2 files changed, 11 insertions, 14 deletions

diff --git a/nova/tests/test_libvirt.py b/nova/tests/test_libvirt.py
index 1743b09a2..0eaf069fb 100644
--- a/nova/tests/test_libvirt.py
+++ b/nova/tests/test_libvirt.py
@@ -884,10 +884,7 @@ class IptablesFirewallTestCase(test.TestCase):
 
     def test_provider_firewall_rules(self):
         # setup basic instance data
-        instance_ref = db.instance_create(self.context,
-                                          {'user_id': 'fake',
-                                          'project_id': 'fake',
-                                          'mac_address': '56:12:12:12:12:12'})
+        instance_ref = self._create_instance_ref()
         ip = '10.11.12.13'
         network_ref = db.project_get_network(self.context, 'fake')
         admin_ctxt = context.get_admin_context()
diff --git a/nova/virt/libvirt/firewall.py b/nova/virt/libvirt/firewall.py
index 5bdc0c1c6..c4192fac0 100644
--- a/nova/virt/libvirt/firewall.py
+++ b/nova/virt/libvirt/firewall.py
@@ -749,29 +749,29 @@ class IptablesFirewallDriver(FirewallDriver):
         ipv6_rules = []
         rules = db.provider_fw_rule_get_all(ctxt)
         for rule in rules:
-            LOG.debug(_('Adding prvider rule: %r'), rule)
-            version = netutils.get_ip_version(rule.cidr)
+            LOG.debug(_('Adding provider rule: %s'), rule['cidr'])
+            version = netutils.get_ip_version(rule['cidr'])
             if version == 4:
                 fw_rules = ipv4_rules
             else:
                 fw_rules = ipv6_rules
 
-            protocol = rule.protocol
+            protocol = rule['protocol']
             if version == 6 and protocol == 'icmp':
                 protocol = 'icmpv6'
 
-            args = ['-p', protocol, '-s', rule.cidr]
+            args = ['-p', protocol, '-s', rule['cidr']]
 
             if protocol in ['udp', 'tcp']:
-                if rule.from_port == rule.to_port:
-                    args += ['--dport', '%s' % (rule.from_port,)]
+                if rule['from_port'] == rule['to_port']:
+                    args += ['--dport', '%s' % (rule['from_port'],)]
                 else:
                     args += ['-m', 'multiport',
-                             '--dports', '%s:%s' % (rule.from_port,
-                                                    rule.to_port)]
+                             '--dports', '%s:%s' % (rule['from_port'],
+                                                    rule['to_port'])]
             elif protocol == 'icmp':
-                icmp_type = rule.from_port
-                icmp_code = rule.to_port
+                icmp_type = rule['from_port']
+                icmp_code = rule['to_port']
 
                 if icmp_type == -1:
                     icmp_type_arg = None