Merge "Do not initialize the iptables nat table in the dhcp-agent"
This commit is contained in:
commit
7dc958a642
|
@ -1589,6 +1589,7 @@ class DeviceManager(object):
|
|||
def fill_dhcp_udp_checksums(self, namespace):
|
||||
"""Ensure DHCP reply packets always have correct UDP checksums."""
|
||||
iptables_mgr = iptables_manager.IptablesManager(use_ipv6=True,
|
||||
nat=False,
|
||||
namespace=namespace)
|
||||
ipv4_rule = ('-p udp -m udp --dport %d -j CHECKSUM --checksum-fill'
|
||||
% constants.DHCP_RESPONSE_PORT)
|
||||
|
|
|
@ -308,7 +308,7 @@ class IptablesManager(object):
|
|||
_random_fully = None
|
||||
|
||||
def __init__(self, _execute=None, state_less=False, use_ipv6=False,
|
||||
namespace=None, binary_name=binary_name):
|
||||
nat=True, namespace=None, binary_name=binary_name):
|
||||
if _execute:
|
||||
self.execute = _execute
|
||||
else:
|
||||
|
@ -348,7 +348,8 @@ class IptablesManager(object):
|
|||
|
||||
if not state_less:
|
||||
self.initialize_mangle_table()
|
||||
self.initialize_nat_table()
|
||||
if nat:
|
||||
self.initialize_nat_table()
|
||||
|
||||
def initialize_mangle_table(self):
|
||||
self.ipv4.update(
|
||||
|
|
|
@ -1340,3 +1340,23 @@ class IptablesManagerStateLessTestCase(base.BaseTestCase):
|
|||
iptables.initialize_nat_table()
|
||||
self.assertIn('nat', iptables.ipv4)
|
||||
self.assertNotIn('mangle', iptables.ipv4)
|
||||
|
||||
|
||||
class IptablesManagerNoNatTestCase(base.BaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(IptablesManagerNoNatTestCase, self).setUp()
|
||||
cfg.CONF.set_override('comment_iptables_rules', False, 'AGENT')
|
||||
self.iptables = (iptables_manager.IptablesManager(nat=False))
|
||||
|
||||
def test_nat_not_found(self):
|
||||
self.assertNotIn('nat', self.iptables.ipv4)
|
||||
|
||||
def test_mangle_found(self):
|
||||
self.assertIn('mangle', self.iptables.ipv4)
|
||||
|
||||
def test_initialize_nat_table(self):
|
||||
iptables = iptables_manager.IptablesManager(nat=False)
|
||||
iptables.initialize_nat_table()
|
||||
self.assertIn('nat', iptables.ipv4)
|
||||
self.assertIn('mangle', iptables.ipv4)
|
||||
|
|
Loading…
Reference in New Issue