I believe this will affect nova-network as well. We probably should use something like the linux cutter utility to kill any ongoing connections after we remove the nat rule.
Vish On Jun 25, 2014, at 8:18 PM, Xurong Yang <ido...@gmail.com> wrote: > Hi folks, > > After we create an SSH connection to a VM via its floating ip, even though we > have removed the floating ip association, we can still access the VM via that > connection. Namely, SSH is not disconnected when the floating ip is not > valid. Any good solution about this security issue? > > Thanks > Xurong Yang > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
