← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1330898] [NEW] fwaas: " firewall policy insert firewall rule " cli should not accept the same firewall rule which is going to insert in the insert-before/after field

 

Public bug reported:

DESCRIPTION: 
neutron firewall-policy-insert-firewall-rule cli should not accept the same firewall rule which is going to insert in the insert-before/after field
Steps to Reproduce: 
 
 1. create a firewall rule r1
 2. create a firewall policy and insert r1 in to the firewall policy
 3. create a firwall rule r2 and insert in to firewall policy specifuing inser before and insert after option as r2 itself

Actual Results: 
r2 is  attached in the firewall policy with out throwing any error
 
root@IGA-OSC:~#  fwpi p1 --firewall-rule r4 --insert-before r4  --insert-after r4
Inserted firewall rule in firewall policy p1
root@IGA-OSC:~# fwpl
+--------------------------------------+------+----------------------------------------+
| id                                   | name | firewall_rules                         |
+--------------------------------------+------+----------------------------------------+
| 8648869f-5494-41e7-99de-6cc4f9247ac8 | p1   | [0aabafe1-3a3e-42e0-bb55-53a4aa11015e, |
|                                      |      |  3115e8c4-936e-402b-948d-48c9fe0d8ddd, |
|                                      |      |  3593c12f-4475-4aad-8fa0-e446f8f36ecc, |
|                                      |      |  f45fd19a-8b7a-42cd-ad90-0e0942498528] |
+--------------------------------------+------+----------------------------------------+
root@IGA-OSC:~#  fwpr p1 --firewall-rule r4
Removed firewall rule from firewall policy p1
root@IGA-OSC:~# fwpi p1 --firewall-rule r4 --insert-before r4 --insert-after r2
Inserted firewall rule in firewall policy p1
root@IGA-OSC:~# fwpl
+--------------------------------------+------+----------------------------------------+
| id                                   | name | firewall_rules                         |
+--------------------------------------+------+----------------------------------------+
| 8648869f-5494-41e7-99de-6cc4f9247ac8 | p1   | [0aabafe1-3a3e-42e0-bb55-53a4aa11015e, |
|                                      |      |  3115e8c4-936e-402b-948d-48c9fe0d8ddd, |
|                                      |      |  3593c12f-4475-4aad-8fa0-e446f8f36ecc, |
|                                      |      |  f45fd19a-8b7a-42cd-ad90-0e0942498528] |
+--------------------------------------+------+----------------------------------------+
root@IGA-OSC:~# fwrs r4
+------------------------+--------------------------------------+
| Field                  | Value                                |
+------------------------+--------------------------------------+
| action                 | deny                                 |
| description            |                                      |
| destination_ip_address |                                      |
| destination_port       |                                      |
| enabled                | True                                 |
| firewall_policy_id     | 8648869f-5494-41e7-99de-6cc4f9247ac8 |
| id                     | 0aabafe1-3a3e-42e0-bb55-53a4aa11015e |
| ip_version             | 4                                    |
| name                   | r4                                   |
| position               | 1                                    |
| protocol               | icmp                                 |
| shared                 | False                                |
| source_ip_address      |                                      |
| source_port            |                                      |
| tenant_id              | d9481c57a11c46eea62886938b5378a7     |
+------------------------+--------------------------------------+
 

Expected Results: 
It should throw error since r2 is  no where attached in the firewall policy

** Affects: neutron
     Importance: Undecided
     Assignee: Koteswara Rao Kelam (koti-kelam)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Koteswara Rao Kelam (koti-kelam)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1330898

Title:
  fwaas: " firewall policy insert firewall rule " cli should not accept
  the same firewall rule which is going to insert in the insert-
  before/after field

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  DESCRIPTION: 
  neutron firewall-policy-insert-firewall-rule cli should not accept the same firewall rule which is going to insert in the insert-before/after field
  Steps to Reproduce: 
   
   1. create a firewall rule r1
   2. create a firewall policy and insert r1 in to the firewall policy
   3. create a firwall rule r2 and insert in to firewall policy specifuing inser before and insert after option as r2 itself

  Actual Results: 
  r2 is  attached in the firewall policy with out throwing any error
   
  root@IGA-OSC:~#  fwpi p1 --firewall-rule r4 --insert-before r4  --insert-after r4
  Inserted firewall rule in firewall policy p1
  root@IGA-OSC:~# fwpl
  +--------------------------------------+------+----------------------------------------+
  | id                                   | name | firewall_rules                         |
  +--------------------------------------+------+----------------------------------------+
  | 8648869f-5494-41e7-99de-6cc4f9247ac8 | p1   | [0aabafe1-3a3e-42e0-bb55-53a4aa11015e, |
  |                                      |      |  3115e8c4-936e-402b-948d-48c9fe0d8ddd, |
  |                                      |      |  3593c12f-4475-4aad-8fa0-e446f8f36ecc, |
  |                                      |      |  f45fd19a-8b7a-42cd-ad90-0e0942498528] |
  +--------------------------------------+------+----------------------------------------+
  root@IGA-OSC:~#  fwpr p1 --firewall-rule r4
  Removed firewall rule from firewall policy p1
  root@IGA-OSC:~# fwpi p1 --firewall-rule r4 --insert-before r4 --insert-after r2
  Inserted firewall rule in firewall policy p1
  root@IGA-OSC:~# fwpl
  +--------------------------------------+------+----------------------------------------+
  | id                                   | name | firewall_rules                         |
  +--------------------------------------+------+----------------------------------------+
  | 8648869f-5494-41e7-99de-6cc4f9247ac8 | p1   | [0aabafe1-3a3e-42e0-bb55-53a4aa11015e, |
  |                                      |      |  3115e8c4-936e-402b-948d-48c9fe0d8ddd, |
  |                                      |      |  3593c12f-4475-4aad-8fa0-e446f8f36ecc, |
  |                                      |      |  f45fd19a-8b7a-42cd-ad90-0e0942498528] |
  +--------------------------------------+------+----------------------------------------+
  root@IGA-OSC:~# fwrs r4
  +------------------------+--------------------------------------+
  | Field                  | Value                                |
  +------------------------+--------------------------------------+
  | action                 | deny                                 |
  | description            |                                      |
  | destination_ip_address |                                      |
  | destination_port       |                                      |
  | enabled                | True                                 |
  | firewall_policy_id     | 8648869f-5494-41e7-99de-6cc4f9247ac8 |
  | id                     | 0aabafe1-3a3e-42e0-bb55-53a4aa11015e |
  | ip_version             | 4                                    |
  | name                   | r4                                   |
  | position               | 1                                    |
  | protocol               | icmp                                 |
  | shared                 | False                                |
  | source_ip_address      |                                      |
  | source_port            |                                      |
  | tenant_id              | d9481c57a11c46eea62886938b5378a7     |
  +------------------------+--------------------------------------+
   

  Expected Results: 
  It should throw error since r2 is  no where attached in the firewall policy

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1330898/+subscriptions


Follow ups

References