openstack security group rule create --protocol None test fails
Bug #1712540 reported by
Valery Tschopp
This bug report is a duplicate of:
Bug #1712242: security group rule create doesn't allow protocol-less rules.
Edit
Remove
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-openstackclient |
In Progress
|
High
|
jython |
Bug Description
It is not possible to create a security group rule for any protocol.
The command 'openstack security group rule create --protocol None test' fails:
$ openstack security group rule create --protocol None test
Error while executing command: Bad Request (HTTP 400) (Request-ID: req-02d41256-
openstack --version: 3.11.0
Debug output is attached.
Changed in python-openstackclient: | |
assignee: | Akihiro Motoki (amotoki) → jython (jython) |
status: | Confirmed → In Progress |
To post a comment you must log in.
Yes, this seems to be a regression. In the old client you could say "neutron security- group-rule- create" without a "--protocol" option, and you'd get a protocol-agnostic rule. But in the new client ("openstack security group rule create"), "--protocol" defaults to "TCP".
It is important to be able to easily restore a protocol-agnostic security group rule, for example when users remove rules from their instance of the "default" Security Group and later want to restore them (or have the operator restore them).