Submitter: Zuul
Branch:    master

commit ced78395a7952d0e616055892645fd2a6165833f
Author: Nguyen Phuong An <>
Date:   Wed Aug 1 10:55:55 2018 +0700

    Fix no ACCEPT event can get for security group logging
    Currently, we cannot get ACCEPT packet log because there are some
    changed related to ovs firewall code since ovs firewall logging has
    been merged.
    Regarding to performance perspective, we only log first accepted packet.
    So we only need to forward first accepted packet of each connection
    session to table 91 and table 92.
    So this patch fixes these issues.
    Closes-Bug: #1782576
    Change-Id: Ib6ced838a7ec6d5c459a8475318556001c31bdf0

** Changed in: neutron
       Status: In Progress => Fix Released

You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.

  Logging - No SG-log data found at /var/log/syslog

Status in neutron:
  Fix Released

Bug description:
  When I created log-resource with security_group, log data didn't show
  at /var/log/syslog at all.

  $ lsb_release -a; uname -a
  No LSB modules are available.
  Distributor ID: Ubuntu
  Description:    Ubuntu 16.04.4 LTS
  Release:        16.04
  Codename:       xenial
  Linux kolla 4.4.0-130-generic #156-Ubuntu SMP Thu Jun 14 08:53:28 UTC 2018 
x86_64 x86_64 x86_64 GNU/Linux

  devstack all-in-one


  service_plugins =,log

  firewall_driver = openvswitch
  extensions = log

  $ openstack server create --image cirros-0.3.5-x86_64-disk --flavor c1 
--network private vm1
  $ openstack network log create --resource-type security_group --resource 
<sg-id> --enable --event ALL sg-log

  [ovs flow log]
  I compared following conditions with'$ovs-ofctl dump-flows br-int':

      1. Before creating log-resource
      2. After created log-resource

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to