Browse Source

Remove iptables forwarding rule for quantum-gate

Original default fowarding rule drops all packet including
the packets from quantum-dhcp. In this patch, we remove
forwarding rule

Change-Id: I68ec7440595a158e0a5f572868f37f54f5ffa1ba
Reviewed-on: https://review.openstack.org/18353
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
changes/39/151039/1
Nachi Ueno 6 years ago
parent
commit
53a8e73187
2 changed files with 0 additions and 2 deletions
  1. 0
    1
      templates/rules.erb
  2. 0
    1
      templates/rules.v6.erb

+ 0
- 1
templates/rules.erb View File

@@ -4,7 +4,6 @@
4 4
 :OUTPUT ACCEPT [0:0]
5 5
 :openstack-INPUT - [0:0]
6 6
 -A INPUT -j openstack-INPUT
7
--A FORWARD -j openstack-INPUT
8 7
 -A openstack-INPUT -i lo -j ACCEPT
9 8
 -A openstack-INPUT -p icmp --icmp-type any -j ACCEPT
10 9
 #-A openstack-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT

+ 0
- 1
templates/rules.v6.erb View File

@@ -4,7 +4,6 @@
4 4
 :OUTPUT ACCEPT [0:0]
5 5
 :openstack-INPUT - [0:0]
6 6
 -A INPUT -j openstack-INPUT
7
--A FORWARD -j openstack-INPUT
8 7
 -A openstack-INPUT -i lo -j ACCEPT
9 8
 -A openstack-INPUT -p icmpv6 -j ACCEPT
10 9
 -A openstack-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Loading…
Cancel
Save