x/vmware-nsx
Code Issues Proposed changes

Merge "Should not add metadata filter rules if disable metadata proxy"

Browse Source
This commit is contained in:
Jenkins 2013-10-03 00:34:16 +00:00 committed by Gerrit Code Review
commit 4331670175
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
neutron/agent/l3_agent.py
View File

@ -544,9 +544,10 @@ class L3NATAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, manager.Manager):
def metadata_filter_rules(self): def metadata_filter_rules(self):
rules = [] rules = []
rules.append(('INPUT', '-s 0.0.0.0/0 -d 127.0.0.1 ' if self.conf.enable_metadata_proxy:
'-p tcp -m tcp --dport %s ' rules.append(('INPUT', '-s 0.0.0.0/0 -d 127.0.0.1 '
'-j ACCEPT' % self.conf.metadata_port)) '-p tcp -m tcp --dport %s '
'-j ACCEPT' % self.conf.metadata_port))
return rules return rules
def metadata_nat_rules(self): def metadata_nat_rules(self):

12
neutron/tests/unit/test_l3_agent.py
View File

@ -672,6 +672,18 @@ class TestBasicRouterOperations(base.BaseTestCase):
msg = "Error importing interface driver 'wrong_driver'" msg = "Error importing interface driver 'wrong_driver'"
log.error.assert_called_once_with(msg) log.error.assert_called_once_with(msg)
def test_metadata_filter_rules(self):
self.conf.set_override('enable_metadata_proxy', False)
agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
self.assertEqual([], agent.metadata_filter_rules())
self.conf.set_override('metadata_port', '8775')
self.conf.set_override('enable_metadata_proxy', True)
agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
rules = ('INPUT', '-s 0.0.0.0/0 -d 127.0.0.1 '
'-p tcp -m tcp --dport 8775 -j ACCEPT')
self.assertEqual([rules], agent.metadata_filter_rules())
class TestL3AgentEventHandler(base.BaseTestCase): class TestL3AgentEventHandler(base.BaseTestCase):