<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    There is a bug describing this issue <a
      href="https://bugs.launchpad.net/nova/+bug/849997">https://bugs.launchpad.net/nova/+bug/849997</a>
    <br>
    <br>
    I will begin working on a patch.<br>
    <br>
    On 07/11/11 15:28, Vishvananda Ishaya wrote:
    <blockquote
      cite="mid:DFA1AFB3-7413-430B-BC11-8A7D6AA43981@gmail.com"
      type="cite">This is a bug.  It is residual from previous code
      where source groups didn't allow specific protocols to be
      specified.  I think there may be a bug already, but if not, can
      you please file one?  If you see where it is happening in the code
      a patch would also be appreciated.
      <div><br>
      </div>
      <div>Vish</div>
      <div><br>
        <div>
          <div>On Nov 7, 2011, at 6:30 AM, David McNally wrote:</div>
          <br class="Apple-interchange-newline">
          <blockquote type="cite">
            <meta http-equiv="content-type" content="text/html;
              charset=ISO-8859-1">
            <div bgcolor="#ffffff" text="#000000"> Hi,<br>
              <br>
              We've run into an issue where we can add only a single
              rule per source-group to a security group. e.g:<br>
              <br>
              <span class="Apple-style-span" style="font-family:
                arial,FreeSans,Helvetica,sans-serif; font-size: 14px;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: 20px;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;
                background-color: rgb(255, 255, 255); display: inline !
                important; float: none;">euca-authorize --protocol icmp
                -t -1:-1 --source-group groupB groupA<span
                  class="Apple-converted-space"> </span></span><br>
              <br>
              will add a security rule as expected but if we cannot add
              a second rule to groupA with groupB as the source e.g.:<br>
              <br>
              <span class="Apple-style-span" style="font-family:
                arial,FreeSans,Helvetica,sans-serif; font-size: 14px;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: 20px;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;
                background-color: rgb(255, 255, 255); display: inline !
                important; float: none;">euca-authorize --protocol tcp
                --port-range 22 --source-group groupB groupA<span
                  class="Apple-converted-space"> </span></span><br
                style="color: rgb(0, 0, 0); font-family:
                arial,FreeSans,Helvetica,sans-serif; font-size: 14px;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: 20px;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;
                background-color: rgb(255, 255, 255);">
              <span class="Apple-style-span" style="font-family:
                arial,FreeSans,Helvetica,sans-serif; font-size: 14px;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: 20px;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;
                background-color: rgb(255, 255, 255); display: inline !
                important; float: none;"><span
                  class="Apple-converted-space"></span></span><span
                class="Apple-style-span" style="font-family:
                arial,FreeSans,Helvetica,sans-serif; font-size: 14px;
                font-style: normal; font-variant: normal; font-weight:
                normal; letter-spacing: normal; line-height: 20px;
                orphans: 2; text-indent: 0px; text-transform: none;
                white-space: normal; widows: 2; word-spacing: 0px;
                background-color: rgb(255, 255, 255); display: inline !
                important; float: none;">ApiError: This rule already
                exists in group ert2</span><br>
              <br>
              I can see where this is happening in the code and I was
              wondering if this behavior is by design or if it is
              intended to change in a future release?<br>
              <br>
              Thanks,<br>
              <br>
              Dave<br>
            </div>
            _______________________________________________<br>
            Mailing list: <a moz-do-not-send="true"
              href="https://launchpad.net/%7Eopenstack">https://launchpad.net/~openstack</a><br>
            Post to     : <a moz-do-not-send="true"
              href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a><br>
            Unsubscribe : <a moz-do-not-send="true"
              href="https://launchpad.net/%7Eopenstack">https://launchpad.net/~openstack</a><br>
            More help   : <a moz-do-not-send="true"
              href="https://help.launchpad.net/ListHelp">https://help.launchpad.net/ListHelp</a><br>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
  </body>
</html>