Merge "Set iptables forward drop by default"

This commit is contained in:
Zuul 2018-12-18 17:08:11 +00:00 committed by Gerrit Code Review
commit 1079fc5cbf
3 changed files with 3 additions and 3 deletions
playbooks/roles/iptables/templates
testinfra

@ -1,6 +1,6 @@
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:openstack-INPUT - [0:0]
-A INPUT -j openstack-INPUT

@ -1,6 +1,6 @@
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:openstack-INPUT - [0:0]
-A INPUT -j openstack-INPUT

@ -64,7 +64,7 @@ def test_iptables(host):
start = [
'-P INPUT ACCEPT',
'-P FORWARD ACCEPT',
'-P FORWARD DROP',
'-P OUTPUT ACCEPT',
'-N openstack-INPUT',
'-A INPUT -j openstack-INPUT',