From 3eaa45bf998dd4f4f483103d3d891ab1c0e78329 Mon Sep 17 00:00:00 2001 From: Andy McCrae Date: Thu, 26 Jan 2017 10:15:22 +0000 Subject: [PATCH] Update paste, policy and rootwrap configurations 2017-01-26 Change-Id: I7b750336a85aaea86309d8610abcddcebac71640 --- files/rootwrap.d/linuxbridge-plugin.filters | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/files/rootwrap.d/linuxbridge-plugin.filters b/files/rootwrap.d/linuxbridge-plugin.filters index f0934357..90cd4c53 100644 --- a/files/rootwrap.d/linuxbridge-plugin.filters +++ b/files/rootwrap.d/linuxbridge-plugin.filters @@ -20,9 +20,12 @@ find: RegExpFilter, find, root, find, /sys/class/net, -maxdepth, 1, -type, l, -p ip_exec: IpNetnsExecFilter, ip, root # tc commands needed for QoS support -tc_replace_tbf: RegExpFilter, tc, root, tc, qdisc, replace, dev, .+, root, tbf, rate, .+, latency, .+, burst, .+ -tc_add_ingress: RegExpFilter, tc, root, tc, qdisc, add, dev, .+, ingress, handle, .+ -tc_delete: RegExpFilter, tc, root, tc, qdisc, del, dev, .+, .+ +tc_add_qdisc: RegExpFilter, tc, root, tc, qdisc, add, dev, .+, (root|parent .+), handle, .+, htb +tc_add_qdisc_ingress: RegExpFilter, tc, root, tc, qdisc, add, dev, .+, ingress, handle, .+ tc_show_qdisc: RegExpFilter, tc, root, tc, qdisc, show, dev, .+ -tc_show_filters: RegExpFilter, tc, root, tc, filter, show, dev, .+, parent, .+ -tc_add_filter: RegExpFilter, tc, root, tc, filter, add, dev, .+, parent, .+, protocol, all, prio, .+, basic, police, rate, .+, burst, .+, mtu, .+, drop +tc_del_qdisc: RegExpFilter, tc, root, tc, qdisc, del, dev, .+, (root|ingress|parent .+) +tc_add_class: RegExpFilter, tc, root, tc, class, replace, dev, .+, parent, .+, classid, .+, .+, rate, .+ +tc_add_class_max: RegExpFilter, tc, root, tc, class, replace, dev, .+, parent, .+, classid, .+, .+, rate, .+, ceil, .+, burst, .+ +tc_show_class: RegExpFilter, tc, root, tc, class, show, dev, .+ +tc_show_filter: RegExpFilter, tc, root, tc, filter, show, dev, .+, parent, .+ +tc_add_filter_ifb: RegExpFilter, tc, root, tc, filter, add, dev, .+, parent, .+, protocol, all, u32, match, u32, 0, 0, action, mirred, egress, redirect, dev, .+