yahoo-eng-team team mailing list archive

[Adit Sarfaty <asarfaty@xxxxxxxxxx>]

Public bug reported:

Creating a firewall group with policies and 2 interface ports.
Now removing 1 of the ports using:
openstack firewall group unset <fwg> --port <port-id>
the firewall group is updated, and now has only 1 interface port, but its status is changed to INACTIVE.

The reason seems to be in update_firewall_group_postcommit: https://github.com/openstack/neutron-fwaas/blob/master/neutron_fwaas/services/firewall/service_drivers/agents/agents.py#L329
last-port is set to True if no new ports are added, instead of setting it to True only if there are no ports left.

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1817455

Title:
  FWaaS V2 removing a port from the FW group set the FWG to INACTIVE

Status in neutron:
  New

Bug description:
  Creating a firewall group with policies and 2 interface ports.
  Now removing 1 of the ports using:
  openstack firewall group unset <fwg> --port <port-id>
  the firewall group is updated, and now has only 1 interface port, but its status is changed to INACTIVE.

  The reason seems to be in update_firewall_group_postcommit: https://github.com/openstack/neutron-fwaas/blob/master/neutron_fwaas/services/firewall/service_drivers/agents/agents.py#L329
  last-port is set to True if no new ports are added, instead of setting it to True only if there are no ports left.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1817455/+subscriptions