Can we disable security group rules created under neutron-openvswi-sg-chain ?

asked 2015-02-18 04:45:03 -0600

Govardhan gravatar image

Is there any way to disable the iptable rules creation of neutron-openvswi-sg-chain for virtual machine tap interfaces ?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2015-06-17 13:29:07 -0600

nic hart gravatar image


In "/etc/neutron/plugins/ml2/ml2_conf.ini" - section [securitygroup],

change the line 'firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' to firewall_driver = neutron.agent.firewall.NoopFirewallDriver

(I'm using Juno release installed from RDO)

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2015-02-18 04:45:03 -0600

Seen: 1,106 times

Last updated: Jun 17 '15