[caclmgrd] Add a rule to allow all connections from localhost (#1858)

This commit is contained in:
Joe LeVeque 2018-07-13 10:27:47 -07:00 committed by GitHub
parent 1a93dd548d
commit 2ccfefc919
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -147,6 +147,10 @@ class ControlPlaneAclManager(object):
iptables_cmds.append("ip6tables -F")
iptables_cmds.append("ip6tables -X")
# Add iptables commands to allow all IPv4 and IPv6 traffic from localhost
iptables_cmds.append("iptables -A INPUT -s 127.0.0.1 -i lo -j ACCEPT")
iptables_cmds.append("ip6tables -A INPUT -s ::1 -i lo -j ACCEPT")
# Get current ACL tables and rules from Config DB
self._tables_db_info = self.config_db.get_table(self.ACL_TABLE)
self._rules_db_info = self.config_db.get_table(self.ACL_RULE)