ovn: support allow-stateless ACL verb
It was added in OVN 21.06. It is used to implement stateless firewall. Change-Id: I7343fb609fab91c20490842378747f7265241e82
This commit is contained in:
parent
6596164f51
commit
a7127ffe86
@ -109,7 +109,8 @@ class API(api.API, metaclass=abc.ABCMeta):
|
||||
:param match: The match rule
|
||||
:type match: string
|
||||
:param action: The action to take upon match
|
||||
:type action: 'allow', 'allow-related', 'drop', or 'reject'
|
||||
:type action: 'allow', 'allow-related', 'allow-stateless', 'drop',
|
||||
or 'reject'
|
||||
:param log: If True, enable packet logging for the ACL
|
||||
:type log: boolean
|
||||
:returns: :class:`Command` with RowView result
|
||||
@ -159,7 +160,8 @@ class API(api.API, metaclass=abc.ABCMeta):
|
||||
:param match: The match rule
|
||||
:type match: string
|
||||
:param action: The action to take upon match
|
||||
:type action: 'allow', 'allow-related', 'drop', or 'reject'
|
||||
:type action: 'allow', 'allow-related', 'allow-stateless',
|
||||
'drop', or 'reject'
|
||||
:param log: If True, enable packet logging for the ACL
|
||||
:type log: boolean
|
||||
:param may_exist: If True, don't fail if the ACL already exists
|
||||
|
@ -91,8 +91,10 @@ class _AclAddHelper(cmd.AddCommand):
|
||||
if not 0 <= priority <= const.ACL_PRIORITY_MAX:
|
||||
raise ValueError("priority must be between 0 and %s, inclusive" % (
|
||||
const.ACL_PRIORITY_MAX))
|
||||
if action not in ('allow', 'allow-related', 'drop', 'reject'):
|
||||
raise TypeError("action must be allow/allow-related/drop/reject")
|
||||
if action not in ('allow', 'allow-related', 'allow-stateless',
|
||||
'drop', 'reject'):
|
||||
raise TypeError("action must be allow/allow-related/"
|
||||
"allow-stateless/drop/reject")
|
||||
super().__init__(api)
|
||||
self.entity = entity
|
||||
self.direction = direction
|
||||
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
features:
|
||||
- Support the new "allow-stateless" ACL action. It was added in OVN 21.06.
|
Loading…
x
Reference in New Issue
Block a user