Add explicit egress rules to nvp security profile
The following commit
7e26074b changed the previous behavior of quantum
security groups by explicitly adding egress rules to the security profile.
When these rules are removed the vm is no longer able to send traffic out.
This patch adds these rules for NVP. One thing to note in the patch
is that now a bunk rule of IPv4 127.0.0.1/32 is added to each security
profile. The reason for this is by default NVP security profiles allow
all egress traffic until a rule is added and then it just lets traffic
matching those rules out. Adding this bunk rule achieves this behavior
that quantum now uses.
Fixes bug
1150378
Change-Id: I005880fcf39d539ae99be428d75c43cc0b39a7b6
Code Review / openstack-build / neutron-build.git / commit