openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
Miguel Lavalle 8287d7f546 Disallow router interface out of subnet IP range 
Currently, a non privileged tenant can add a router interface to a
shared / external network's subnet with an IP address outside the
subnet's allocation pool, creating a security risk. This patch prevents
tenants who are not the subnet's owner or admin from assigning a router
interface an IP address outside the subnet's allocation pool.

Change-Id: I32e76a83443dd8e7d79b396499747f29b4762e92
Closes-Bug: #1757482
(cherry picked from commit 54aa6e81cb)
 		2018-07-20 13:09:20 +02:00
..
agent Merge "Make L3 IP tc filter rate limit more accurate" into stable/queens 2018-07-19 04:29:11 +00:00
api Fix lack of routes for neighbour IPv4 subnets 2018-06-01 19:56:52 +00:00
cmd Configure privsep helper in neutron-netns-cleanup 2018-06-27 08:24:29 +00:00
common Windows: fix exec calls 2018-06-19 07:12:27 +00:00
conf [OVS] Add mac-table-size to be set on each ovs bridge 2018-06-19 07:12:45 +00:00
core_extensions use qos constants from neutron-lib 2017-10-26 19:57:19 +00:00
db Disallow router interface out of subnet IP range 2018-07-20 13:09:20 +02:00
debug Change ip_lib network namespace code to use pyroute2 2017-10-04 21:09:28 +00:00
extensions Only allow SG port ranges for whitelisted protocols 2018-05-08 17:23:05 +02:00
hacking hacking: Remove dead code 2017-07-19 13:43:44 +02:00
ipam Always pass device_owner to _ipam_get_subnets() 2018-02-17 18:31:50 +00:00
locale Imported Translations from Zanata 2018-03-14 06:20:49 +00:00
notifiers use callback payloads for REQUEST/RESPONSE events 2017-12-24 07:27:11 +00:00
objects Revert "Ensure _get_changed_synthetic_fields() return updatable fields" 2018-06-22 19:16:09 +00:00
pecan_wsgi Fixes minor typo in neutron 2018-01-18 14:27:59 +08:00
plugins Merge "ovs: removed sinkhole RPC target for old topics" into stable/queens 2018-07-03 02:15:24 +00:00
privileged Revert "DVR: Fix allowed_address_pair IP, ARP table update by neutron agent" 2018-06-18 22:29:42 +00:00
quota CountableResource: try count/get functions for all plugins 2017-09-08 10:50:12 -07:00
scheduler Merge "use l3 api def from neutron-lib" 2017-12-16 13:01:14 +00:00
server Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
services Merge "Fix error message when duplicate QoS rule is created" into stable/queens 2018-03-07 19:22:59 +00:00
tests Disallow router interface out of subnet IP range 2018-07-20 13:09:20 +02:00
__init__.py
_i18n.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
auth.py Use oslo.context class method to construct context object 2017-03-23 09:02:46 +00:00
manager.py Do not load default service plugins if core plugin is not DB based 2017-11-09 20:34:52 +00:00
neutron_plugin_base_v2.py Do not load default service plugins if core plugin is not DB based 2017-11-09 20:34:52 +00:00
opts.py Merge "Remove deprecated cache_url" 2018-01-03 06:35:59 +00:00
policy.py Merge "Log policy filters in one line" 2017-08-23 11:09:37 +00:00
service.py use callback payloads for _SPAWN events 2017-12-21 11:03:36 -07:00
version.py
worker.py replace WorkerSupportServiceMixin with neutron-lib's WorkerBase 2017-06-14 06:56:48 -06:00
wsgi.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00