From 58eb07ec22c0c8ccca98d95b5456bc9f6710b3e8 Mon Sep 17 00:00:00 2001
From: Will Szumski <will@stackhpc.com>
Date: Fri, 28 Sep 2018 09:13:48 +0100
Subject: [PATCH] Use iptables as section header instead of firewall

The firewall section has been renamed in upstream ironic inspector:

https://github.com/openstack/ironic-inspector/commit/7b2758546376394777c7d36c8f5bb62ff7ef3830

Consequently the iptables pxe filter does not work if the actual
dnsmasq interface name differs from the default (br-ctlplane), as can
be seen from this snippet of iptables-save output:

-A INPUT -i br-ctlplane -p udp -m udp --dport 67 -j ironic-inspector

Change-Id: Ic1d08b85e0b5992fbee489f2f9fd174982b5d493
---
 ansible/roles/ironic/templates/ironic-inspector.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/roles/ironic/templates/ironic-inspector.conf.j2 b/ansible/roles/ironic/templates/ironic-inspector.conf.j2
index d5c83d8c55..43b3758306 100644
--- a/ansible/roles/ironic/templates/ironic-inspector.conf.j2
+++ b/ansible/roles/ironic/templates/ironic-inspector.conf.j2
@@ -34,7 +34,7 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
 policy_file = {{ ironic_policy_file }}
 {% endif %}
 
-[firewall]
+[iptables]
 dnsmasq_interface = {{ ironic_dnsmasq_interface }}
 
 [database]