From ff06c7c885dc94ed7c828e8cdbb8b5d850a7e654 Mon Sep 17 00:00:00 2001
From: Vishvananda Ishaya <vishvananda@gmail.com>
Date: Wed, 6 Jun 2012 13:25:04 -0400
Subject: Fix up protocol case handling for security groups.

Fix bug 985184.

When creating security group rules, any case for the protocol was
accepted as input, such as TCP, Tcp, tcp, etc., and was stored in the
database as specified.  However, unless specified as all lowercase, the
code to apply the rules would break and result in some rules not being
applied.

Change-Id: I6c723d371579eb37a94bd484d39beeb773668ed4
---
 nova/virt/firewall.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/firewall.py b/nova/virt/firewall.py
index bca50d21f..be6a0f7c9 100644
--- a/nova/virt/firewall.py
+++ b/nova/virt/firewall.py
@@ -331,8 +331,8 @@ class IptablesFirewallDriver(FirewallDriver):
                 else:
                     fw_rules = ipv6_rules
 
-                protocol = rule.protocol
-                if version == 6 and rule.protocol == 'icmp':
+                protocol = rule.protocol.lower()
+                if version == 6 and protocol == 'icmp':
                     protocol = 'icmpv6'
 
                 args = ['-j ACCEPT']
-- 
cgit