yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #40590
[Bug 1501152] Re: Firewall Rule can be created with IPv4 Source address and IPv6 Destination address
** Changed in: neutron
Assignee: Reedip (reedip-banerjee) => (unassigned)
** Changed in: neutron
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1501152
Title:
Firewall Rule can be created with IPv4 Source address and IPv6
Destination address
Status in neutron:
Invalid
Bug description:
reedip@reedip-VirtualBox:/opt/stack/logs$ neutron firewall-rule-create --source-ip-address 1.1.1.1 --destination-ip-address 1::1 --protocol tcp --action allow
Created a new firewall_rule:
+------------------------+--------------------------------------+
| Field | Value |
+------------------------+--------------------------------------+
| action | allow |
| description | |
| destination_ip_address | 1::1 |
| destination_port | |
| enabled | True |
| firewall_policy_id | |
| id | 92abcef7-56ac-4730-bf06-cde88a2b84e8 |
| ip_version | 4 |
| name | |
| position | |
| protocol | tcp |
| shared | False |
| source_ip_address | 1.1.1.1 |
| source_port | |
| tenant_id | f0e01e9a74684ed68e2f95565873c6fe |
+------------------------+--------------------------------------+
reedip@reedip-VirtualBox:/opt/stack/logs$
Though the firewall rule creation is allowed, it causes the firewall itself to go into ERROR state.
http://paste.openstack.org/show/474796/
It is better not to allow the creation of the firewall rule itself.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1501152/+subscriptions
References
