← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #52942

[Bug 1495463] Re: While creating firewall for another tenant which does not have router, firewall policy , firewall gets created and it comes into active state.

  Thread PreviousDate PreviousThread Next 
[Expired for neutron because there has been no activity for 60 days.]

** Changed in: neutron
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1495463

Title:
  While creating firewall for another tenant which does  not have
  router, firewall policy , firewall gets created and it comes into
  active state.

Status in neutron:
  Expired

Bug description:
  While creating firewall for another tenant which does  not have
  router, firewall policy , firewall gets created and it comes into
  active state.

  Steps Followed:

  i.	There are two tenants, admin and demo. Create router, network, add router interface  for admin ( nothing for demo user).
  ii.	Source rc file for admin user , create firewall rule, firewall policy
  iii.	Try to create firewall for demo user by passing  <firewall policy id of admin>  <router id of admin> --tenant-id <demo tenant id>

   Observation:  Firewall getting created and status is in active state
  even though tenant does not have any router, network, firewall rule,
  firewall policy.  Attaching file “firewall created for dem user.txt”
  for your reference. I think we should not be able to create firewall
  when there is not firewall policy, rule for the given tenant.

  
  stack@hdp-001:~$ neutron firewall-create 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 --name fwrayrarouter2 --router 6d1e84d2-6d3a-4f03-94c3-d3e2caa7bf41 --tenant-id b207eb16956040fd94a2469b56656f9d
  Created a new firewall:
  +--------------------+--------------------------------------+
  | Field              | Value                                |
  +--------------------+--------------------------------------+
  | admin_state_up     | True                                 |
  | description        |                                      |
  | firewall_policy_id | 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 |
  | id                 | ad29ac47-57fb-4c58-8fef-bf4e74816afc |
  | name               | fwrayrarouter2                       |
  | router_ids         | 6d1e84d2-6d3a-4f03-94c3-d3e2caa7bf41 |
  | status             | CREATED                              |
  | tenant_id          | b207eb16956040fd94a2469b56656f9d     |
  +--------------------+--------------------------------------+
  stack@hdp-001:~$ neutron firwall-list
  Unknown command [u'firwall-list']
  stack@hdp-001:~$ neutron firewall-list
  +--------------------------------------+----------------+--------------------------------------+
  | id                                   | name           | firewall_policy_id                   |
  +--------------------------------------+----------------+--------------------------------------+
  | 8c8cc582-a2ad-41c7-8532-ac462c914a3e | fwtest1        | 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 |
  | ad29ac47-57fb-4c58-8fef-bf4e74816afc | fwrayrarouter2 | 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 |
  +--------------------------------------+----------------+--------------------------------------+
  stack@hdp-001:~$ neutron firewall-show ad29ac47-57fb-4c58-8fef-bf4e74816afc
  +--------------------+--------------------------------------+
  | Field              | Value                                |
  +--------------------+--------------------------------------+
  | admin_state_up     | True                                 |
  | description        |                                      |
  | firewall_policy_id | 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 |
  | id                 | ad29ac47-57fb-4c58-8fef-bf4e74816afc |
  | name               | fwrayrarouter2                       |
  | router_ids         | 6d1e84d2-6d3a-4f03-94c3-d3e2caa7bf41 |
  | status             | ACTIVE                               |
  | tenant_id          | b207eb16956040fd94a2469b56656f9d     |
  +--------------------+--------------------------------------+
  stack@hdp-001:~$ neutron firewall-policy-show 0daf67b4-ccc1-41bd-b191-a1ddacd9af63
  +----------------+--------------------------------------+
  | Field          | Value                                |
  +----------------+--------------------------------------+
  | audited        | False                                |
  | description    |                                      |
  | firewall_rules | 5916773d-ada5-436e-9055-cb115e3a5220 |
  | id             | 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 |
  | name           | rayra-policy                         |
  | shared         | False                                |
  | tenant_id      | bbb6670febf14bbfbc498e4e04038dd9     |
  +----------------+--------------------------------------+
  stack@hdp-001:~$
  stack@hdp-001:~$  neutron firewall-policy-list --tenant-id bbb6670febf14bbfbc498e4e04038dd9
  +--------------------------------------+--------------+----------------------------------------+
  | id                                   | name         | firewall_rules                         |
  +--------------------------------------+--------------+----------------------------------------+
  | 0daf67b4-ccc1-41bd-b191-a1ddacd9af63 | rayra-policy | [5916773d-ada5-436e-9055-cb115e3a5220] |
  +--------------------------------------+--------------+----------------------------------------+
  stack@hdp-001:~$  neutron firewall-policy-list --tenant-id b207eb16956040fd94a2469b56656f9d

  stack@hdp-001:~$

  
  ==========================================================
  b207eb16956040fd94a2469b56656f9d -->  tenant id of demo 

  bbb6670febf14bbfbc498e4e04038dd9 --> Tenant id of Admin

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1495463/+subscriptions

References

  Thread PreviousDate PreviousThread Next