What change introduced this bug? Is it present in stable branches too,
or just master?
** Also affects: ossa
Importance: Undecided
Status: New
** Information type changed from Public to Public Security
** Changed in: ossa
Status: New => Incomplete
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1611991
Title:
[ovs firewall] Port 23 is open on booted vms with only ping/ssh on 22
allowed.
Status in neutron:
In Progress
Status in OpenStack Security Advisory:
Incomplete
Bug description:
Seen on master devstack, ubuntu xenial.
Steps to reproduce:
1. Enable ovs firewall in /etc/neutron/plugins/ml2/ml2.conf
[securitygroup]
firewall_driver = openvswitch
2. Create a security group with icmp, tcp to 22.
3. Boot a VM, assign a floating ip.
4. Check that port 23 can be accessed via tcp (telnet, nc, etc).
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1611991/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
