From 0b3d2ffad59e0660add775765696bb0b43b9d5cc Mon Sep 17 00:00:00 2001
From: Richard Maw <richard.maw@codethink.co.uk>
Date: Wed, 15 Apr 2015 05:02:24 +0000
Subject: OpenStack: Disable rp filtering

This drop-in file will be processed by systemd on boot.

Change-Id: I055d22dd481cc5084f6dbacbb787c3015d75461e
---
 openstack/manifest                      | 2 ++
 openstack/usr/lib/sysctl.d/neutron.conf | 3 +++
 2 files changed, 5 insertions(+)
 create mode 100644 openstack/usr/lib/sysctl.d/neutron.conf

diff --git a/openstack/manifest b/openstack/manifest
index f3cc0f2d..7911827d 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -117,6 +117,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf
 0040755 0 0 /usr/share/openstack/rabbitmq
 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq-env.conf
 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq.config
+0040755 0 0 /usr/lib/sysctl.d
+0100644 0 0 /usr/lib/sysctl.d/neutron.conf
 0100644 0 0 /usr/lib/systemd/system/apache-httpd.service
 0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service
 0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service
diff --git a/openstack/usr/lib/sysctl.d/neutron.conf b/openstack/usr/lib/sysctl.d/neutron.conf
new file mode 100644
index 00000000..644ca116
--- /dev/null
+++ b/openstack/usr/lib/sysctl.d/neutron.conf
@@ -0,0 +1,3 @@
+# Disable rp filtering, enabling forwarding is handled by networkd
+net.ipv4.conf.all.rp_filter=0
+net.ipv4.conf.default.rp_filter=0
-- 
cgit v1.2.1