c2869b7118
The flow rules to match on ARP headers for spoofing prevention
fail to install when an IPv6 address is used. These should be
skipped since the ARP spoofing prevention doesn't apply to IPv6.
Conflicts:
neutron/tests/common/machine_fixtures.py
Co-authored-by: Kevin Benton <blak111@gmail.com>
Closes-Bug: #1449363
Change-Id: I4bb3135e62378c5c96d1ac0b646336ac9a637bde
(cherry picked from commit dbe7ba1868
)
21 lines
714 B
XML
21 lines
714 B
XML
# neutron-rootwrap command filters to support functional testing. It
|
|
# is NOT intended to be used outside of a test environment.
|
|
#
|
|
# This file should be owned by (and only-writeable by) the root user
|
|
|
|
[Filters]
|
|
# enable ping from namespace
|
|
ping_filter: CommandFilter, ping, root
|
|
ping6_filter: CommandFilter, ping6, root
|
|
|
|
# enable curl from namespace
|
|
curl_filter: CommandFilter, curl, root
|
|
tee_filter: CommandFilter, tee, root
|
|
tee_kill: KillFilter, root, tee, -9
|
|
nc_filter: CommandFilter, nc, root
|
|
# netcat has different binaries depending on linux distribution
|
|
nc_kill: KillFilter, root, nc, -9
|
|
ncbsd_kill: KillFilter, root, nc.openbsd, -9
|
|
ncat_kill: KillFilter, root, ncat, -9
|
|
ss_filter: CommandFilter, ss, root
|