Reviewed:  https://review.opendev.org/c/openstack/neutron/+/871096
Committed: 
https://opendev.org/openstack/neutron/commit/f7e31b4c0533687622f8f2644c802574e31536f7
Submitter: "Zuul (22348)"
Branch:    master

commit f7e31b4c0533687622f8f2644c802574e31536f7
Author: Elvira García <[email protected]>
Date:   Thu Jan 19 14:48:23 2023 +0100

    [OVN] Allow logging all traffic related to an ACL
    
    Before this patch, we would only get logged the client to server side of
    the communication. The OVN allow-related ACL option was implemented [0]
    so as to be able to log also the packets that are going from server to
    client. This patch implements the addition of that feature in Neutron
    and needs OVN version 22.03 or updated 21.12.
    
    [0] 
https://patchwork.ozlabs.org/project/ovn/patch/[email protected]/
    
    Closes-Bug: #2003706
    Change-Id: I72d061c333f53e07f6feedec032e2c0b06a61248
    Signed-off-by: Elvira García <[email protected]>


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2003706

Title:
  [OVN] Security group logging only logs half of the connection

Status in neutron:
  Fix Released

Bug description:
  With the OVN security group logging feature enabled there is only one
  direction (from client to server) packets are actually logged. It
  happens because there is a single OpenFlow rule created for the
  returned traffic and it has no logging action

  Steps:
  - Create server associated to security group.
  - Add a network log object that logs accepted traffic from that security 
group.
  - Check logs in ovn-controller.log

  Expected results:
  - We get the packets incoming and outcoming from the server.

  Actual results:
  - We only see incoming packets.

  More info at: https://bugzilla.redhat.com/show_bug.cgi?id=2152877

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2003706/+subscriptions


-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to