With this change we correctly get the rule present (aka the first
ACCEPT line. The second line is due to the stock ip6tables rule
I had in my testing):
[root@overcloud-controller-0 ~]# iptables -nvL |grep 546
[root@overcloud-controller-0 ~]# ip6tables -nvL |grep 546
0 0 ACCEPT udp * * ::/0 fe80::/64 multiport dports 546 /* 004 accept ipv6 dhcpv6 ipv6 */ state NEW
0 0 ACCEPT udp * * ::/0 fe80::/64 udp dpt:546 state NEW
Reviewed: https:/ /review. openstack. org/426143 /git.openstack. org/cgit/ openstack/ puppet- tripleo/ commit/ ?id=d5d4cc10943 65b6bb147216d2e c99ddc36020a31
Committed: https:/
Submitter: Jenkins
Branch: master
commit d5d4cc1094365b6 bb147216d2ec99d dc36020a31
Author: Michele Baldessari <email address hidden>
Date: Fri Jan 27 10:54:28 2017 +0100
Add a default rule for dhcpv6 traffic
Via bug https:/ /bugs.launchpad .net/tripleo/ +bug/1657108 we need ip{6}tables in /bugzilla. redhat. com/show_ bug.cgi? id=1169036 for more info)
to zero out the default rules in /etc/sysconfig/
the image.
We have done this for ipv4, but when we will do it for ipv6 we
will also need to make sure we add a rule for dhcpv6 traffic
as it is shipped in the iptables rpm. (See
https:/
With this change we correctly get the rule present (aka the first overcloud- controller- 0 ~]# iptables -nvL |grep 546 overcloud- controller- 0 ~]# ip6tables -nvL |grep 546
ACCEPT line. The second line is due to the stock ip6tables rule
I had in my testing):
[root@
[root@
0 0 ACCEPT udp * * ::/0 fe80::/64 multiport dports 546 /* 004 accept ipv6 dhcpv6 ipv6 */ state NEW
0 0 ACCEPT udp * * ::/0 fe80::/64 udp dpt:546 state NEW
Change-Id: If22080054b2b1f a7acfd101e8c34d 2707e8e7864
Partial-Bug: #1657108