[FWaaS] Remove client side protocol validation

slawqo · slawqo · commit f7c085005de1 · 2026-02-23T16:57:58.000+01:00
There is no need to limit available choices for the firewall rule's
protocol on the client side. Neutron-fwaas plugin on the server side
will do the validation in the same way as for security group rules.
And for SG rules OSC is not validating nor limiting choices on the
client's side at all.

Closes-bug: #2142479

Change-Id: I8c02a2232601c2ab6655c458aa0365102b3b5e2d
Signed-off-by: Slawek Kaplonski &lt;skaplons@redhat.com&gt;
diff --git a/neutronclient/osc/v2/fwaas/firewallrule.py b/neutronclient/osc/v2/fwaas/firewallrule.py
@@ -86,9 +86,12 @@ def _get_common_parser(parser):
         help=_('Description of the firewall rule'))
     parser.add_argument(
         '--protocol',
-        choices=['tcp', 'udp', 'icmp', 'any'],
         type=nc_utils.convert_to_lowercase,
-        help=_('Protocol for the firewall rule'))
+        help=_('IP protocol (ah, dccp, egp, esp, gre, icmp, igmp, '
+               'ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, '
+               'ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, '
+               'vrrp and integer representations [0-255] or any; '
+               'default: any (all protocols))'))
     parser.add_argument(
         '--action',
         choices=['allow', 'deny', 'reject'],
