From edeb456f6980896ad651d734ea3f3f2f3e034026 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 17:26:00 +0000 Subject: SPLITME: Add all Openstack --- openstack/etc/neutron/rootwrap.d/ipset-firewall.filters | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 openstack/etc/neutron/rootwrap.d/ipset-firewall.filters (limited to 'openstack/etc/neutron/rootwrap.d/ipset-firewall.filters') diff --git a/openstack/etc/neutron/rootwrap.d/ipset-firewall.filters b/openstack/etc/neutron/rootwrap.d/ipset-firewall.filters new file mode 100644 index 00000000..52c66373 --- /dev/null +++ b/openstack/etc/neutron/rootwrap.d/ipset-firewall.filters @@ -0,0 +1,12 @@ +# neutron-rootwrap command filters for nodes on which neutron is +# expected to control network +# +# This file should be owned by (and only-writeable by) the root user + +# format seems to be +# cmd-name: filter-name, raw-command, user, args + +[Filters] +# neutron/agent/linux/iptables_firewall.py +# "ipset", "-A", ... +ipset: CommandFilter, ipset, root -- cgit v1.2.1