upstream/oracle/userland-gate: comparison components/openstack/neutron/files/neutron-l3-agent

equal deleted inserted replaced

-:850795cfd6d3
+:12e9c20eef5a
 cmd = "/usr/lib/neutron/neutron-l3-agent --config-file %s " \
 "--config-file %s" % tuple(sys.argv[2:4])
 smf_include.smf_subprocess(cmd)
+def remove_ipfilter_rules(version):
+# remove IP Filter rules added by neutron-l3-agent
+cmd = ["/usr/bin/pfexec", "/usr/sbin/ipfstat", "-io"]
+if version == 6:
+cmd.insert(2, "-6")
+p = Popen(cmd, stdout=PIPE, stderr=PIPE)
+output, error = p.communicate()
+if p.returncode != 0:
+print "failed to retrieve IP Filter rules"
+return smf_include.SMF_EXIT_ERR_FATAL
+ipfilters = output.splitlines()
+# L3 agent IP Filter rules are of the form
+# block in quick on l3i64cbb496_a_0 from ... to pool/15417332
+prog = re.compile('on l3i[0-9A-Fa-f\_]{10}_0')
+ippool_names = []
+for ipf in ipfilters:
+if not prog.search(ipf):
+continue
+# capture the IP pool name
+ippool_names.append(ipf.split('pool/')[1])
+try:
+# remove the IP Filter rule
+p = Popen(["echo", ipf], stdout=PIPE)
+cmd = ["/usr/bin/pfexec", "/usr/sbin/ipf", "-r", "-f", "-"]
+if version == 6:
+cmd.insert(2, "-6")
+check_call(cmd, stdin=p.stdout)
+except CalledProcessError as err:
+print "failed to remove IP Filter rule %s: %s" % (ipf, err)
+return smf_include.SMF_EXIT_ERR_FATAL
+# remove IP Pools added by neutron-l3-agent
+for ippool_name in ippool_names:
+try:
+check_call(["/usr/bin/pfexec", "/usr/sbin/ippool", "-R",
+"-m", ippool_name, "-t", "tree"])
+except CalledProcessError as err:
+print "failed to remove IP Pool %s: %s" % (ippool_name, err)
+return smf_include.SMF_EXIT_ERR_FATAL
+return smf_include.SMF_EXIT_OK
 def stop():
 try:
 # first kill the SMF contract
 check_call(["/usr/bin/pkill", "-c", sys.argv[2]])
 except CalledProcessError as err:
 ifname])
 except CalledProcessError as err:
 print "failed to remove datalinks used by L3 agent: %s" % (err)
 return smf_include.SMF_EXIT_ERR_FATAL
-# remove IP Filter rules added by neutron-l3-agent
+# remove IPv4 Filter rules added by neutron-l3-agent
-cmd = ["/usr/bin/pfexec", "/usr/sbin/ipfstat", "-io"]
+rv = remove_ipfilter_rules(4)
-p = Popen(cmd, stdout=PIPE, stderr=PIPE)
+if rv != smf_include.SMF_EXIT_OK:
-output, error = p.communicate()
+return rv
-if p.returncode != 0:
-print "failed to retrieve IP Filter rules"
-return smf_include.SMF_EXIT_ERR_FATAL
-ipfilters = output.splitlines()
+# remove IPv6 Filter rules added by neutron-l3-agent
-# L3 agent IP Filter rules are of the form
+rv = remove_ipfilter_rules(6)
-# block in quick on l3i64cbb496_a_0 from ... to pool/15417332
+if rv != smf_include.SMF_EXIT_OK:
-prog = re.compile('on l3i[0-9A-Fa-f\_]{10}_0')
+return rv
-ippool_names = []
-for ipf in ipfilters:
-if not prog.search(ipf):
-continue
-# capture the IP pool name
-ippool_names.append(ipf.split('pool/')[1])
-try:
-# remove the IP Filter rule
-p = Popen(["echo", ipf], stdout=PIPE)
-check_call(["/usr/bin/pfexec", "/usr/sbin/ipf", "-r", "-f", "-"],
-stdin=p.stdout)
-except CalledProcessError as err:
-print "failed to remove IP Filter rule %s: %s" % (ipf, err)
-return smf_include.SMF_EXIT_ERR_FATAL
-# remove IP Pools added by neutron-l3-agent
-for ippool_name in ippool_names:
-try:
-check_call(["/usr/bin/pfexec", "/usr/sbin/ippool", "-R",
-"-m", ippool_name, "-t", "tree"])
-except CalledProcessError as err:
-print "failed to remove IP Pool %s: %s" % (ippool_name, err)
-return smf_include.SMF_EXIT_ERR_FATAL
 # remove IP NAT rules added by neutron-l3-agent
 cmd = ["/usr/bin/pfexec", "/usr/sbin/ipnat", "-lR"]
 p = Popen(cmd, stdout=PIPE, stderr=PIPE)
 output, error = p.communicate()

changeset 1977	12e9c20eef5a
parent 1944	56ac2df1785b
child 2083	87196737f09f