openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
Slawek Kaplonski ca7822e210 [ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses 
Neighbor Advertisments are used to inform other machines of the MAC
address to use to reach an IPv6. This commits prevents VMs from
pretending they are assigned IPv6 they should not use.

It also prevents sending UDP packets with spoofed IP or MAC even using
DHCP(v6) request ports.

Co-authored-by: David Sinquin <david.sinquin@gandi.net>

Closes-bug: #1902917

Change-Id: Iffb6643359562487414460f5a7e19a7fae9f935c
 		2021-04-13 15:15:41 +02:00
..
agent [ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses 2021-04-13 15:15:41 +02:00
api Set system_scope='all' in elevated context 2021-03-19 12:05:56 +01:00
cmd [SR-IOV] Do not fail if ip-link vf "min_tx_rate" is not supported 2021-03-11 09:46:03 +00:00
common Merge "Randomize segmentation ID assignation" 2021-03-29 10:27:44 +00:00
conf Merge "Modify create address scope policy rule and add UT for that API" 2021-03-27 02:40:07 +00:00
core_extensions Set system_scope='all' in elevated context 2021-03-19 12:05:56 +01:00
db Merge "Set system_scope='all' in elevated context" 2021-03-23 14:25:18 +00:00
debug Remove rootwrap execution (2) 2021-02-06 16:23:03 +00:00
extensions Config option to disable the DHCP functions 2021-03-05 14:35:29 +08:00
hacking Remove "six" library 2020-07-28 16:55:52 +00:00
ipam Allow to manually define the gateway IP when using subnet pools 2021-02-27 10:06:35 +00:00
locale Imported Translations from Zanata 2020-10-11 07:22:44 +00:00
notifiers [OVS] Fix live-migration connection disruption 2021-01-13 11:13:41 +00:00
objects Randomize segmentation ID assignation 2021-03-24 13:56:09 +00:00
pecan_wsgi Log exception generated in Controller.prepare_request_body 2020-08-18 16:18:34 -03:00
plugins Merge "Randomize segmentation ID assignation" 2021-03-29 10:27:44 +00:00
privileged Revert "Implement "kill" method using os.kill()" 2021-03-25 22:05:58 +00:00
profiling Remove "six" library 2020-07-28 16:55:52 +00:00
quota Remove "six" library 2020-07-28 16:55:52 +00:00
scheduler Set system_scope='all' in elevated context 2021-03-19 12:05:56 +01:00
server Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-07 14:51:06 +01:00
services Set system_scope='all' in elevated context 2021-03-19 12:05:56 +01:00
tests [ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses 2021-04-13 15:15:41 +02:00
__init__.py Remove usage of six.PY2 2020-05-22 12:59:01 -04:00
_i18n.py
auth.py
manager.py Remove usage of six.add_metaclass 2020-05-21 14:41:18 -04:00
neutron_plugin_base_v2.py Remove usage of six.add_metaclass 2020-05-21 14:41:18 -04:00
opts.py Provide the rpc_response_max_timeout parameter to metadata-agent 2021-03-23 18:08:44 +09:00
policy.py Always perform policy checks if enforce_new_defaults == true 2021-03-18 08:51:00 +01:00
service.py Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-07 14:51:06 +01:00
version.py
worker.py Change process name of neutron-server to match worker role 2019-03-01 14:18:09 -05:00
wsgi.py neutron-server api worker process should be named to their role 2021-01-11 08:28:32 +08:00