[Openstack-security] [Bug 1334926] Re: floatingip still working once connected even after it is disociated
OpenStack Infra
1334926 at bugs.launchpad.net
Mon Sep 29 22:11:45 UTC 2014
Reviewed: https://review.openstack.org/124375
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=3a30d19e4e2e5bf4f54045561158661b43beecb3
Submitter: Jenkins
Branch: stable/icehouse
commit 3a30d19e4e2e5bf4f54045561158661b43beecb3
Author: Cedric Brandily <zzelle at gmail.com>
Date: Fri Sep 26 12:00:33 2014 +0200
Deletes floating ip related connection states
When a floating ip is dissociated with a port, the current
connection with the floating ip is still working. This patch
will clear the connection state and cut off the connection
immediately.
Since conntrack -D will return 1, which is not an error code,
so add extra_ok_codes argument to execute methods.
Change-Id: Ia9bd7ae243a0859dcb97e2fa939f7d16f9c2456c
Closes-Bug: #1334926
(cherry picked from commit 966645538395079b5337b5ed30d597112279283c)
** Tags added: in-stable-icehouse
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1334926
Title:
floatingip still working once connected even after it is disociated
Status in OpenStack Neutron (virtual network service):
Fix Committed
Status in OpenStack Security Notes:
Fix Released
Bug description:
After we create an SSH connection to a VM via its floating ip, even
though we have removed the floating ip association, we can still
access the VM via that connection. Namely, SSH is not disconnected
when the floating ip is not valid
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1334926/+subscriptions
More information about the Openstack-security
mailing list