From 05de286ae2ec09fc9f84dc5ef84cb5d1172db814 Mon Sep 17 00:00:00 2001 From: Adit Sarfaty Date: Sun, 24 Feb 2019 09:38:48 +0200 Subject: [PATCH] NSX|V3+V: Handle fwaas policy modification Commit I6623367e9b8af6433c914f5b3864695fa886d332 partially fixed the case where a firewall group policy is removed/changed. This patch adds a fix so the the firewall group will not be considered INACTIVE Change-Id: Iba2b7b056c4f63b77a6232e36c8784bc90e6b8e1 --- vmware_nsx/services/fwaas/common/fwaas_callbacks_v2.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vmware_nsx/services/fwaas/common/fwaas_callbacks_v2.py b/vmware_nsx/services/fwaas/common/fwaas_callbacks_v2.py index 916d5b1e8a..3c76c6daee 100644 --- a/vmware_nsx/services/fwaas/common/fwaas_callbacks_v2.py +++ b/vmware_nsx/services/fwaas/common/fwaas_callbacks_v2.py @@ -91,6 +91,8 @@ class NsxFwaasCallbacksV2(firewall_l3_agent_v2.L3WithFWaaS): # No change in ports, but policy changed so all ports are # relevant fwg_port_ids = firewall_group['ports'] + # Mark to the driver that this is not port deletion + firewall_group['last-port'] = False elif not require_new_plugin: routers = self._get_routers_in_project( context, firewall_group['tenant_id'])