[ovs-git] [ovn-org/ovn] ea3387: Document priority behavior for allow-stateless ACLs
Ihar Hrachyshka
noreply at github.com
Wed Jun 9 05:31:21 UTC 2021
Branch: refs/heads/master
Home: https://github.com/ovn-org/ovn
Commit: ea3387ef2d2eefec69928889f918ff8872c44ceb
https://github.com/ovn-org/ovn/commit/ea3387ef2d2eefec69928889f918ff8872c44ceb
Author: Ihar Hrachyshka <ihrachys at redhat.com>
Date: 2021-06-08 (Tue, 08 Jun 2021)
Changed paths:
M northd/ovn-northd.c
M northd/ovn_northd.dl
M ovn-nb.xml
M tests/ovn-northd.at
Log Message:
-----------
Document priority behavior for allow-stateless ACLs
It's complex and probably impossible to split returning traffic for
allow-related ACLs from stateless traffic, we don't fully implement
ACL priority for allow-stateless rules. Meaning, allow-stateless rules
always take precedence over stateful rules regardless of their
relative priority order.
This patch documents this behavior and covers it with explicit test
cases.
Signed-off-by: Ihar Hrachyshka <ihrachys at redhat.com>
Signed-off-by: Han Zhou <hzhou at ovn.org>
More information about the git
mailing list