diff --git a/bin/nova-manage b/bin/nova-manage
index 9d67ed95..0d560ec0 100755
--- a/bin/nova-manage
+++ b/bin/nova-manage
@@ -56,11 +56,11 @@
 import gettext
 import glob
 import json
+import netaddr
 import os
 import sys
 import time
 
-import IPy
 
 # If ../nova/__init__.py exists, add ../ to Python search path, so that
 # it will override what happens to be installed in /usr/(local/)lib/python...
@@ -525,14 +525,14 @@ class FloatingIpCommands(object):
     def create(self, range):
         """Creates floating ips for zone by range
         arguments: ip_range"""
-        for address in IPy.IP(range):
+        for address in netaddr.IPNetwork(range):
             db.floating_ip_create(context.get_admin_context(),
                                   {'address': str(address)})
 
     def delete(self, ip_range):
         """Deletes floating ips by range
         arguments: range"""
-        for address in IPy.IP(ip_range):
+        for address in netaddr.IPNetwork(ip_range):
             db.floating_ip_destroy(context.get_admin_context(),
                                    str(address))
 
diff --git a/nova/tests/test_adminapi.py b/nova/tests/test_adminapi.py
index eb446678..877cf4ea 100644
--- a/nova/tests/test_adminapi.py
+++ b/nova/tests/test_adminapi.py
@@ -81,5 +81,27 @@ class AdminApiTestCase(test.TestCase):
     def test_block_external_ips(self):
         """Make sure provider firewall rules are created."""
         result = self.api.block_external_addresses(self.context, '1.1.1.1/32')
+        self.api.remove_external_address_block(self.context, '1.1.1.1/32')
         self.assertEqual('OK', result['status'])
         self.assertEqual('Added 3 rules', result['message'])
+
+    def test_list_blocked_ips(self):
+        """Make sure we can see the external blocks that exist."""
+        self.api.block_external_addresses(self.context, '1.1.1.2/32')
+        result = self.api.describe_external_address_blocks(self.context)
+        num = len(db.provider_fw_rule_get_all(self.context))
+        self.api.remove_external_address_block(self.context, '1.1.1.2/32')
+        # we only list IP, not tcp/udp/icmp rules
+        self.assertEqual(num / 3, len(result['externalIpBlockInfo']))
+
+    def test_remove_ip_block(self):
+        """Remove ip blocks."""
+        result = self.api.block_external_addresses(self.context, '1.1.1.3/32')
+        self.assertEqual('OK', result['status'])
+        num0 = len(db.provider_fw_rule_get_all(self.context))
+        result = self.api.remove_external_address_block(self.context,
+                                                        '1.1.1.3/32')
+        self.assertEqual('OK', result['status'])
+        self.assertEqual('Deleted 3 rules', result['message'])
+        num1 = len(db.provider_fw_rule_get_all(self.context))
+        self.assert_(num1 < num0)
diff --git a/nova/tests/test_libvirt.py b/nova/tests/test_libvirt.py
index 176c536b..5a081ddf 100644
--- a/nova/tests/test_libvirt.py
+++ b/nova/tests/test_libvirt.py
@@ -1145,6 +1145,13 @@ class IptablesFirewallTestCase(test.TestCase):
                 provjump_rules.append(rule)
         self.assertEqual(1, len(provjump_rules))
 
+        # remove a rule from the db, cast to compute to refresh rule
+        db.provider_fw_rule_destroy(admin_ctxt, provider_fw1['id'])
+        self.fw.refresh_provider_fw_rules()
+        rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules
+                      if rule.chain == 'provider']
+        self.assertEqual(1, len(rules))
+
 
 class NWFilterTestCase(test.TestCase):
     def setUp(self):