Kevin Benton 04197bc4bb Add ARP spoofing protection for LinuxBridge agent ... This patch adds ARP spoofing protection for the Linux Bridge agent based on ebtables. This code was written to be minimally invasive with the intent of back-porting to Kilo. The protection is enabled and disabled with the same 'prevent_arp_spoofing' agent config flag added for the OVS agent in I7c079b779245a0af6bc793564fa8a560e4226afe. The protection works by setting up an ebtables chain for each port and jumping all ARP traffic to that chain. The port-specific chains have a default DROP policy and then have allow rules installed that only allow ARP traffic with a source CIDR that matches one of the port's fixed IPs or an allowed address pair. Closes-Bug: #1274034 Change-Id: I0b0e3b1272472385dff060897ecbd25e93fd78e7		2015-07-06 23:04:06 -07:00
..
api	Use REST rather than ReST	2015-06-27 13:41:54 +08:00
common	Add ARP spoofing protection for LinuxBridge agent	2015-07-06 23:04:06 -07:00
contrib	Prepare for full stack CI job	2015-06-22 11:47:54 -04:00
etc	Make pep8 job succeed when /etc/neutron/neutron.conf is not installed	2015-06-09 12:50:35 +02:00
fullstack	Improve fixture usage.	2015-07-01 14:53:48 +12:00
functional	Add ARP spoofing protection for LinuxBridge agent	2015-07-06 23:04:06 -07:00
retargetable	Improve fixture usage.	2015-07-01 14:53:48 +12:00
tempest	Use string exception casting everywhere	2015-06-22 09:13:56 -04:00
unit	Add ARP spoofing protection for LinuxBridge agent	2015-07-06 23:04:06 -07:00
var	Allow combined certificate/key files for SSL	2014-04-13 09:22:23 +00:00
__init__.py	Add eventlet monkey_patch helper	2015-03-24 08:44:00 -07:00
base.py	Improve fixture usage.	2015-07-01 14:53:48 +12:00
fake_notifier.py	Pass serializer to oslo.messaging Notifier	2014-06-20 14:58:28 +02:00
post_mortem_debug.py	Cleanup recent generalization in post mortem debugger	2014-12-04 15:28:11 +01:00
tools.py	Improve fixture usage.	2015-07-01 14:53:48 +12:00