From 2fcc880bda4aed22faf975d4382347297d0bbbcd Mon Sep 17 00:00:00 2001
From: Lukas Bezdicka <lbezdick@redhat.com>
Date: Thu, 5 Jun 2014 20:13:58 +0200
Subject: [PATCH] Open VXLAN udp port

As we have no way knowing what ips the tunnel interfaces have we just
open the VXLAN udp port for all.

Closes-Bug: rhbz#1100993
Change-Id: Ide1b69c89dedcae2a054772a69009603cf3003cd
---
 packstack/plugins/neutron_350.py | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py
index 747cb5bc8..941fa9f30 100644
--- a/packstack/plugins/neutron_350.py
+++ b/packstack/plugins/neutron_350.py
@@ -755,14 +755,12 @@ def create_manifests(config, messages):
             else:
                 config['FIREWALL_PROTOCOL'] = 'gre'
                 tunnel_port = 'undef'
-            for f_host in q_hosts:
-                config['FIREWALL_ALLOWED'] = "'%s'" % f_host
-                config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port"
-                config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel_%s_%s"
-                                                 % (host, f_host))
-                config['FIREWALL_PORTS'] = tunnel_port
-                config['FIREWALL_CHAIN'] = "INPUT"
-                manifest_data += getManifestTemplate('firewall.pp')
+            config['FIREWALL_ALLOWED'] = "'ALL'"
+            config['FIREWALL_SERVICE_NAME'] = "neutron tunnel port"
+            config['FIREWALL_SERVICE_ID'] = ("neutron_tunnel")
+            config['FIREWALL_PORTS'] = tunnel_port
+            config['FIREWALL_CHAIN'] = "INPUT"
+            manifest_data += getManifestTemplate('firewall.pp')
 
         appendManifestFile(manifest_file, manifest_data, 'neutron')