Deleting last rule in Security Group does not update firewall
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
In Progress
|
Medium
|
Zhiyuan Cai |
Bug Description
Scenario:
VM port with 1 Security Group with 1 egress icmp rule
(example rule:
{u'ethertype': u'IPv4', u'direction': u'egress', u'protocol': u'icmp', u'dest_ip_prefix': u'0.0.0.0/0'}
)
Steps:
Delete the (last) rule from the above Security Group via Horizon
Result:
Find that iptables shows the egress icmp rule even after its deletion
Root Cause:
In this scenario, security_
'security_groups ' field is an empty dictionary {} !! this causes _update_
The security_groups field must contain the security_group_id as key with an empty list for the rules.
{u'sg_member_ips': {}, u'devices': {u'ea19fb55-
summary: |
- Deleting last rule in Security Group does not work + Deleting last rule in Security Group does not update firewall |
tags: | added: fwaas sg-fw |
Changed in neutron: | |
importance: | Undecided → Medium |
status: | New → Confirmed |
Changed in neutron: | |
assignee: | nobody → Zhiyuan Cai (luckyvega-g) |
Fix proposed to branch: master /review. openstack. org/156032
Review: https:/