[Openstack-security] [Bug 1244025] Re: Remote security group criteria don't work in Midonet plugin
Akihiro Motoki
1244025 at bugs.launchpad.net
Thu Mar 20 16:48:48 UTC 2014
If the feature proposed patch is not included in Icehouse release, don't
we need the same patch you will propose for Havana soon for Icehouse too
(as long as midonet plugin is a part of Iceshouse release)? I think
Icehouse midonet plugin still works with your old backend even if it
does not work with your new backend.
Generally speaking, FeatureProposeFreeze for I-3 is just a minimum
requirement and it does not ensure the patch is well reviewed and
merged. It is unfortunate the patch is not merged so far but it
sometimes happens due to review burden.
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1244025
Title:
Remote security group criteria don't work in Midonet plugin
Status in OpenStack Neutron (virtual network service):
In Progress
Status in neutron havana series:
New
Status in OpenStack Security Advisories:
Confirmed
Bug description:
When creating a security rule that specifies a remote security group
(rather than a CIDR range), the Midonet plugin does not enforce this
criterion. With an egress rule, for example, one of the criteria for a
particular rule may be that only traffic to security group A will be
allowed out. This criterion is ignored, and traffic will be allowed
out regardless of the destination security group, provided that it
conforms to the rule's other criteria.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1244025/+subscriptions
More information about the Openstack-security
mailing list