diff --git a/nova/tests/test_api.py b/nova/tests/test_api.py
index e9f1145d..2d3d4b60 100644
--- a/nova/tests/test_api.py
+++ b/nova/tests/test_api.py
@@ -386,6 +386,50 @@ class ApiEc2TestCase(test.TestCase):
         group.connection = self.ec2
 
         group.authorize('tcp', 80, 81, '0.0.0.0/0')
+        group.authorize('icmp', -1, -1, '0.0.0.0/0')
+        group.authorize('udp', 80, 81, '0.0.0.0/0')
+        # Invalid CIDR address
+        self.assertRaises(Exception,
+                          group.authorize, 'tcp', 80, 81, '0.0.0.0/0444')
+        # Missing ports
+        self.assertRaises(Exception,
+                          group.authorize, 'tcp', '0.0.0.0/0')
+        # from port cannot be greater than to port
+        self.assertRaises(Exception,
+                          group.authorize, 'tcp', 100, 1, '0.0.0.0/0')
+        # For tcp, negative values are not allowed
+        self.assertRaises(Exception,
+                          group.authorize, 'tcp', -1, 1, '0.0.0.0/0')
+        # For tcp, valid port range 1-65535
+        self.assertRaises(Exception,
+                          group.authorize, 'tcp', 1, 65599, '0.0.0.0/0')
+        # For icmp, only -1:-1 is allowed for type:code
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', -1, 0, '0.0.0.0/0')
+        # Non valid type:code
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', 0, 3, '0.0.0.0/0')
+        # Invalid Cidr for ICMP type
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', -1, -1, '0.0.444.0/4')
+        # Invalid protocol
+        self.assertRaises(Exception,
+                          group.authorize, 'xyz', 1, 14, '0.0.0.0/0')
+        # Invalid port
+        self.assertRaises(Exception,
+                          group.authorize, 'tcp', " ", "81", '0.0.0.0/0')
+        # Invalid icmp port
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', " ", "81", '0.0.0.0/0')
+        # Invalid CIDR Address
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', -1, -1, '0.0.0.0')
+        # Invalid CIDR Address
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', -1, -1, '0.0.0.0/')
+        # Invalid Cidr ports
+        self.assertRaises(Exception,
+                          group.authorize, 'icmp', 1, 256, '0.0.0.0/0')
 
         self.expect_http()
         self.mox.ReplayAll()
@@ -394,7 +438,7 @@ class ApiEc2TestCase(test.TestCase):
 
         group = [grp for grp in rv if grp.name == security_group_name][0]
 
-        self.assertEquals(len(group.rules), 1)
+        self.assertEquals(len(group.rules), 3)
         self.assertEquals(int(group.rules[0].from_port), 80)
         self.assertEquals(int(group.rules[0].to_port), 81)
         self.assertEquals(len(group.rules[0].grants), 1)
@@ -405,6 +449,8 @@ class ApiEc2TestCase(test.TestCase):
         group.connection = self.ec2
 
         group.revoke('tcp', 80, 81, '0.0.0.0/0')
+        group.revoke('icmp', -1, -1, '0.0.0.0/0')
+        group.revoke('udp', 80, 81, '0.0.0.0/0')
 
         self.expect_http()
         self.mox.ReplayAll()