Comment 2 for bug 1749667
Revision history for this message
| Brian Haley (brian-haley) wrote Re: neutron doesn't correctly handle unknown protocols and should whitelist known and handled protocols | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I can reproduce this, for example:
$ openstack security group rule create --ingress --protocol 70 --dst-port 70:71 default
Although the security DB code does check the range, it only does it for protocols it knows support it like TCP. There should be a check to reject a range if it's not a known good protocol.
I'm working on a change now.