mirror of https://github.com/apache/cloudstack.git
14504dc7e3
DNS on VR should not be publically accessible as it may be prone to DNS amplification/reflection attacks. This fixes the issue by only allowing VR DNS (port 53) to be accessible from guest network cidr, as per the fix in: https://issues.apache.org/jira/browse/CLOUDSTACK-6432 - Only allows guest network cidrs to query VR DNS on port 53. - Includes marvin smoke test that checks the VR DNS accessibility checks from guest and non-guest network. - Fixes Marvin sshClient to avoid using ssh agent when password is provided, previous some environments may have seen 'No existing session' exception without this fix. - Adds a new dnspython dependency that is used to perform dns resolutions in the tests. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> |
||
|---|---|---|
| .. | ||
| bindir | ||
| certs | ||
| conf | ||
| conf.dom0 | ||
| css | ||
| distro | ||
| images | ||
| js | ||
| libexec | ||
| patches/debian | ||
| scripts | ||
| test/python | ||
| ui | ||
| vm-script | ||
| pom.xml | ||
| systemvm-descriptor.xml | ||