Hi Dear All, I am running instances belonging to the same tenant and I would like to read with tcpdump all traffic going through the tenant from one specific instance.
I am trying to modify neutron security groups chain neutron-ofagent--sg-chain in order to do that. I have run iptables -L neutron-ofagent--s3287af4f-b --line-numbers command, which has the following output (10.10.10.3 is the address of instance on which I would like to analyse traffic) Chain neutron-ofagent--s3287af4f-b (1 references) num target prot opt source destination 1 RETURN all -- 10.10.10.3 anywhere MAC FA:16:3E:AA:94:F0 /* Allow traffic from defined IP/MAC pairs. */ 2 DROP all -- anywhere anywhere /* Drop traffic without an IP/MAC allow rule. */ Someone have suggestion about what rule I must add to allow the instance attached to that port to receive all packets in its tenant ? I am using Juno version of Openstack. Best Regards
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
