Comment 0 for bug 1786746
Revision history for this message
| LongKB (longkb.fvl) wrote [FW Logging] NFLOG rules still remains after delete log resource | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I have tested a logging feature for firewall_group in stable/rocky [1], and found a bug. Please follow the following testcase to reproduce this bug:
Environment:
- Devstack stable/rocky
- Create a router with port-A that attach to fwg1
Testcase 1
----------
Create 2 log-resources:
+ A: {ACCEPT, fwg1, port-A }
+ B : {DROP, fwg1, port-A}
NFLOGs are added to iptables correctly
Delete log-resource A
=> expect: NFLOGs for ACCEPT disappears
=> Observed: NFLOGs for ACCEPT still remains => Bug
Testcase 2
----------
Create 2 log-resources
+ A: {ALL, fwg1, port-A }
+ B : {ACCEPT, fwg1, port-A}
=> NFLOGs are added to iptables correctly
Delete log-resource A
=> expect: NFLOGs for ACCEPT and DROP disappears
=> Observed: NFLOGs for ACCEPT and DROP still remains => Bug
References:
[1] https:/