Hi Han, I'm sending the patch now which fixes it but feel free to modify it. Thanks! Daniel
On Wed, Jun 20, 2018 at 12:06 AM, Han Zhou <[email protected]> wrote: > > > On Tue, Jun 19, 2018 at 2:53 PM, Daniel Alvarez Sanchez < > [email protected]> wrote: > > > > > > > > On Tue, Jun 19, 2018 at 10:37 PM, Daniel Alvarez Sanchez < > [email protected]> wrote: > >> > >> Sorry, the problem seems to be that this ACL is not added in the Port > Groups case for some reason (I checked wrong lflows log I had): > > > > s/ACL/Logical Flow > >> > >> > >> _uuid : 5a1bce6c-e4ed-4a1f-8150-cb855bbac037 > >> actions : "reg0[0] = 1; next;" > >> external_ids : {source="ovn-northd.c:2931", > stage-name=ls_in_pre_acl} > >> logical_datapath : 0cf12eb0-fdb3-4087-98b0-9c52cafd0bdf > >> match : ip > >> pipeline : ingress > >> priority : 100 > >> > >> > >> Apparently, this code is not getting triggered for the Port Group case: > >> https://github.com/openvswitch/ovs/blob/master/ > ovn/northd/ovn-northd.c#L2930 > >> > >> > >> > > The problem is that build_pre_acls() [0] function checks if the Logical > Switch has stateful > > ACLs but since we're now applying ACLs on Port Groups, it'll always > return false > > and it won't apply the pre ACLs for conntrack. > > > > [0] https://github.com/openvswitch/ovs/blob/master/ > ovn/northd/ovn-northd.c#L2852 > > Yes, thanks Daniel for finding the problem! I am checking why the test > case didn't find out. > I will work on the fix asap. > > Thanks, > Han > >
_______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
