2092889 – Incorrect updating of EgressACLs using direction "from-lport"

Bug 2092889 - Incorrect updating of EgressACLs using direction "from-lport"

Summary: Incorrect updating of EgressACLs using direction "from-lport"

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.11
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.11.0
Assignee:	Jacob Tanenbaum
QA Contact:	huirwang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2092895
TreeView+	depends on / blocked

Reported:	2022-06-02 13:46 UTC by Jacob Tanenbaum
Modified:	2022-08-10 11:16 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2092895 (view as bug list)
Environment:
Last Closed:	2022-08-10 11:15:49 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift ovn-kubernetes pull 1128	0	None	open	Bug 2092889: update all egress ACLs' direction to "from-lport"	2022-06-06 12:15:17 UTC
Red Hat Product Errata	RHSA-2022:5069	0	None	None	None	2022-08-10 11:16:05 UTC

Description Jacob Tanenbaum 2022-06-02 13:46:32 UTC

Description of problem:

when updating Egress NetworkPolicies to use direction "from-lport" the updater incorrectly assumed that if one policy was setup correctly they all where. Multicast ACLs used the direction "from-lport" so if that policy was checked ovn-kube would incorrectly assume that all the ACLs where correct. 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 7 errata-xmlrpc 2022-08-10 11:15:49 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5069

Note You need to log in before you can comment on or make changes to this bug.