[
https://issues.apache.org/jira/browse/CLOUDSTACK-2819?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13689168#comment-13689168
]
ASF subversion and git services commented on CLOUDSTACK-2819:
-------------------------------------------------------------
Commit 0e548d848dbfb20ca756e4836a72e5f5bd25947e in branch
refs/heads/master-6-17-stable from [~kishan]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=0e548d8 ]
CLOUDSTACK-2819: Revoke existing ACL items if the new ACL is empty
> [VPC][ACL]VPC tier accepting empty ACL list.
> --------------------------------------------
>
> Key: CLOUDSTACK-2819
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2819
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Network Controller
> Affects Versions: 4.2.0
> Reporter: manasaveloori
> Assignee: Kishan Kavala
> Fix For: 4.2.0
>
>
> Steps:
> 1. Have a CS with advanced zone.
> 2. Create a VPC and a tier .
> 3. Create a ACL list under network ACL lists. Leave the ACL list empty.
> 4. Apply default_allow for tier network.
> 5. View the configuration in VR(iptables –L –nv –t mangle).
> 6. Now replace the ACL list for the tier with the one created in step3.
> 7. Now the configuration in VR does not change.
> Follow the steps 4 to 7 with default_deny .The same can be observed.
> Expected behavior:
> Should not allow the user to apply the empty ACL list to network.
> network_acl_id is changing as we replace the ACL list under networks table.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
