From bd3ce4367a020f48c2af56d3e44272bfd8804b64 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 16 Mar 2015 12:01:59 +0000 Subject: neutron: move templates --- .../openstack/neutron/rootwrap.d/ipset-firewall.filters | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters (limited to 'openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters') diff --git a/openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters b/openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters new file mode 100644 index 00000000..52c66373 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/rootwrap.d/ipset-firewall.filters @@ -0,0 +1,12 @@ +# neutron-rootwrap command filters for nodes on which neutron is +# expected to control network +# +# This file should be owned by (and only-writeable by) the root user + +# format seems to be +# cmd-name: filter-name, raw-command, user, args + +[Filters] +# neutron/agent/linux/iptables_firewall.py +# "ipset", "-A", ... +ipset: CommandFilter, ipset, root -- cgit v1.2.1