Code Review / netvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: bd66523) | patch
Bug 9026: ACL issue in handling port-create 35/62935/3
authorSomashekar Byrappa <somashekar.b@altencalsoftlabs.com>
Tue, 22 Aug 2017 08:10:27 +0000 (13:40 +0530)
committerSam Hague <shague@redhat.com>
Tue, 19 Sep 2017 00:59:01 +0000 (00:59 +0000)
commitfa4669d5a255314b6dfb6920dfb765b0c836513b
treeee29f1860fd9f43ac2387d5a66bed63e8d8d5dc3tree | snapshot
parentbd66523d56bad24d38545ae93f24ca7862c4575dcommit | diff
Bug 9026: ACL issue in handling port-create

Problem:
When a VM is booted by creating a port with commands [1] & [2], ACL
service is bound to the interface which shouldn't have happened as [2]
explicitly sets --port-security-enabled False.

+ During [1], ACL bind service is performed as flag
port-security-enabled=True by default.
+ During [2], ACL unbind service should be performed as flag
port-security-enabled=False is set explicitly. This was not happening.

Solution:
During port-update, ACL unbind service was called only during interface
up. Now this is changed to unbind ACL service irrespective of interface
state (up/down).

Also, handled cache update correctly during port-update.

Commands:
[1] neutron port-create net10 --no-security-groups
[2] neutron port-update <port id> --port-security-enabled False

Change-Id: I73d299fc61e02bee8aafe0370cdf0a4874533ee9
Signed-off-by: Somashekar Byrappa <somashekar.b@altencalsoftlabs.com>
Signed-off-by: Vivekanandan Narasimhan <n.vivekanandan@ericsson.com>
Signed-off-by: Sam Hague <shague@redhat.com>
vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AbstractAclServiceImpl.java diff | blob | history
vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclInterfaceListener.java diff | blob | history
vpnservice/aclservice/impl/src/test/java/org/opendaylight/netvirt/aclservice/tests/AclServiceTestBase.java diff | blob | history
NetVirt - Archived