yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #55674
[Bug 1618117] [NEW] fwaas: icmp traffic blocked on adding tcp deny (ssh) rule
You have been subscribed to a public bug:
When tcp deny rules are added to a firewall or no rules are there in
firewall policy, icmp traffic is block until icmp allow rule is added to
firewall
Steps:
1. Boot two VM in different network and router associated to both the VMs subnet.
2. Add security group rule for ssh and ping.
3. Make sure SSH and ping works from one VM to another.
4. Add tcp deny (ssh) or tcp deny (http) or no firewall rule.
5. Try to ssh it fails worked as expected since firewall rule for deny tcp is added.
6. Try to ping the VMs it also fails
Actual : Ping (icmp) traffic get denied by adding tcp deny rule.
Expected : Only ssh should be blocked not the icmp.
ICMP traffic is allowed only when ICMP allow rule is added to the
firewall, is this expected behaviour..?
** Affects: neutron
Importance: Undecided
Status: New
--
fwaas: icmp traffic blocked on adding tcp deny (ssh) rule
https://bugs.launchpad.net/bugs/1618117
You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron.
References