The firewall group's status is active when firewall group has no any policy
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
New
|
Undecided
|
Unassigned |
Bug Description
Creating a firewall group with policies and 1 interface ports.
[root@test25g04 yuanshuo1]# openstack firewall group show ys-normal-fw1 +------
| Field | Value |
+------
| Description | |
| Egress Policy ID | 0910e062-
| ID | f3b8441a-
| Ingress Policy ID | 9873dfd4-
| Name | ys-normal-fw1 |
| Ports | [u'ef283f14-
| Project | 17bf57ec04994db
| Shared | False |
| State | UP |
| Status | ACTIVE |
| project_id | 17bf57ec04994db
| revision_number | 9 |
| tags | [] |
+------
Then update the firewall group, but the status of firewall group is active.
[root@test25g04 yuanshuo1]# openstack firewall group set --no-ingress-
[root@test25g04 yuanshuo1]# openstack firewall group show ys-normal-fw1
+------
| Field | Value |
+------
| Description | |
| Egress Policy ID | None |
| ID | f3b8441a-
| Ingress Policy ID | None |
| Name | ys-normal-fw1 |
| Ports | [u'ef283f14-
| Project | 17bf57ec04994db
| Shared | False |
| State | UP |
| Status | ACTIVE |
| project_id | 17bf57ec04994db
| revision_number | 10 |
| tags | [] |
+------
tags: | added: fwaas |
What version are you observing this behavior with? I would defer to someone with more FWaaS expertise, but this seems like expected behavior. I don't see why this sequence of commands would lead the status of the firewall group to be anything other than ACTIVE. I wouldn't expect the status field to indicate whether it is bound to policies or not, I would simply expect status to indicate proper provisioning of the resource.