Remove dead code _arp_spoofing_rule()

This code should have been removed when the allowed_address_pair
extension was added here (0efce6195fa7be80e110bd841dc9b3537a94c376).
The arp spoofing rules are handled in the method _setup_spoof_filter_chain().

Reported by: Amir Sadoughi that this was crud I left behind :)

Change-Id: Ib0e2e2a5c13fb8fa7af1f988510143f40ac335e2
Closes-bug: #1258629

diff --git a/neutron/agent/linux/iptables_firewall.py b/neutron/agent/linux/iptables_firewall.py
index d12e214b31ce364d20bd020795013c471881c260..b39c23e65ee6519bfeedf0828e1d8e061913c668 100644 (file)
--- a/neutron/agent/linux/iptables_firewall.py
+++ b/neutron/agent/linux/iptables_firewall.py
@@ -185,9 +185,6 @@ class IptablesFirewallDriver(firewall.FirewallDriver):
                 for rule in port.get('security_group_rules', [])
                 if rule['direction'] == direction]
 
-    def _arp_spoofing_rule(self, port):
-        return '-m mac ! --mac-source %s -j DROP' % port['mac_address']
-
     def _setup_spoof_filter_chain(self, port, table, mac_ip_pairs, rules):
         if mac_ip_pairs:
             chain_name = self._port_chain_name(port, SPOOF_FILTER)