shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-01-25 06:03:36 +03:00
Code Releases Wiki Activity

B #6483: Add support for spoofing rules for alias NIC

Browse Source 
This commit process NIC_ALIAS on ativation and creates flow rules to
implment spoofing rules. The rules are installed on the same port as the
parent NIC

(cherry picked from commit 6c388414e295526082ceca6d3e1d594631330a8a)
This commit is contained in:
Ruben S. Montero 2024-01-29 14:52:47 +01:00
parent 41461d4c03
commit bc95fa8109
No known key found for this signature in database
GPG Key ID: A0CEA6FA880A1D87
2 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/vnm_mad/remotes/lib/vm.rb
View File

@ -120,6 +120,14 @@ module VNMMAD
end end
end end
def parent(nic_alias)
@nics.each do |the_nic|
return the_nic if the_nic[:nic_id] == nic_alias[:parent_id]
end
nil
end
# Access an XML Element of the VM # Access an XML Element of the VM
# @param element [String] element name # @param element [String] element name
# @return [String] value of the element or nil if not found # @return [String] value of the element or nil if not found

15
src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
View File

@ -136,6 +136,21 @@ class OpenvSwitchVLAN < VNMMAD::VNMDriver
ip_spoofing if nic[:filter_ip_spoofing] =~ /yes/i ip_spoofing if nic[:filter_ip_spoofing] =~ /yes/i
end end
# MAC-spoofing & IP-spoofing for NIC ALIAS
process_alias do |nalias|
nparent = @vm.parent(nalias)
next unless nparent
nalias[:port] = nparent[:port]
@nic = nalias
mac_spoofing if nalias[:filter_mac_spoofing] =~ /yes/i
ip_spoofing if nalias[:filter_ip_spoofing] =~ /yes/i
end
unlock unlock
0 0