[sos-devel] [PATCH] [plugins/openstack_neutron] Display iptables rules for security groups
Bryn M. Reeves
bmr at redhat.com
Fri Nov 21 13:02:37 UTC 2014
On Thu, Nov 20, 2014 at 10:17:04PM -0800, Stephen Ma wrote:
> Dumps out the iptables rules in the root namespace. Neutron
> implements the security group rules in iptables rules in
> the root namespace.
This doesn't belong in the Neutron plugin since it's collecting information
for the root networking namespace; the only networking bits we tolerate in
Neutron are the netns pieces (since we don't currently have a good way to
expose the networking plugin's abstractions in a way that the Neutron plugin
can use).
We already collect the 'filter', 'nat' and 'mangle' tables (in 'iptables -L'
format) in the networking plugin so this would also duplicate that.
I'd be happy to make additions or changes to the networking collection to
close any gaps but this certainly belongs there rather than in the neutron
plugin.
Regards,
Bryn.
More information about the sos-devel
mailing list