openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
Édouard Thuleau 2414834ffe ARP spoofing patch: Low level ebtables integration 
ARP cache poisoning is not actually prevented by the firewall
driver 'iptables_firewall'. We are adding the use of the ebtables
command - with a corresponding ebtables-driver - in order to create
Ethernet frame filtering rules, which prevent the sending of ARP
cache poisoning frames.

The complete patch is broken into a set of smaller patches for easier review.

This patch here is th first of the series and includes the low-level ebtables
integration, unit and functional tests.

Note:
    This commit is based greatly on an original, now abandoned patch,
    presented for review here:

        https://review.openstack.org/#/c/70067/

    Full spec can be found here:

        https://review.openstack.org/#/c/129090/

SecurityImpact

Change-Id: I9ef57a86b1a1c1fa4ba1a034c920f23cb40072c0
Implements: blueprint arp-spoof-patch-ebtables
Related-Bug: 1274034
Co-Authored-By: jbrendel <jbrendel@cisco.com>
 		2015-04-22 09:32:02 +12:00
..
agent ARP spoofing patch: Low level ebtables integration 2015-04-22 09:32:02 +12:00
api Replace custom method call logger with oslo.log helper 2015-04-20 15:16:54 +00:00
callbacks Migrate to oslo.log 2015-03-12 11:22:56 +01:00
cmd ARP spoofing patch: Low level ebtables integration 2015-04-22 09:32:02 +12:00
common Replace custom method call logger with oslo.log helper 2015-04-20 15:16:54 +00:00
db Merge "Only call get_engine().pool.dispose if _FACADE" 2015-04-21 16:43:54 +00:00
debug Migrate to oslo.log 2015-03-12 11:22:56 +01:00
extensions Moving VLAN Transparency support from core to extension 2015-04-08 08:35:13 -07:00
hacking Migrate to oslo.log 2015-03-12 11:22:56 +01:00
ipam Simple subnetpool allocation quotas 2015-03-31 20:56:31 +00:00
locale Imported Translations from Transifex 2015-04-16 06:13:44 +00:00
notifiers Reuse nova batch notifier 2015-03-20 13:55:08 +00:00
openstack Merge "Synced versionutils from oslo-incubator" 2015-04-16 19:49:00 +00:00
plugins Merge "Replace custom method call logger with oslo.log helper" 2015-04-20 20:21:22 +00:00
scheduler OOP cleanup: start protected method names with underscore 2015-04-08 00:24:43 +04:00
server Migrate to oslo.log 2015-03-12 11:22:56 +01:00
services Replace custom method call logger with oslo.log helper 2015-04-20 15:16:54 +00:00
tests ARP spoofing patch: Low level ebtables integration 2015-04-22 09:32:02 +12:00
__init__.py Revert "monkey patch stdlib before importing other modules" 2015-02-11 17:26:33 -08:00
auth.py Migrate to oslo.log 2015-03-12 11:22:56 +01:00
context.py context: reuse base oslo.context class for to_dict() 2015-04-10 18:14:53 +02:00
hooks.py Remove the useless vim modelines 2014-06-21 15:07:31 +08:00
i18n.py oslo: migrate to namespace-less import paths 2015-02-05 15:09:32 +01:00
manager.py Migrate to oslo.log 2015-03-12 11:22:56 +01:00
neutron_plugin_base_v2.py Basic subnetpool CRUD 2015-03-18 22:53:50 -07:00
policy.py Merge "Enable to apply policies to resources with special plural" 2015-04-01 08:04:45 +00:00
quota.py Treat all negative quota values as -1 2015-04-02 17:26:51 +05:30
service.py Only call get_engine().pool.dispose if _FACADE 2015-03-30 09:58:09 -07:00
version.py Remove the useless vim modelines 2014-06-21 15:07:31 +08:00
wsgi.py Only call get_engine().pool.dispose if _FACADE 2015-03-30 09:58:09 -07:00