yahoo-eng-team team mailing list archive

[Launchpad Bug Tracker <1303663@xxxxxxxxxxxxxxxxxx>]

[Expired for neutron because there has been no activity for 60 days.]

** Changed in: neutron
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1303663

Title:
  Default security group wrong from Grizzly to IceHouse

Status in neutron:
  Expired

Bug description:
  Hi Guys,

  There is a bug that prevent a true default security group creation.
  The default rules can't permit all traffic in and out.

  Below how i fixed it.

              if s.get('name') == 'default':
                  for ethertype in ext_sg.sg_supported_ethertypes:
                      # Allow All incoming Connections
                      ingress_rule = SecurityGroupRule(
                          id=uuidutils.generate_uuid(),
                          tenant_id=tenant_id,
                          security_group=security_group_db,
                          direction='ingress',
                          ethertype=ethertype,
                          remote_ip_prefix='0.0.0.0/0')
                      context.session.add(ingress_rule)
                      # Allow All outcoming Connections
                      egress_rule = SecurityGroupRule(
                          id=uuidutils.generate_uuid(),
                          tenant_id=tenant_id,
                          security_group=security_group_db,
                          direction='egress',
                          ethertype=ethertype,
                          remote_ip_prefix='0.0.0.0/0')
                      context.session.add(egress_rule)

  https://github.com/openstack/neutron/blob/master/neutron/db/securitygroups_db.py#L120

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1303663/+subscriptions