yahoo-eng-team team mailing list archive

[OpenStack Infra <1817455@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/670496
Committed: https://git.openstack.org/cgit/openstack/neutron-fwaas/commit/?id=90a2707ccffd2175d76e0e2ac5a4cd87e5faa7ef
Submitter: Zuul
Branch:    master

commit 90a2707ccffd2175d76e0e2ac5a4cd87e5faa7ef
Author: zhanghao2 <zhanghao2@xxxxxxxxxxxxxxxxxxxx>
Date:   Fri Jul 12 07:08:28 2019 -0400

    Fix bug when removing a port from the firewall group
    
    When removing a port from the firewall group, the last port is detected as
    true or false based on the old port and the new port, but it ignores the
    specific number of ports, which causes the fwg status to be inactive regardless
    of whether there is a port after the firewall group is reset.
    
    Change-Id: I887e06893f3e11031548767272e95afee40462d8
    Closes-Bug: #1817455


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1817455

Title:
  FWaaS V2 removing a port from the FW group set the FWG to INACTIVE

Status in neutron:
  Fix Released

Bug description:
  Creating a firewall group with policies and 2 interface ports.
  Now removing 1 of the ports using:
  openstack firewall group unset <fwg> --port <port-id>
  the firewall group is updated, and now has only 1 interface port, but its status is changed to INACTIVE.

  The reason seems to be in update_firewall_group_postcommit: https://github.com/openstack/neutron-fwaas/blob/master/neutron_fwaas/services/firewall/service_drivers/agents/agents.py#L329
  last-port is set to True if no new ports are added, instead of setting it to True only if there are no ports left.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1817455/+subscriptions