ipset set is not destroyed if related security group member is empty
Bug #1463331 reported by
shihanzhang
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
shihanzhang |
Bug Description
if a security group A has a rule that allow security group B access, the member of security group B is empty, then I delete this rule which allow security group B access, I find that the ipset set in compute node does not be destroyed.
reproduce steps:
1. create security group A and B
2. create a rule for A that allow security group B access
3. create a VM in create security group A
4. delete this rule which allow security group B access
I find the ipset set in compute node does not be destroyed.
Changed in neutron: | |
assignee: | nobody → shihanzhang (shihanzhang) |
summary: |
- ipset set can't be destroyed if related security group member is empty + ipset set is not destroyed if related security group member is empty |
Changed in neutron: | |
importance: | Undecided → Medium |
tags: | added: sg-fw |
Changed in neutron: | |
milestone: | none → liberty-3 |
status: | Fix Committed → Fix Released |
Changed in neutron: | |
milestone: | liberty-3 → 7.0.0 |
To post a comment you must log in.
duplicate to 1460562?