Public bug reported: iptables_manager should have abilitiy to ensure rule was added only once. In function [1], it just adds the new rule to the cache list no matter if it is duplicated. And finally, warning LOG [2] will be raised. Sometimes, there will have multiple threads to add rule for one same resource, it may be not easy for users to ensure that their rule generation code was run as expected. So rule will be duplicated in cache. And during the removal procedure, cache has duplicated rules, remove one then there still has same rule remained. As a result, the linux netfilter rule may have nothing changed after user's removal action.
[1] https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L205-L225 [2] https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L718-L725 ** Affects: neutron Importance: High Assignee: LIU Yulong (dragon889) Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1845145 Title: [L3] add abilitiy for iptables_manager to ensure rule was added only once Status in neutron: New Bug description: iptables_manager should have abilitiy to ensure rule was added only once. In function [1], it just adds the new rule to the cache list no matter if it is duplicated. And finally, warning LOG [2] will be raised. Sometimes, there will have multiple threads to add rule for one same resource, it may be not easy for users to ensure that their rule generation code was run as expected. So rule will be duplicated in cache. And during the removal procedure, cache has duplicated rules, remove one then there still has same rule remained. As a result, the linux netfilter rule may have nothing changed after user's removal action. [1] https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L205-L225 [2] https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L718-L725 To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1845145/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp