It seems that the command is classified as ip-netns filter which will run under root permission. That's why the metadata-proxy command filter doesn't take effect.
Actually it's not a 'wrong' behavior.
neutron-rootwrap: (root > root) Executing ['/sbin/ip', 'netns', 'exec', 'qrouter-445757d8-ade8-4c2f-9b44-029942e9fd26', 'neutron-ns-metadata-proxy', '--pid_file=/var/lib/neutron/external/pids/445757d8-ade8-4c2f-9b44-029942e9fd26.pid', '--metadata_proxy_socket=/var/lib/neutron/metadata_proxy', '--router_id=445757d8-ade8-4c2f-9b44-029942e9fd26', '--state_path=/var/lib/neutron', '--metadata_port=9697', '--log-file=neutron-ns-metadata-proxy-445757d8-ade8-4c2f-9b44-029942e9fd26.log', '--log-dir=/var/log/neutron'] (filter match = ip_exec)
It seems that the command is classified as ip-netns filter which will run under root permission. That's why the metadata-proxy command filter doesn't take effect.
Actually it's not a 'wrong' behavior.
neutron-rootwrap: (root > root) Executing ['/sbin/ip', 'netns', 'exec', 'qrouter- 445757d8- ade8-4c2f- 9b44-029942e9fd 26', 'neutron- ns-metadata- proxy', '--pid_ file=/var/ lib/neutron/ external/ pids/445757d8- ade8-4c2f- 9b44-029942e9fd 26.pid' , '--metadata_ proxy_socket= /var/lib/ neutron/ metadata_ proxy', '--router_ id=445757d8- ade8-4c2f- 9b44-029942e9fd 26', '--state_ path=/var/ lib/neutron' , '--metadata_ port=9697' , '--log- file=neutron- ns-metadata- proxy-445757d8- ade8-4c2f- 9b44-029942e9fd 26.log' , '--log- dir=/var/ log/neutron' ] (filter match = ip_exec)