review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Akihiro MOTOKI <motoki@da.jp.nec.com>
	Thu, 28 Feb 2013 22:19:20 +0000 (07:19 +0900)
committer	Akihiro MOTOKI <motoki@da.jp.nec.com>
	Fri, 1 Mar 2013 14:50:55 +0000 (23:50 +0900)
commit	0b3f9f61b070b86ad0335d905a57357035ce2e59
tree	a437575a7f34c6481e53ec0b653f62c395f11849	tree \| snapshot
parent	cf449ddabde9832694423b2d0688ed1228634312	commit \| diff

Ensure max length of iptables chain name w/o prefix is up to 11 chars.

The maximum length of Linux iptables chain name must be less than or
equal to 28 characters. In iptables_manager binary_name up to 16 chars
is used as a prefix and a '-' follows it, so a chain name passed to
iptables_manager must be less than 12 character long. Accordingky
MAX_CHAIN_LEN should be changed from 28 to 12. Also this commit
introduces a method to get a chain name with valid length.

Since iptables_firewall module constructs a rule by directly using
a chain name, iptable_firewall also must take care of the length.

Fixes bug #1133833

Change-Id: I6157d519f3cb91ec32dc6a92eae45439b8717b2d

quantum/agent/linux/iptables_firewall.py		diff \| blob \| history
quantum/agent/linux/iptables_manager.py		diff \| blob \| history
quantum/tests/unit/test_iptables_manager.py		diff \| blob \| history