Hello, AFAIK, it's not possible. I did a similar thing by extending neutron iptables driver in order to set "pre-rules". Best regards, Cédric/ZZelle On Fri, Nov 18, 2016 at 1:58 PM, Iago Santos Pardo < iago.santos.pardo at cern.ch> wrote: > Hello, > > We are using Neutron with the linuxbridge plugin and security groups > enabled and we have some custom rules in iptables running on the compute > nodes. When the agent rebuilds the firewall it changes the rules order, > putting the neutron chains on the top. Is there any way to preserve the > rules order and tell neutron to ignore our rules or stuck them on the top? > > Thank you so much. > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20161118/3319b568/attachment.html>