1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-22 13:33:52 +03:00

B #6483: Add support for spoofing rules for alias NIC

This commit process NIC_ALIAS on ativation and creates flow rules to
implment spoofing rules. The rules are installed on the same port as the
parent NIC

(cherry picked from commit 6c388414e2)
This commit is contained in:
Ruben S. Montero 2024-01-29 14:52:47 +01:00
parent 41461d4c03
commit bc95fa8109
No known key found for this signature in database
GPG Key ID: A0CEA6FA880A1D87
2 changed files with 23 additions and 0 deletions

View File

@ -120,6 +120,14 @@ module VNMMAD
end
end
def parent(nic_alias)
@nics.each do |the_nic|
return the_nic if the_nic[:nic_id] == nic_alias[:parent_id]
end
nil
end
# Access an XML Element of the VM
# @param element [String] element name
# @return [String] value of the element or nil if not found

View File

@ -136,6 +136,21 @@ class OpenvSwitchVLAN < VNMMAD::VNMDriver
ip_spoofing if nic[:filter_ip_spoofing] =~ /yes/i
end
# MAC-spoofing & IP-spoofing for NIC ALIAS
process_alias do |nalias|
nparent = @vm.parent(nalias)
next unless nparent
nalias[:port] = nparent[:port]
@nic = nalias
mac_spoofing if nalias[:filter_mac_spoofing] =~ /yes/i
ip_spoofing if nalias[:filter_ip_spoofing] =~ /yes/i
end
unlock
0