openstack/bifrost
Code Issues Proposed changes

Fix the DHCP port in iptables (68 vs 67 and TCP vs UDP)

Browse Source 
Change-Id: Ifb66474a72044ab06b479570b58db63d1d5ed4e9
This commit is contained in:
Dmitry Tantsur 2021-11-19 17:13:39 +01:00
parent 208135359d
commit 6c46346383
2 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml
View File

@ -409,13 +409,24 @@
in_interface: "{{ network_interface }}" in_interface: "{{ network_interface }}"
jump: ACCEPT jump: ACCEPT
loop: loop:
- 68
- 69
- "{{ file_url_port }}" - "{{ file_url_port }}"
- "{{ file_url_port_tls }}" - "{{ file_url_port_tls }}"
- 6385 - 6385
when: not use_firewalld | bool when: not use_firewalld | bool
- name: "Explicitly permit DHCP and TFTP ports"
iptables:
chain: INPUT
action: insert
protocol: udp
destination_port: "{{ item }}"
in_interface: "{{ network_interface }}"
jump: ACCEPT
loop:
- 67
- 69
when: not use_firewalld | bool
- name: "Enable services in firewalld" - name: "Enable services in firewalld"
firewalld: firewalld:
service: "{{ item }}" service: "{{ item }}"

5
releasenotes/notes/ubuntu-ports-6e6c2fef3dc7bccb.yaml Normal file
View File

@ -0,0 +1,5 @@
---
fixes:
- |
Fixes the iptables rule for PXE on systems not using firewalld (use
port UDP/67 and UDP/69 instead of TCP/68 and TCP/69).