neutron

fwaas: " firewall policy insert firewall rule " cli should not accept the same firewall rule which is going to insert in the insert-before/after field

Bug #1330898 reported by Koteswara Rao Kelam
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Low
Koteswara Rao Kelam
neutron 2014.2 "juno"

Bug Description

DESCRIPTION:
neutron firewall-policy-insert-firewall-rule cli should not accept the same firewall rule which is going to insert in the insert-before/after field
Steps to Reproduce:

 1. create a firewall rule r1
 2. create a firewall policy and insert r1 in to the firewall policy
 3. create a firwall rule r2 and insert in to firewall policy specifuing inser before and insert after option as r2 itself

Actual Results:
r2 is attached in the firewall policy with out throwing any error

root@IGA-OSC:~# fwpi p1 --firewall-rule r4 --insert-before r4 --insert-after r4
Inserted firewall rule in firewall policy p1
root@IGA-OSC:~# fwpl
+--------------------------------------+------+----------------------------------------+
| id | name | firewall_rules |
+--------------------------------------+------+----------------------------------------+
| 8648869f-5494-41e7-99de-6cc4f9247ac8 | p1 | [0aabafe1-3a3e-42e0-bb55-53a4aa11015e, |
| | | 3115e8c4-936e-402b-948d-48c9fe0d8ddd, |
| | | 3593c12f-4475-4aad-8fa0-e446f8f36ecc, |
| | | f45fd19a-8b7a-42cd-ad90-0e0942498528] |
+--------------------------------------+------+----------------------------------------+
root@IGA-OSC:~# fwpr p1 --firewall-rule r4
Removed firewall rule from firewall policy p1
root@IGA-OSC:~# fwpi p1 --firewall-rule r4 --insert-before r4 --insert-after r2
Inserted firewall rule in firewall policy p1
root@IGA-OSC:~# fwpl
+--------------------------------------+------+----------------------------------------+
| id | name | firewall_rules |
+--------------------------------------+------+----------------------------------------+
| 8648869f-5494-41e7-99de-6cc4f9247ac8 | p1 | [0aabafe1-3a3e-42e0-bb55-53a4aa11015e, |
| | | 3115e8c4-936e-402b-948d-48c9fe0d8ddd, |
| | | 3593c12f-4475-4aad-8fa0-e446f8f36ecc, |
| | | f45fd19a-8b7a-42cd-ad90-0e0942498528] |
+--------------------------------------+------+----------------------------------------+
root@IGA-OSC:~# fwrs r4
+------------------------+--------------------------------------+
| Field | Value |
+------------------------+--------------------------------------+
| action | deny |
| description | |
| destination_ip_address | |
| destination_port | |
| enabled | True |
| firewall_policy_id | 8648869f-5494-41e7-99de-6cc4f9247ac8 |
| id | 0aabafe1-3a3e-42e0-bb55-53a4aa11015e |
| ip_version | 4 |
| name | r4 |
| position | 1 |
| protocol | icmp |
| shared | False |
| source_ip_address | |
| source_port | |
| tenant_id | d9481c57a11c46eea62886938b5378a7 |
+------------------------+--------------------------------------+

Expected Results:
It should throw error since r2 is no where attached in the firewall policy

Tags: fwaas
Koteswara Rao Kelam (koti-kelam)
Changed in neutron:
assignee: nobody → Koteswara Rao Kelam (koti-kelam)
Sumit Naiksatam (snaiksat)
Changed in neutron:
importance: Undecided → Low
tags: added: fwaas
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/100560

Changed in neutron:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/100560
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c86b1f7723e4a4f768773a68fc3ac197ac751482
Submitter: Jenkins
Branch: master

commit c86b1f7723e4a4f768773a68fc3ac197ac751482
Author: Koteswara Rao Kelam <email address hidden>
Date: Tue Jun 17 07:03:10 2014 -0700

    Proper validation for inserting firewall rule

    Say rule r2 is associated with policy p2. If user tries to insert rule r1
    into a policy p1 before/after r2, error should be thrown saying that rule
    r2 is not associated with policy p1.

    Change-Id: Ifa415acc9533b7a323f966ee42d476460e68c9d3
    Closes-bug: 1330898

Changed in neutron:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in neutron:
milestone: none → juno-3
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in neutron:
milestone: juno-3 → 2014.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.