Merge "Don't match input interface in POSTROUTING table"

2019-07-02 14:59:25 +00:00 · 2019-07-02 14:59:25 +00:00 · 29ccecebd7
commit 29ccecebd7
parent aee95bc102 dfa37b2233
1 changed files with 2 additions and 3 deletions
--- a/neutron/agent/l3/router_info.py
+++ b/neutron/agent/l3/router_info.py
@ -883,9 +883,8 @@ class RouterInfo(BaseRouterInfo):

    def _prevent_snat_for_internal_traffic_rule(self, interface_name):
        return (
-            'POSTROUTING', '! -i %(interface_name)s '
-                           '! -o %(interface_name)s -m conntrack ! '
-                           '--ctstate DNAT -j ACCEPT' %
+            'POSTROUTING', '! -o %(interface_name)s -m conntrack '
+                           '! --ctstate DNAT -j ACCEPT' %
                           {'interface_name': interface_name})

    def external_gateway_nat_fip_rules(self, ex_gw_ip, interface_name):