Author: Nguyen Phuong An <a...@vn.fujitsu.com>
Date: Wed Aug 1 10:55:55 2018 +0700
Fix no ACCEPT event can get for security group logging
Currently, we cannot get ACCEPT packet log because there are some
changed related to ovs firewall code since ovs firewall logging has
Regarding to performance perspective, we only log first accepted packet.
So we only need to forward first accepted packet of each connection
session to table 91 and table 92.
So this patch fixes these issues.
** Changed in: neutron
Status: In Progress => Fix Released
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
Logging - No SG-log data found at /var/log/syslog
Status in neutron:
When I created log-resource with security_group, log data didn't show
at /var/log/syslog at all.
$ lsb_release -a; uname -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.4 LTS
Linux kolla 4.4.0-130-generic #156-Ubuntu SMP Thu Jun 14 08:53:28 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
firewall_driver = openvswitch
extensions = log
$ openstack server create --image cirros-0.3.5-x86_64-disk --flavor c1
--network private vm1
$ openstack network log create --resource-type security_group --resource
<sg-id> --enable --event ALL sg-log
[ovs flow log]
I compared following conditions with'$ovs-ofctl dump-flows br-int':
1. Before creating log-resource
2. After created log-resource
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : firstname.lastname@example.org
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp