Ask Your Question
0

Can we disable security group rules created under neutron-openvswi-sg-chain ?

asked 2015-02-18 04:45:03 -0500

Govardhan gravatar image

Is there any way to disable the iptable rules creation of neutron-openvswi-sg-chain for virtual machine tap interfaces ?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
2

answered 2015-06-17 13:29:07 -0500

nic hart gravatar image

Yes.

In "/etc/neutron/plugins/ml2/ml2_conf.ini" - section [securitygroup],

change the line 'firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' to firewall_driver = neutron.agent.firewall.NoopFirewallDriver

(I'm using Juno release installed from RDO)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2015-02-18 04:45:03 -0500

Seen: 1,043 times

Last updated: Jun 17 '15