Don't allow user to set firewall rule with port and no protocol
Creating firewall rules specifying a destination port and/or a source
port without a protocol, generates rules without src or dest port
restriction. This was a real security issue for cloud users.
This patch generates a 400 Bad request "Source/destination port
requires a protocol" in case of creation/update of firewall rules
specifying a destination port and/or a source port and without protocol.
Reviewed: https:/ /review. openstack. org/120076 /git.openstack. org/cgit/ openstack/ neutron/ commit/ ?id=6f3ae396ed9 a9525d4ca77fb8e 9b2857fe79b568
Committed: https:/
Submitter: Jenkins
Branch: master
commit 6f3ae396ed9a952 5d4ca77fb8e9b28 57fe79b568
Author: Bertrand Lallau <email address hidden>
Date: Tue Sep 9 14:56:59 2014 +0200
Don't allow user to set firewall rule with port and no protocol
Creating firewall rules specifying a destination port and/or a source
port without a protocol, generates rules without src or dest port
restriction. This was a real security issue for cloud users.
This patch generates a 400 Bad request "Source/destination port
requires a protocol" in case of creation/update of firewall rules
specifying a destination port and/or a source port and without protocol.
DocImpact
Closes-Bug: #1365961
Change-Id: I4a3a1d9ae7ec4b 2a864b3edc83d65 ef7f80cbba5