openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
Jakub Libosvar 3327db80be ovs-fw: Clear conntrack information before egress pipeline 
In case where Neutron logical port is placed directly to hypervisor,
hypervisor does a conntrack lookup before packets reach OVS integration
bridge. This patch introduces a rule with high priority that is placed
at the beginning of the egress pipeline. This rule removes conntrack
information from all packets if conntrack information is present. Then
packets continue in the egress pipeline.

That means all packets in egress pipeline are not tracked and ovs
firewall can do a lookup in correct zone. As for ingress pipeline, it
distinguishes between tracked - which are packets coming from egress
pipeline, and not tracked, which are inbound packets coming not from a
local port.

Change-Id: Ia4f524adce2b5ee6d98d3921cfb03d56ad6d0813
Closes-bug: #1747082
 		2018-03-14 14:27:40 +00:00
..
agent ovs-fw: Clear conntrack information before egress pipeline 2018-03-14 14:27:40 +00:00
api remove neutron.callbacks package 2018-01-16 09:32:32 -07:00
cmd More efficiently clean up OVS ports 2018-01-22 14:07:42 -06:00
common Fix eventlet imports issue 2018-01-25 16:52:06 +01:00
conf Fixes using SSL OVSDB connection 2018-02-09 04:50:10 +00:00
core_extensions use qos constants from neutron-lib 2017-10-26 19:57:19 +00:00
db Remove redundant get_object call when creating fip qos binding 2018-02-08 20:53:58 -08:00
debug Change ip_lib network namespace code to use pyroute2 2017-10-04 21:09:28 +00:00
extensions Filter port-list based on security_groups. 2018-02-06 09:55:34 +00:00
hacking hacking: Remove dead code 2017-07-19 13:43:44 +02:00
ipam Switch to use _get_subnet_object in neutrondb_ipam driver 2017-12-12 13:42:15 +01:00
locale Imported Translations from Zanata 2017-07-18 08:36:04 +00:00
notifiers use callback payloads for REQUEST/RESPONSE events 2017-12-24 07:27:11 +00:00
objects Allow objects to opt in new engine facade 2018-02-09 04:07:34 +00:00
pecan_wsgi Fixes minor typo in neutron 2018-01-18 14:27:59 +08:00
plugins Merge "Filter port-list based on security_groups." 2018-02-12 14:03:40 +00:00
privileged Change ip_lib network namespace code to use pyroute2 2017-10-04 21:09:28 +00:00
quota CountableResource: try count/get functions for all plugins 2017-09-08 10:50:12 -07:00
scheduler Merge "use l3 api def from neutron-lib" 2017-12-16 13:01:14 +00:00
server Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
services Merge "Use constant 'IS_DEFAULT' from neutron-lib" 2018-01-19 14:37:34 +00:00
tests ovs-fw: Clear conntrack information before egress pipeline 2018-03-14 14:27:40 +00:00
__init__.py
_i18n.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
auth.py Use oslo.context class method to construct context object 2017-03-23 09:02:46 +00:00
manager.py Do not load default service plugins if core plugin is not DB based 2017-11-09 20:34:52 +00:00
neutron_plugin_base_v2.py Do not load default service plugins if core plugin is not DB based 2017-11-09 20:34:52 +00:00
opts.py Merge "Remove deprecated cache_url" 2018-01-03 06:35:59 +00:00
policy.py Merge "Log policy filters in one line" 2017-08-23 11:09:37 +00:00
service.py use callback payloads for _SPAWN events 2017-12-21 11:03:36 -07:00
version.py
worker.py replace WorkerSupportServiceMixin with neutron-lib's WorkerBase 2017-06-14 06:56:48 -06:00
wsgi.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00