[openstack-dev] [Neutron] custom rules - security groups

Iago Santos Pardo iago.santos.pardo at cern.ch
Fri Nov 18 14:30:23 UTC 2016

Actually for our case we want to manage it in a different way.
From: Ihar Hrachyshka [ihrachys at redhat.com]
Sent: 18 November 2016 14:41
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [neutron]

> On 18 Nov 2016, at 13:58, Iago Santos Pardo <iago.santos.pardo at cern.ch> wrote:
> Hello,
> We are using Neutron with the linuxbridge plugin and security groups enabled and we have some custom rules in iptables running on the compute nodes. When the agent rebuilds the firewall it changes the rules order, putting the neutron chains on the top. Is there any way to preserve the rules order and tell neutron to ignore our rules or stuck them on the top?

Can’t you express the needed behaviour with security groups API itself?

OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe

More information about the OpenStack-dev mailing list