Public bug reported: In default securitygroup, we could add a rule in default same as the original egress ipv4 rule.
Reproduce step: # neutron security-group-rule-create --direction egress --remote-ip-prefix 0.0.0.0/0 default It returns: Created a new security_group_rule: +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | direction | egress | | ethertype | IPv4 | | id | d8f968e2-270b-4d6e-a2d0-a408726b7edc | | port_range_max | | | port_range_min | | | protocol | | | remote_group_id | | | remote_ip_prefix | 0.0.0.0/0 | | security_group_id | 9a2c0d86-4a36-46d4-a4da-43a239003eef | | tenant_id | 52953da91c0e47528d5317867391aaec | +-------------------+--------------------------------------+ Actually we expect that "Security group rule already exists. Rule id is xxxxx". ** Affects: neutron Importance: Undecided Assignee: yujie (16189455-d) Status: New ** Changed in: neutron Assignee: (unassigned) => yujie (16189455-d) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1534113 Title: default sg could add same rule as original egress ipv4 rule Status in neutron: New Bug description: In default securitygroup, we could add a rule in default same as the original egress ipv4 rule. Reproduce step: # neutron security-group-rule-create --direction egress --remote-ip-prefix 0.0.0.0/0 default It returns: Created a new security_group_rule: +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | direction | egress | | ethertype | IPv4 | | id | d8f968e2-270b-4d6e-a2d0-a408726b7edc | | port_range_max | | | port_range_min | | | protocol | | | remote_group_id | | | remote_ip_prefix | 0.0.0.0/0 | | security_group_id | 9a2c0d86-4a36-46d4-a4da-43a239003eef | | tenant_id | 52953da91c0e47528d5317867391aaec | +-------------------+--------------------------------------+ Actually we expect that "Security group rule already exists. Rule id is xxxxx". To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1534113/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp