]> review.fuel-infra Code Review - openstack-build/neutron-build.git/commit
Code Review / openstack-build / neutron-build.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 12a4ae1) | patch
Destroy ipset when the corresponding rule is removed
authorshihanzhang <shihanzhang@huawei.com>
Tue, 9 Jun 2015 09:47:39 +0000 (17:47 +0800)
committershihanzhang <shihanzhang@huawei.com>
Wed, 12 Aug 2015 11:27:01 +0000 (11:27 +0000)
commit653fd35be2ebc7bdfd1eb417d086cf0884be29cd
tree65c6aafbe9fde342438c241faad79da6297966b3tree | snapshot
parent12a4ae1221a27285b3aa79a748caff3b55ff03a7commit | diff
Destroy ipset when the corresponding rule is removed

if a security group has a rule which allow a remote group access,
but this remote group has no IPv4 and IPv6 members, L2 agent
should not clear the remote group in internal cache of sg_members,
because when above rule is deleted, L2 agent can get the remote group
id from the diff of pre_sg_members-sg_members, then destroy the ipset
set for remote group.

Change-Id: I801b14c9f506c5a07f8875b8f9be1b05d181b842
Closes-bug: #1463331
neutron/agent/linux/iptables_firewall.py diff | blob | history
neutron/tests/unit/agent/linux/test_iptables_firewall.py diff | blob | history