yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1291156] [NEW] Create security rulle doen't check remote_ip_prefix

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: shihanzhang <shihanzhang@xxxxxxxxxx>
Date: Wed, 12 Mar 2014 03:06:55 -0000
Reply-to: Bug 1291156 <1291156@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

the API of 'security-group-rule-create' doesn't check the parameter of
'remote_ip_prefix', if you use a invalid a value, it alse success,

root@ubuntu01:~# neutron  security-group-rule-create  --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 20 --port-range-max 30 --remote-ip-prefix 192.168.1/24 shz 
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| id                | 9087fd12-82b4-491c-a5c6-5c7acf251f4c |
| port_range_max    | 30                                   |
| port_range_min    | 20                                   |
| protocol          | tcp                                  |
| remote_group_id   |                                      |
| remote_ip_prefix  | 192.168.1/24                         |
| security_group_id | e4a37547-c2d8-4ef6-8273-bc3253d7600a |
| tenant_id         | 34fddbc22c184214b823be267837ef81     |
+-------------------+--------------------------------------+

** Affects: neutron
     Importance: Undecided
     Assignee: shihanzhang (shihanzhang)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => shihanzhang (shihanzhang)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1291156

Title:
  Create security rulle doen't check remote_ip_prefix

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  the API of 'security-group-rule-create' doesn't check the parameter of
  'remote_ip_prefix', if you use a invalid a value, it alse success,

  root@ubuntu01:~# neutron  security-group-rule-create  --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 20 --port-range-max 30 --remote-ip-prefix 192.168.1/24 shz 
  Created a new security_group_rule:
  +-------------------+--------------------------------------+
  | Field             | Value                                |
  +-------------------+--------------------------------------+
  | direction         | ingress                              |
  | ethertype         | IPv4                                 |
  | id                | 9087fd12-82b4-491c-a5c6-5c7acf251f4c |
  | port_range_max    | 30                                   |
  | port_range_min    | 20                                   |
  | protocol          | tcp                                  |
  | remote_group_id   |                                      |
  | remote_ip_prefix  | 192.168.1/24                         |
  | security_group_id | e4a37547-c2d8-4ef6-8273-bc3253d7600a |
  | tenant_id         | 34fddbc22c184214b823be267837ef81     |
  +-------------------+--------------------------------------+

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1291156/+subscriptions

Follow ups

[Bug 1291156] [NEW] Create security rulle doen't check remote_ip_prefix
From: shihanzhang, 2014-03-12

References

[Bug 1291156] [NEW] Create security rulle doen't check remote_ip_prefix
From: shihanzhang, 2014-03-12