summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRichard Maw <richard.maw@codethink.co.uk>2015-04-15 05:02:24 (GMT)
committerBaserock Gerrit <gerrit@baserock.org>2015-04-17 15:21:42 (GMT)
commit0b3d2ffad59e0660add775765696bb0b43b9d5cc (patch)
tree88ff7bfed76d9e02ff94b14b2ed6a92c47fa6ad0
parent2514cc238778ec5679db481cce7517f453351869 (diff)
downloaddefinitions-0b3d2ffad59e0660add775765696bb0b43b9d5cc.tar.gz
OpenStack: Disable rp filtering
This drop-in file will be processed by systemd on boot. Change-Id: I055d22dd481cc5084f6dbacbb787c3015d75461e
-rw-r--r--openstack/manifest2
-rw-r--r--openstack/usr/lib/sysctl.d/neutron.conf3
2 files changed, 5 insertions, 0 deletions
diff --git a/openstack/manifest b/openstack/manifest
index f3cc0f2..7911827 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -117,6 +117,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf
0040755 0 0 /usr/share/openstack/rabbitmq
0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq-env.conf
0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq.config
+0040755 0 0 /usr/lib/sysctl.d
+0100644 0 0 /usr/lib/sysctl.d/neutron.conf
0100644 0 0 /usr/lib/systemd/system/apache-httpd.service
0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service
0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service
diff --git a/openstack/usr/lib/sysctl.d/neutron.conf b/openstack/usr/lib/sysctl.d/neutron.conf
new file mode 100644
index 0000000..644ca11
--- /dev/null
+++ b/openstack/usr/lib/sysctl.d/neutron.conf
@@ -0,0 +1,3 @@
+# Disable rp filtering, enabling forwarding is handled by networkd
+net.ipv4.conf.all.rp_filter=0
+net.ipv4.conf.default.rp_filter=0