Dropping a rule from security group rules don't drop the connection in the IptablesFirewallDriver (they do for Hybrid)
Bug #1556013 reported by
Miguel Angel Ajo
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Expired
|
Medium
|
Unassigned | ||
Bug Description
This happens because connection tracking zones don't work in the
IptablesFirewal
The subclass for the hybrid driver is the one introducing the zone
rules [1]
I remember it was discussed during this review [2], but I cannot see if
there was any technical detail why we could not do the same thing on
the plain IptablesFirewal
| Changed in neutron: | |
| importance: | Undecided → Medium |
| tags: | added: linuxbridge sg-fw |
| summary: |
- Connection tracking zones don't work in the IptablesFirewallDriver (they - do for Hybrid) + Dropping a rule from security group rules don't drop the connection in + the IptablesFirewallDriver (they do for Hybrid) |
Revision history for this message
| Armando Migliaccio (armando-migliaccio) wrote | #1 |
| Changed in neutron: | |
| status: | New → Incomplete |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in neutron: | |
| status: | Incomplete → Expired |
To post a comment you must log in.
This bug is > 180 days without activity. We are unsetting assignee and milestone and setting status to Incomplete in order to allow its expiry in 60 days.
If the bug is still valid, then update the bug status.