iptables duplicate rule warning on ports with multiple security groups
Bug #1565705 reported by
Kevin Benton
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Kevin Benton |
Bug Description
If ports are members of multiple security groups, there may be duplicate rules when it comes time to convert them to iptables rules (e.g. both groups have a rule to allow TCP port 80). This results in warnings from the iptables manager detecting duplicate rules that hint that there may be a bug.
For example:
WARNING neutron.
This warning resulted from a port that was a member of two security groups that both allowed all EGRESS traffic.
Changed in neutron: | |
assignee: | nobody → Kevin Benton (kevinbenton) |
Changed in neutron: | |
importance: | Undecided → Medium |
tags: | added: mitaka-backport-potential |
tags: | added: liberty-backport-potential |
tags: | added: neutron-proactive-backport-potential |
tags: | removed: neutron-proactive-backport-potential |
tags: | removed: liberty-backport-potential mitaka-backport-potential |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/301029
Review: https:/