]> review.fuel-infra Code Review - openstack-build/neutron-build.git/commit
Code Review / openstack-build / neutron-build.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 2b1c4f1) | patch
Allow to request metadata proxy only from internal interfaces
authorAssaf Muller <amuller@redhat.com>
Mon, 22 Dec 2014 15:01:37 +0000 (17:01 +0200)
committerCedric Brandily <zzelle@gmail.com>
Wed, 18 Mar 2015 23:07:56 +0000 (23:07 +0000)
commitb049971c5652adc8e6146f15180ceccc58f8ae9a
tree64d6b0460d0911a15218f0a9f092ba953dc4a6dftree | snapshot
parent2b1c4f121e3e8ba1c5eb2ba6661bf6326e1507c5commit | diff
Allow to request metadata proxy only from internal interfaces

Currently the metadata service can be requested on 169.254.169.254:80
from all interfaces including external interfaces. This change updates
PREROUTING rules to allow request on 169.254.169.254:80 only from
internal interfaces.

Change-Id: I44a9e03992f9e2a7bd4d798ae69d8aa7d75d3078
Closes-Bug: #1187102
neutron/agent/metadata/driver.py diff | blob | history
neutron/tests/unit/agent/metadata/test_driver.py diff | blob | history