Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- From: =?UTF-8?q?Mathieu=20Gagn=C3=A9?= <mgagne@iweb.com>
- Date: Thu, 10 Jul 2014 14:22:01 -0400
- Subject: Add ability to still use Nova firewall with Neutron security group
- We need the Nova firewall to add anti-spoofing rules and for Ceilometer
- to indirectly set the correct resource id for Nova network samples.
- ---
- nova/tests/virt/libvirt/test_libvirt_vif.py | 8 --------
- nova/virt/libvirt/vif.py | 2 --
- 2 files changed, 10 deletions(-)
- diff --git a/nova/tests/virt/libvirt/test_libvirt_vif.py b/nova/tests/virt/libvirt/test_libvirt_vif.py
- index ed78a5c..babf92a 100644
- --- a/nova/tests/virt/libvirt/test_libvirt_vif.py
- +++ b/nova/tests/virt/libvirt/test_libvirt_vif.py
- @@ -718,14 +718,6 @@ class LibvirtVifTestCase(test.TestCase):
- self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
- self.vif_ovs_hybrid, br_want, 0)
- - def test_direct_plug_with_port_filter_cap_no_nova_firewall(self):
- - d = vif.LibvirtGenericVIFDriver(self._get_conn())
- - br_want = self.vif_midonet['devname']
- - xml = self._get_instance_xml(d, self.vif_ovs_filter_cap)
- - node = self._get_node(xml)
- - self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
- - self.vif_ovs_filter_cap, br_want)
- -
- def _check_neutron_hybrid_driver(self, d, vif, br_want):
- self.flags(firewall_driver="nova.virt.firewall.IptablesFirewallDriver")
- xml = self._get_instance_xml(d, vif)
- diff --git a/nova/virt/libvirt/vif.py b/nova/virt/libvirt/vif.py
- index f37b769..6ea46c8 100644
- --- a/nova/virt/libvirt/vif.py
- +++ b/nova/virt/libvirt/vif.py
- @@ -154,8 +154,6 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
- ("qvo%s" % iface_id)[:network_model.NIC_NAME_LEN])
- def get_firewall_required(self, vif):
- - if vif.is_neutron_filtering_enabled():
- - return False
- if CONF.firewall_driver != "nova.virt.firewall.NoopFirewallDriver":
- return True
- return False
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement