yahoo-eng-team team mailing list archive

[OpenStack Infra <1582500@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/670906
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=dac9a062aca91e243859e8a7d5b6814cfd37d222
Submitter: Zuul
Branch:    master

commit dac9a062aca91e243859e8a7d5b6814cfd37d222
Author: Brian Haley <bhaley@xxxxxxxxxx>
Date:   Mon Jul 15 15:27:13 2019 -0400

    Normalize protocol number 1 to 58 for IPv6
    
    The security group code was changed recently to always
    normalize IPv6 ICMP protocol names to 'ipv6-icmp', but it
    did not cover when a number is used instead. Normalize
    protocol number 1 to 58 for IPv6 ICMP as well.
    
    Change-Id: Ife8263196f3d678d8455f07834c9f6c1330acc00
    Closes-bug: #1582500


** Changed in: neutron
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1582500

Title:
  icmp, icmpv6 and ipv6-icmp should raise duplicated sg rule exception

Status in neutron:
  Fix Released

Bug description:
  For security group rules, when they have 'ethertype'='ipv6' and only
  protocol values are different(icmp, or icmpv6, or ipv6-icmp), they
  should be considered as duplicated.

  e.g. using the following CLI commands to create sg rules, SecurityGroupRuleExists exception should raise:
  >> neutron security-group-rule-create --ethertype ipv6 --protocol icmp SG_ID
  >> neutron security-group-rule-create --ethertype ipv6 --protocol icmpv6 SG_ID
  >> neutron security-group-rule-create --ethertype ipv6 --protocol ipv6-icmp SG_ID

  User could understand they are just different alias, and we don't need
  "duplicated" entries to deal with.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1582500/+subscriptions