commit 008277b8c12d99438951a308b278203fa7a7c3ef
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Sun Mar 5 22:12:55 2023 +0100
[OVS] Allow custom ethertype traffic in the ingress table
This patch is a partial revert of [1], reinstantiating the code merged
in [2]. This patch is the complementary to [1]: the traffic with
custom ethertypes is allowed in the ingress processing tables, same
as [1] is allowing all traffic from the virtual machine ports in this
host to leave the node. Both, this patch and [1], are bypassing the
OVS firewall just for the traffic with the configured allowed
ethertypes and just for/to the local ports and MAC addresses.
Any other traffic not coming from a local port or with destination
a local port, will be blocked as is now.
Reviewed: https:/ /review. opendev. org/c/openstack /neutron/ +/876563 /opendev. org/openstack/ neutron/ commit/ 008277b8c12d994 38951a308b27820 3fa7a7c3ef
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 008277b8c12d994 38951a308b27820 3fa7a7c3ef
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Sun Mar 5 22:12:55 2023 +0100
[OVS] Allow custom ethertype traffic in the ingress table
This patch is a partial revert of [1], reinstantiating the code merged
in [2]. This patch is the complementary to [1]: the traffic with
custom ethertypes is allowed in the ingress processing tables, same
as [1] is allowing all traffic from the virtual machine ports in this
host to leave the node. Both, this patch and [1], are bypassing the
OVS firewall just for the traffic with the configured allowed
ethertypes and just for/to the local ports and MAC addresses.
Any other traffic not coming from a local port or with destination
a local port, will be blocked as is now.
[1]https:/ /review. opendev. org/c/openstack /neutron/ +/678021 /review. opendev. org/c/openstack /neutron/ +/668224/
[2]https:/
Closes-Bug: #2009221 a446edf80886c49 fbac729073c
Related-Bug: #1832758
Change-Id: Ib8340d9430b946