summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZuul <zuul@review.openstack.org>2018-11-14 14:02:20 +0000
committerGerrit Code Review <review@openstack.org>2018-11-14 14:02:20 +0000
commit64ec23ab39cf0cfd93b6f37f4259bc8068388f45 (patch)
treea911b776fd8df353589844d3b5d4a3e3fc8a9697
parentdd5055f4443947804a8b480fd0fbc75f52f47282 (diff)
parent74a46adfd3248f5e1edb18b39790f9117cf85d6a (diff)
Merge "Removing leftovers from subnet Port Groups"
-rw-r--r--networking_ovn/common/acl.py33
1 files changed, 0 insertions, 33 deletions
diff --git a/networking_ovn/common/acl.py b/networking_ovn/common/acl.py
index f9da64b..71d6ecf 100644
--- a/networking_ovn/common/acl.py
+++ b/networking_ovn/common/acl.py
@@ -154,39 +154,6 @@ def add_acls_for_drop_port_group(pg_name):
154 return acl_list 154 return acl_list
155 155
156 156
157def add_acls_for_subnet_port_group(ovn, pg_name, subnet, ovn_dhcp=True):
158 # Allow DHCP requests for OVN native DHCP service, while responses are
159 # allowed in ovn-northd.
160 # Allow both DHCP requests and responses to pass for other DHCP services.
161 # We do this even if DHCP isn't enabled for the subnet
162 acl_list = []
163 if not ovn_dhcp:
164 acl = {"port_group": pg_name,
165 "priority": ovn_const.ACL_PRIORITY_ALLOW,
166 "action": ovn_const.ACL_ACTION_ALLOW,
167 "log": False,
168 "name": [],
169 "severity": [],
170 "direction": 'to-lport',
171 "match": ('outport == @%s && ip4 && ip4.src == %s && '
172 'udp && udp.src == 67 && udp.dst == 68'
173 ) % (pg_name, subnet['cidr'])}
174 acl_list.append(acl)
175 acl = {"port_group": pg_name,
176 "priority": ovn_const.ACL_PRIORITY_ALLOW,
177 "action": ovn_const.ACL_ACTION_ALLOW,
178 "log": False,
179 "name": [],
180 "severity": [],
181 "direction": 'from-lport',
182 "match": ('inport == @%s && ip4 && '
183 'ip4.dst == {255.255.255.255, %s} && '
184 'udp && udp.src == 68 && udp.dst == 67'
185 ) % (pg_name, subnet['cidr'])}
186 acl_list.append(acl)
187 return acl_list
188
189
190def drop_all_ip_traffic_for_port(port): 157def drop_all_ip_traffic_for_port(port):
191 acl_list = [] 158 acl_list = []
192 for direction, p in (('from-lport', 'inport'), 159 for direction, p in (('from-lport', 'inport'),