yahoo-eng-team team mailing list archive

[OpenStack Infra <1762736@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/560075
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=0b8bcc4d74187d4fdee26f6d57d72c70809ea70e
Submitter: Zuul
Branch:    master

commit 0b8bcc4d74187d4fdee26f6d57d72c70809ea70e
Author: Nikita Gerasimov <nikita.gerasimov@xxxxxxxxxx>
Date:   Tue Apr 10 19:25:39 2018 +0300

    Adds egress and ingress forward rules for trusted ports
    
    Iptables firewall driver now adds rules for trusted ports to FORWARD
    chain in EGRESS and INGRESS directions.
    Unfiltered and trusted port rules are too wide. We have to match
    traffic against security groups first.
    
    Change-Id: I61e4dc92669e33a207adfb72a1692184884143e1
    Closes-Bug: #1762736


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1762736

Title:
  Iptables firewall driver adds forward rules for trusted ports only in
  the ingress direction

Status in neutron:
  Fix Released

Bug description:
  Iptables firewall driver adds forward rules for trusted ports only in the ingress direction.
  But for normal working of ports like "network:router_ha_interface" egress direction also required.

  Version: queens
  openstack-neutron-linuxbridge-12.0.1-1.el7.noarch

  https://review.openstack.org/525607

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1762736/+subscriptions