Skip to content

Commit efe3183

Browse files
John Kinsellake4qqq
authored andcommitted
CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1
Description: Unindented 3 lines to update logic flow to execute iptables when passed ICMP type is not -1.
1 parent 980f793 commit efe3183

1 file changed

Lines changed: 3 additions & 3 deletions

File tree

scripts/vm/network/security_group.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -639,8 +639,8 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac, rules, vif
639639
range = start + "/" + end
640640
if start == "-1":
641641
range = "any"
642-
for ip in ips:
643-
execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " " + direction + " " + ip + " -j "+ action)
642+
for ip in ips:
643+
execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " " + direction + " " + ip + " -j "+ action)
644644

645645
if allow_any and protocol != 'all':
646646
if protocol != 'icmp':
@@ -649,7 +649,7 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac, rules, vif
649649
range = start + "/" + end
650650
if start == "-1":
651651
range = "any"
652-
execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j "+action)
652+
execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j "+action)
653653

654654
egress_vmchain = egress_chain_name(vm_name)
655655
if egressrule == 0 :

0 commit comments

Comments
 (0)