Merge "Correct MAC representation to match iptables output"
This commit is contained in:
commit
6bc5fd3b2c
@ -51,6 +51,11 @@ MAX_CONNTRACK_ZONES = 65535
|
||||
comment_rule = iptables_manager.comment_rule
|
||||
|
||||
|
||||
class mac_iptables(netaddr.mac_eui48):
|
||||
"""mac format class for netaddr to match iptables representation."""
|
||||
word_sep = ':'
|
||||
|
||||
|
||||
class IptablesFirewallDriver(firewall.FirewallDriver):
|
||||
"""Driver which enforces security groups through iptables rules."""
|
||||
IPTABLES_DIRECTION = {firewall.INGRESS_DIRECTION: 'physdev-out',
|
||||
@ -368,7 +373,7 @@ class IptablesFirewallDriver(firewall.FirewallDriver):
|
||||
|
||||
def _build_ipv4v6_mac_ip_list(self, mac, ip_address, mac_ipv4_pairs,
|
||||
mac_ipv6_pairs):
|
||||
mac = str(netaddr.EUI(mac, dialect=netaddr.mac_unix))
|
||||
mac = str(netaddr.EUI(mac, dialect=mac_iptables))
|
||||
if netaddr.IPNetwork(ip_address).version == 4:
|
||||
mac_ipv4_pairs.append((mac, ip_address))
|
||||
else:
|
||||
|
@ -1817,8 +1817,8 @@ class IptablesFirewallEnhancedIpsetTestCase(BaseIptablesFirewallTestCase):
|
||||
for ip in other_ips])
|
||||
|
||||
def test_build_ipv4v6_mac_ip_list(self):
|
||||
mac_oth = 'ffff-ffff-ffff'
|
||||
mac_unix = 'ff:ff:ff:ff:ff:ff'
|
||||
mac_oth = 'ffff-ff0f-ffff'
|
||||
mac_unix = 'FF:FF:FF:0F:FF:FF'
|
||||
ipv4 = FAKE_IP['IPv4']
|
||||
ipv6 = FAKE_IP['IPv6']
|
||||
fake_ipv4_pair = []
|
||||
|
Loading…
Reference in New Issue
Block a user