Public bug reported:
Neutron API port range validation is not working correctly.
In neutron-api, when doing port range validation, we compares min_port
and max_port as strings. Which leads to wrong port range specification
could pass the validation successfully.
* Step-by-step reproduction steps:
1. create a firewall rule with wrong port range specification:
openstack firewall group rule create --source-port 1111:9 --protocol tcp
* Expected output:
- "Invalid input for source_port. Reason: First port in a port range must be
lower than the second port."
- This is the error message from neutron API port range validator.
* Actual output:
- "Invalid value for port 1111:9."
- This is the error message from FWaaS exception InvalidPortValue, which
means that the problematic port range specification passed the API validation.
* Version:
- neutron-lib 1.11.0 installed from PyPI as a requirement.
* Environment:
- devstack with FWaaS(master commit 66d3d57ac4fd8630b757d343106de7e974afe698,
Oct 25, 2017)
** Affects: neutron
Importance: Undecided
Assignee: Hunt Xu (huntxu)
Status: In Progress
** Tags: api fwaas
** Changed in: neutron
Assignee: (unassigned) => Hunt Xu (huntxu)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1738371
Title:
Neutron API port range validation not working correctly
Status in neutron:
In Progress
Bug description:
Neutron API port range validation is not working correctly.
In neutron-api, when doing port range validation, we compares min_port
and max_port as strings. Which leads to wrong port range specification
could pass the validation successfully.
* Step-by-step reproduction steps:
1. create a firewall rule with wrong port range specification:
openstack firewall group rule create --source-port 1111:9 --protocol tcp
* Expected output:
- "Invalid input for source_port. Reason: First port in a port range must
be lower than the second port."
- This is the error message from neutron API port range validator.
* Actual output:
- "Invalid value for port 1111:9."
- This is the error message from FWaaS exception InvalidPortValue, which
means that the problematic port range specification passed the API validation.
* Version:
- neutron-lib 1.11.0 installed from PyPI as a requirement.
* Environment:
- devstack with FWaaS(master commit
66d3d57ac4fd8630b757d343106de7e974afe698, Oct 25, 2017)
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1738371/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
