Ironic Inspector

  1. Bug #1756012
  2. Activity log

Activity log for bug #1756012

Date Who What changed Old value New value Message
2018-03-15 08:04:41 zhengyong bug added bug
2018-03-15 08:04:47 zhengyong ironic-inspector: assignee zhengyong (zhengy23)
2018-03-15 08:05:40 zhengyong description Under IPv6 network, we should use command 'ip6tables' to config firewall, but we only use command 'iptables' to config firewall, we can see here: # ironic_inspector/pxe_filter/iptables.py class IptablesFilter(pxe_filter.BaseFilter): """A PXE boot filtering interface implementation.""" def __init__(self): super(IptablesFilter, self).__init__() self.blacklist_cache = None self.enabled = True self.interface = CONF.iptables.dnsmasq_interface self.chain = CONF.iptables.firewall_chain self.new_chain = self.chain + '_temp' self.base_command = ('sudo', 'ironic-inspector-rootwrap', CONF.rootwrap_config, 'iptables') this should to fixed. Under IPv6 network, we should use command 'ip6tables' to config firewall, but we only use command 'iptables' to config firewall, we can see here: # on branch master ironic_inspector/pxe_filter/iptables.py class IptablesFilter(pxe_filter.BaseFilter):     """A PXE boot filtering interface implementation."""     def __init__(self):         super(IptablesFilter, self).__init__()         self.blacklist_cache = None         self.enabled = True         self.interface = CONF.iptables.dnsmasq_interface         self.chain = CONF.iptables.firewall_chain         self.new_chain = self.chain + '_temp'         self.base_command = ('sudo', 'ironic-inspector-rootwrap',                              CONF.rootwrap_config, 'iptables') this should to fixed.
2023-11-19 14:42:05 Dmitry Tantsur ironic-inspector: status New Fix Released