neutron: move templates

author: Pedro Alvarez <pedro.alvarez@codethink.co.uk> 2015-03-16 12:01:59 +0000
committer: Pedro Alvarez <pedro.alvarez@codethink.co.uk> 2015-03-16 17:35:18 +0000
commit: bd3ce4367a020f48c2af56d3e44272bfd8804b64 (patch)
tree: faeb0e194c26609b69697720a43b241ea4d4a9f2 /openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters
parent: b9873751e788b66cc0451cbdc8a568a25379c3bb (diff)
download: definitions-bd3ce4367a020f48c2af56d3e44272bfd8804b64.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters b/openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters
new file mode 100644
index 00000000..52c66373
--- /dev/null
+++ b/openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters
@@ -0,0 +1,12 @@
+# neutron-rootwrap command filters for nodes on which neutron is
+# expected to control network
+#
+# This file should be owned by (and only-writeable by) the root user
+
+# format seems to be
+# cmd-name: filter-name, raw-command, user, args
+
+[Filters]
+# neutron/agent/linux/iptables_firewall.py
+#   "ipset", "-A", ...
+ipset: CommandFilter, ipset, root
author	Pedro Alvarez <pedro.alvarez@codethink.co.uk>	2015-03-16 12:01:59 +0000
committer	Pedro Alvarez <pedro.alvarez@codethink.co.uk>	2015-03-16 17:35:18 +0000
commit	bd3ce4367a020f48c2af56d3e44272bfd8804b64 (patch)
tree	faeb0e194c26609b69697720a43b241ea4d4a9f2 /openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters
parent	b9873751e788b66cc0451cbdc8a568a25379c3bb (diff)
download	definitions-bd3ce4367a020f48c2af56d3e44272bfd8804b64.tar.gz