Skip to content

Commit

Permalink
distinguish-portSecurity-with-security-group (#4134)
Browse files Browse the repository at this point in the history
Signed-off-by: bobz965 <[email protected]>
  • Loading branch information
bobz965 authored Jun 7, 2024
1 parent 442cb0d commit d6b4194
Showing 1 changed file with 7 additions and 10 deletions.
17 changes: 7 additions & 10 deletions pkg/controller/security_group.go
Original file line number Diff line number Diff line change
Expand Up @@ -216,11 +216,6 @@ func (c *Controller) updateDenyAllSgPorts() error {

addPorts := make([]string, 0, len(lsps))
for _, lsp := range lsps {
// skip lsp which only have mac addresses,address is in port.PortSecurity[0]
if len(lsp.PortSecurity) == 0 || len(strings.Split(lsp.PortSecurity[0], " ")) < 2 {
continue
}

/* skip lsp which security_group does not exist */
// sgs format: sg1/sg2/sg3
sgs := strings.Split(lsp.ExternalIDs[sgsKey], "/")
Expand Down Expand Up @@ -449,14 +444,16 @@ func (c *Controller) syncSgLogicalPort(key string) error {
return err
}

var ports, v4s, v6s []string
var ports, v4s, v6s, addresses []string
for _, lsp := range sgPorts {
ports = append(ports, lsp.Name)
if len(lsp.PortSecurity) == 0 {
continue
if len(lsp.PortSecurity) != 0 {
addresses = lsp.PortSecurity
} else {
addresses = lsp.Addresses
}
for _, ps := range lsp.PortSecurity {
fields := strings.Fields(ps)
for _, as := range addresses {
fields := strings.Fields(as)
if len(fields) < 2 {
continue
}
Expand Down

0 comments on commit d6b4194

Please sign in to comment.