x
/
vmware-nsx
Code Issues Proposed changes

NSX|V: fix rule ID for FWaaS v2 rules 

The DB rule id must contain the vnic as well so there are no DB
duplications when adding the same rule to multiple router interfaces.

Change-Id: I817d9434715d7bd3cba266575321d4c89bf173e4
This commit is contained in:
asarfaty 2020-11-11 10:44:27 +02:00
parent 8b887e9393
commit 5c36808332
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
vmware_nsx/services/fwaas/nsx_v/fwaas_callbacks_v2.py
View File

@ -157,9 +157,11 @@ class NsxvFwaasCallbacksV2(com_callbacks.NsxFwaasCallbacksV2):
# update rules ID to prevent DB duplications in
# NsxvEdgeFirewallRuleBinding
if is_ingress:
rule['id'] = ('ingress-%s' % rule['id'])[:36]
rule['id'] = ('ingress-%s-%s' % (replace_dest,
rule['id']))[:36]
else:
rule['id'] = ('egress-%s' % rule['id'])[:36]
rule['id'] = ('egress-%s-%s' % (replace_src,
rule['id']))[:36]
# source & destination should be lists
if (rule.get('destination_ip_address') and
not rule['destination_ip_address'].startswith('0.0.0.0')):

6
vmware_nsx/tests/unit/nsx_v/test_fwaas_v2_driver.py
View File

@ -152,9 +152,11 @@ class NsxvFwaasTestCase(test_v_plugin.NsxVPluginV2TestCase):
(rule.get('name') or rule['id']))[:30]
if rule.get('id'):
if is_ingress:
rule['id'] = ('ingress-%s' % rule['id'])[:36]
rule['id'] = ('ingress-%s-%s' % (nsx_port_id,
rule['id']))[:36]
else:
rule['id'] = ('egress-%s' % rule['id'])[:36]
rule['id'] = ('egress-%s-%s' % (nsx_port_id,
rule['id']))[:36]
return translated_rules