Merge "Fix Security-rule's port should not set to 0 when Protocol is TCP/UDP"
This commit is contained in:
commit
399a6f88dd
neutron
@ -431,7 +431,9 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
|
||||
raise ext_sg.SecurityGroupProtocolRequiredWithPorts()
|
||||
ip_proto = self._get_ip_proto_number(rule['protocol'])
|
||||
if ip_proto in [constants.PROTO_NUM_TCP, constants.PROTO_NUM_UDP]:
|
||||
if (rule['port_range_min'] is not None and
|
||||
if rule['port_range_min'] == 0 or rule['port_range_max'] == 0:
|
||||
raise ext_sg.SecurityGroupInvalidPortValue(port=0)
|
||||
elif (rule['port_range_min'] is not None and
|
||||
rule['port_range_max'] is not None and
|
||||
rule['port_range_min'] <= rule['port_range_max']):
|
||||
pass
|
||||
|
@ -258,9 +258,6 @@ class SGServerRpcCallBackTestCase(test_sg.SecurityGroupDBTestCase):
|
||||
expected)
|
||||
self._delete('ports', port_id1)
|
||||
|
||||
def test_sg_rules_for_devices_ipv4_ingress_port_range_min_port_0(self):
|
||||
self._test_sg_rules_for_devices_ipv4_ingress_port_range(0, 10)
|
||||
|
||||
def test_sg_rules_for_devices_ipv4_ingress_port_range_min_port_1(self):
|
||||
self._test_sg_rules_for_devices_ipv4_ingress_port_range(1, 10)
|
||||
|
||||
|
@ -1503,6 +1503,23 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
|
||||
self.deserialize(self.fmt, res)
|
||||
self.assertEqual(res.status_int, webob.exc.HTTPBadRequest.code)
|
||||
|
||||
def test_create_security_group_rule_with_invalid_tcp_or_udp_protocol(self):
|
||||
security_group_id = "4cd70774-cc67-4a87-9b39-7d1db38eb087"
|
||||
direction = "ingress"
|
||||
remote_ip_prefix = "10.0.0.0/24"
|
||||
protocol = 'tcp'
|
||||
port_range_min = 0
|
||||
port_range_max = 80
|
||||
remote_group_id = "9cd70774-cc67-4a87-9b39-7d1db38eb087"
|
||||
rule = self._build_security_group_rule(security_group_id, direction,
|
||||
protocol, port_range_min,
|
||||
port_range_max,
|
||||
remote_ip_prefix,
|
||||
remote_group_id)
|
||||
res = self._create_security_group_rule(self.fmt, rule)
|
||||
self.deserialize(self.fmt, res)
|
||||
self.assertEqual(res.status_int, webob.exc.HTTPBadRequest.code)
|
||||
|
||||
def test_create_port_with_non_uuid(self):
|
||||
with self.network() as n:
|
||||
with self.subnet(n):
|
||||
|
Loading…
x
Reference in New Issue
Block a user