2018-03-15 08:05:40 |
zhengyong |
description |
Under IPv6 network, we should use command 'ip6tables' to config firewall, but we only use command 'iptables' to config firewall, we can see here:
# ironic_inspector/pxe_filter/iptables.py
class IptablesFilter(pxe_filter.BaseFilter):
"""A PXE boot filtering interface implementation."""
def __init__(self):
super(IptablesFilter, self).__init__()
self.blacklist_cache = None
self.enabled = True
self.interface = CONF.iptables.dnsmasq_interface
self.chain = CONF.iptables.firewall_chain
self.new_chain = self.chain + '_temp'
self.base_command = ('sudo', 'ironic-inspector-rootwrap',
CONF.rootwrap_config, 'iptables')
this should to fixed. |
Under IPv6 network, we should use command 'ip6tables' to config firewall, but we only use command 'iptables' to config firewall, we can see here:
# on branch master ironic_inspector/pxe_filter/iptables.py
class IptablesFilter(pxe_filter.BaseFilter):
"""A PXE boot filtering interface implementation."""
def __init__(self):
super(IptablesFilter, self).__init__()
self.blacklist_cache = None
self.enabled = True
self.interface = CONF.iptables.dnsmasq_interface
self.chain = CONF.iptables.firewall_chain
self.new_chain = self.chain + '_temp'
self.base_command = ('sudo', 'ironic-inspector-rootwrap',
CONF.rootwrap_config, 'iptables')
this should to fixed. |
|