Merge "Switch IPv4 rejects from host-prohibit to admin"

2021-11-09 20:36:01 +00:00 · 2021-11-09 20:36:01 +00:00 · 890d59cd5f
parent 4a118cf402 7308220484
commit 890d59cd5f
2 changed files with 2 additions and 2 deletions
--- a/playbooks/roles/iptables/templates/rules.v4.j2
+++ b/playbooks/roles/iptables/templates/rules.v4.j2
@ -34,5 +34,5 @@
 {% endif -%}
 {% endfor -%}
 {% endfor -%}
-A openstack-INPUT -j REJECT --reject-with icmp-host-prohibited
+-A openstack-INPUT -j REJECT --reject-with icmp-admin-prohibited
 COMMIT
--- a/testinfra/util.py
+++ b/testinfra/util.py
@ -100,7 +100,7 @@ def verify_iptables(host):
        '-A openstack-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT',
        '-A openstack-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT',
        '-A openstack-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT',
-        '-A openstack-INPUT -j REJECT --reject-with icmp-host-prohibited'
+        '-A openstack-INPUT -j REJECT --reject-with icmp-admin-prohibited'
    ]
    for rule in needed_rules:
        assert rule in rules