From f7c085005de1ec98656c904a4d90fe833044ae9e Mon Sep 17 00:00:00 2001
From: Slawek Kaplonski <skaplons@redhat.com>
Date: Mon, 23 Feb 2026 16:39:28 +0100
Subject: [PATCH] [FWaaS] Remove client side protocol validation

There is no need to limit available choices for the firewall rule's
protocol on the client side. Neutron-fwaas plugin on the server side
will do the validation in the same way as for security group rules.
And for SG rules OSC is not validating nor limiting choices on the
client's side at all.

Closes-bug: #2142479

Change-Id: I8c02a2232601c2ab6655c458aa0365102b3b5e2d
Signed-off-by: Slawek Kaplonski <skaplons@redhat.com>
---
 neutronclient/osc/v2/fwaas/firewallrule.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/neutronclient/osc/v2/fwaas/firewallrule.py b/neutronclient/osc/v2/fwaas/firewallrule.py
index 206a9b4e1..8bc15b579 100644
--- a/neutronclient/osc/v2/fwaas/firewallrule.py
+++ b/neutronclient/osc/v2/fwaas/firewallrule.py
@@ -86,9 +86,12 @@ def _get_common_parser(parser):
         help=_('Description of the firewall rule'))
     parser.add_argument(
         '--protocol',
-        choices=['tcp', 'udp', 'icmp', 'any'],
         type=nc_utils.convert_to_lowercase,
-        help=_('Protocol for the firewall rule'))
+        help=_('IP protocol (ah, dccp, egp, esp, gre, icmp, igmp, '
+               'ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, '
+               'ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, '
+               'vrrp and integer representations [0-255] or any; '
+               'default: any (all protocols))'))
     parser.add_argument(
         '--action',
         choices=['allow', 'deny', 'reject'],