[Expired for neutron because there has been no activity for 60 days.] ** Changed in: neutron Status: Incomplete => Expired
-- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1556013 Title: Dropping a rule from security group rules don't drop the connection in the IptablesFirewallDriver (they do for Hybrid) Status in neutron: Expired Bug description: This happens because connection tracking zones don't work in the IptablesFirewallDriver (they do for Hybrid). The subclass for the hybrid driver is the one introducing the zone rules [1] I remember it was discussed during this review [2], but I cannot see if there was any technical detail why we could not do the same thing on the plain IptablesFirewallDriver itself. [1] https://github.com/openstack/neutron/blob/01a5d9a3c088e54ae78c068408d419ccc53f8ca8/neutron/agent/linux/iptables_firewall.py#L905 [2] https://review.openstack.org/#/c/118274/ To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1556013/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp