yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #77195
[Bug 1816740] Re: FWaaS v2 - incorrect shared rule check
Reviewed: https://review.openstack.org/638394
Committed: https://git.openstack.org/cgit/openstack/neutron-fwaas/commit/?id=9844e5e09cd10c45e7ec391a2f5af8b9fae1dd96
Submitter: Zuul
Branch: master
commit 9844e5e09cd10c45e7ec391a2f5af8b9fae1dd96
Author: Yushiro FURUKAWA <y.furukawa_2@xxxxxxxxxxxxxx>
Date: Thu Feb 21 20:01:56 2019 +0900
Fix firewall rule 'shared' check in updating fwp
This commit fixes 'shared' validation for existing firewall rules in
updating firewall policy with 'non-shared' to 'shared'.
Change-Id: I172632679f59e2aff79624753e1ef01f7ba1fdab
Closes-Bug: #1816740
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1816740
Title:
FWaaS v2 - incorrect shared rule check
Status in neutron:
Fix Released
Bug description:
Reference: http://git.openstack.org/cgit/openstack/neutron-
fwaas/tree/neutron_fwaas/db/firewall/v2/firewall_db_v2.py#n644
def _check_if_rules_shared_for_policy_shared(self, context, fwp_db, fwp):
if fwp['shared']:
rules_in_db = fwp_db.rule_associations
for entry in rules_in_db:
fwr_db = self._get_firewall_rule(context,
entry.firewall_rule_id)
if not fwp_db['shared']:
raise f_exc.FirewallPolicySharingConflict(
firewall_rule_id=fwr_db['id'],
firewall_policy_id=fwp_db['id'])
The logic above will always raise an exception if a policy is changed
from not shared to shared. There is most likely a typo in:
if not fwp_db['shared']:
as it should be:
if not fwr_db['shared']:
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1816740/+subscriptions
References