[ https://issues.apache.org/jira/browse/CLOUDSTACK-9404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15332149#comment-15332149 ]
ASF GitHub Bot commented on CLOUDSTACK-9404: -------------------------------------------- Github user pdube commented on the issue: https://github.com/apache/cloudstack/pull/1581 @kishankavala I think that the ultimate fix will be in the VR. However, the inversion of the list is fixed with this patch, and does not require a VR update. This is a good enough fix for now, as the ordering inversion is a critical security bug, since the rule numbers you are giving are not being applied as expected. > Network ACL rules in VPCs are applied in an inverted order > ---------------------------------------------------------- > > Key: CLOUDSTACK-9404 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9404 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Affects Versions: 4.7.2, 4.8.0, 4.9.0 > Reporter: Patrick D. > Assignee: Patrick D. > > Found the issue in the agent code. The comparator is inverted -- This message was sent by Atlassian JIRA (v6.3.4#6332)