[Openstack] Receive all traffic in my tenant in a specific instance
Alioune
balioune3 at gmail.com
Wed Aug 12 15:02:51 UTC 2015
Hi Dear All,
I am running instances belonging to the same tenant and I would like to
read with tcpdump all traffic going through the tenant from one specific
instance.
I am trying to modify neutron security groups chain
neutron-ofagent--sg-chain in order to do that.
I have run iptables -L neutron-ofagent--s3287af4f-b --line-numbers command,
which has the following output (10.10.10.3 is the address of instance on
which I would like to analyse traffic)
Chain neutron-ofagent--s3287af4f-b (1 references)
num target prot opt source destination
1 RETURN all -- 10.10.10.3 anywhere MAC FA:16:3E:AA:94:F0 /* Allow traffic
from defined IP/MAC pairs. */
2 DROP all -- anywhere anywhere /* Drop traffic without an IP/MAC allow
rule. */
Someone have suggestion about what rule I must add to allow the instance
attached to that port to receive all packets in its tenant ?
I am using Juno version of Openstack.
Best Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150812/c81adcd6/attachment.html>
More information about the Openstack
mailing list