openstack
/
neutron
Code Issues Proposed changes
neutron/neutron/tests/unit/agent/linux
History
Dustin Lundquist fd5fd259a0 Iptables firewall prevent IP spoofed DHCP requests 
The DHCP rules in the fixed iptables firewall rules were too permissive.
They permitted any UDP traffic with a source port of 68 and destination
port of 67. Care must be taken since these rules return before the IP
spoofing prevention rules. This patch splits the fixed DHCP rules into
two, one for the discovery and request messages which take place before
the instance has bound an IP address and a second to permit DHCP
renewals.

Conflicts:
	neutron/tests/functional/agent/test_firewall.py

Change-Id: Ibc2b0fa80baf2ea8b01fa568cd1fe7a7e092e7a5
Partial-Bug: #1558658
(cherry picked from commit 6a93ee8ac1)
 		2016-04-08 11:24:03 -07:00
..
__init__.py Empty files should not contain copyright or license 2014-10-20 00:50:32 +00:00
failing_process.py Keep reading stdout/stderr until after kill 2016-01-26 18:16:21 +00:00
test_async_process.py Wait for the watch process in test case 2016-02-08 11:33:46 +00:00
test_bridge_lib.py Correct return values for bridge sysctl calls 2016-02-29 07:31:19 +00:00
test_daemon.py Correct unwatch_log to support python <= 2.7.5 2015-12-01 06:05:15 +00:00
test_dhcp.py Fix for adding gateway with IP outside subnet 2016-02-22 16:32:26 +05:30
test_external_process.py Set ip_nonlocal_bind in namespace if it exists 2015-10-21 17:14:58 +00:00
test_interface.py Add list routes 2015-09-09 20:58:58 +00:00
test_ip_conntrack.py De-dup conntrack deletions before running them 2016-03-18 16:15:19 +00:00
test_ip_lib.py Prevent binding IPv6 addresses to Neutron interfaces 2016-03-10 08:28:34 -06:00
test_ip_link_support.py sriov: implement spoofchecking configuration 2015-07-29 19:38:25 +02:00
test_ip_monitor.py Introduce ip address monitor 2015-03-03 20:06:14 -05:00
test_ipset_manager.py Execute ipset command using check_exit_code 2015-10-06 08:48:55 +00:00
test_iptables_firewall.py Iptables firewall prevent IP spoofed DHCP requests 2016-04-08 11:24:03 -07:00
test_iptables_manager.py Use diffs for iptables restore instead of all rules 2015-12-09 15:55:17 +00:00
test_keepalived.py Fix L3 HA with IPv6 2016-01-21 15:44:05 +00:00
test_ovsdb_monitor.py ovsdb monitor: get rid of custom _read_stdout/_read_stderr methods 2015-09-21 17:55:38 +02:00
test_pd.py Fix Prefix delegation router deletion key error 2015-08-27 17:44:50 -04:00
test_polling.py Fix failures introduced by the new version of mock 2015-07-09 17:54:32 -07:00
test_utils.py Fix locale problem in execute() 2015-08-31 12:08:09 +02:00