Murali Reddy created CLOUDSTACK-9480:
----------------------------------------
Summary: Egress Firewall: Incorrect use of Allow/Deny for ICMP
Key: CLOUDSTACK-9480
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9480
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Network Controller
Affects Versions: 4.9.0, 4.8.0, 4.7.1, 4.6.2
Reporter: Murali Reddy
Assignee: Murali Reddy
Fix For: 4.9.1
When 'default egress policy' is set to 'allow' in the network offering, any
egress rule that is added will 'deny' the traffic overriding the default
behaviour.
Conversely, when 'default egress policy' is set to 'deny' in the network
offering, any egress rule that is added will 'allow' the traffic overriding the
default behaviour.
While this works for 'tcp', 'udp' as expected, for 'icmp' protocol its always
set to ALLOW.
Egress firewall rule behaviour should be consistent for all the protocols.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
