Don't allow user to set firewall rule with port and no protocol
Creating firewall rules specifying a destination port and/or a source
port without a protocol, generates rules without src or dest port
restriction. This was a real security issue for cloud users.
This patch generates a 400 Bad request "Source/destination port
requires a protocol" in case of creation/update of firewall rules
specifying a destination port and/or a source port and without protocol.
DocImpact
Closes-Bug: #1365961
Change-Id: I4a3a1d9ae7ec4b2a864b3edc83d65ef7f80cbba5
(cherry picked from commit 6f3ae396ed9a9525d4ca77fb8e9b2857fe79b568)
Reviewed: https:/ /review. openstack. org/121839 /git.openstack. org/cgit/ openstack/ neutron/ commit/ ?id=50e15341fef 87058f6e5f79299 c30ac6ee38ddf0
Committed: https:/
Submitter: Jenkins
Branch: stable/icehouse
commit 50e15341fef8705 8f6e5f79299c30a c6ee38ddf0
Author: Bertrand Lallau <email address hidden>
Date: Tue Sep 9 14:56:59 2014 +0200
Don't allow user to set firewall rule with port and no protocol
Creating firewall rules specifying a destination port and/or a source
port without a protocol, generates rules without src or dest port
restriction. This was a real security issue for cloud users.
This patch generates a 400 Bad request "Source/destination port
requires a protocol" in case of creation/update of firewall rules
specifying a destination port and/or a source port and without protocol.
DocImpact
Closes-Bug: #1365961
Change-Id: I4a3a1d9ae7ec4b 2a864b3edc83d65 ef7f80cbba5 5d4ca77fb8e9b28 57fe79b568)
(cherry picked from commit 6f3ae396ed9a952