Old conjunction left after sg update
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Undecided
|
Yang Li |
Bug Description
1.Create 2 security groups:
test-security1, with rule(ingress, IPv4, 1-65535/tcp, remote_group: test-security1)
test-security2, with rule(ingress, IPv4, 1-65535/tcp, remote_group: test-security2)
2.Create a VM(IP: 40.0.0.46) with test-security1, then the open flows showed:
cookie=
cookie=
3.Update VM's sg to test-security2, then the open flows showed:
cookie=
cookie=
You can see the old conjunction for test-security1 still exists: conjunction(14,1/2) and conjunction(15,1/2)
This will cause security problem for VM, because it still can be reached by the old sg VMs.
description: | updated |
tags: | added: neutron-proactive-backport-potential |
tags: | removed: neutron-proactive-backport-potential |
Fix proposed to branch: master /review. opendev. org/696236
Review: https:/