.com/show_bug.cgi?id=642171
** Affects: nova
Importance: Undecided
Status: New
** Bug watch added: Red Hat Bugzilla #642171
https://bugzilla.redhat.com/show_bug.cgi?id=642171
--
Security Group ingress filtering doesn't work if traffic is routed
https://bugs.launchpad.net/bugs/659135
You received this bug notification because you are a member of Registry
Administrators, which is subscribed to OpenStack.
Follow ups
References