neutron

  1. Bug #1746404
  2. Comment #2

Comment 2 for bug 1746404

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron-fwaas (master)

Reviewed: https://review.openstack.org/539461
Committed: https://git.openstack.org/cgit/openstack/neutron-fwaas/commit/?id=66d4431f990b2da0d3b42493a499ab67e9a0020a
Submitter: Zuul
Branch: master

commit 66d4431f990b2da0d3b42493a499ab67e9a0020a
Author: Nguyen Phuong An <email address hidden>
Date: Wed Jan 31 14:54:53 2018 +0700

    Remove disable option for default FWG and allow only on VM ports

    Currently, auto associate default FWG works only one time and the logic
    is broken if the new port is a DHCP port or router port. This patch
    fixes the problem by validating if a port is a VM port or not,
    ignores port binding failed or unbound and also adds trusted port
    handling. In addition, for security perspective,
    'auto_associate_default_firewall_group' CfgOpt is no longer used.
    Automatic association with default firewall group with VM port
    works by default.

    Closes-Bug: #1746404
    Co-Authored-By: Yushiro FURUKAWA<email address hidden>
    Co-Authored-By: Chandan Dutta Chowdhury<email address hidden>
    Change-Id: Ib567c0e0333335a99b851162d87f17f1a8ceb2dd