)]}'
{"neutron_tempest_plugin/scenario/test_security_groups.py":[{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"8984d40d9c6e1b723f868b8df35d078411d3e1c5","unresolved":false,"context_lines":[{"line_number":328,"context_line":"        for i in range(2):"},{"line_number":329,"context_line":"            for vm in range(2):"},{"line_number":330,"context_line":"                server_ssh_clients[2].exec_command("},{"line_number":331,"context_line":"                    \"(echo foo | nc -l -p 3000 \u003e /dev/null \u0026)\")"},{"line_number":332,"context_line":"                # matches on rule_list[vm]"},{"line_number":333,"context_line":"                self.assertEqual("},{"line_number":334,"context_line":"                    \"foo\\n\","}],"source_content_type":"text/x-python","patch_set":3,"id":"5f7c97a3_f9717845","line":331,"range":{"start_line":331,"start_character":42,"end_line":331,"end_character":46},"updated":"2018-05-14 08:07:08.000000000","message":"just small nit: if You create SG rules with port range, why not try to test communication on one of ports from \"the middle\" of this range? IMO it would check better if rules are applied properly, no?","commit_id":"7e04216cc152cc7eb64cc291f443f9a744f42909"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"efcb6403a03096b223a055a46210284d80f811e8","unresolved":false,"context_lines":[{"line_number":328,"context_line":"        for i in range(2):"},{"line_number":329,"context_line":"            for vm in range(2):"},{"line_number":330,"context_line":"                server_ssh_clients[2].exec_command("},{"line_number":331,"context_line":"                    \"(echo foo | nc -l -p 3000 \u003e /dev/null \u0026)\")"},{"line_number":332,"context_line":"                # matches on rule_list[vm]"},{"line_number":333,"context_line":"                self.assertEqual("},{"line_number":334,"context_line":"                    \"foo\\n\","}],"source_content_type":"text/x-python","patch_set":3,"id":"5f7c97a3_fd1624a8","line":331,"range":{"start_line":331,"start_character":42,"end_line":331,"end_character":46},"in_reply_to":"5f7c97a3_9dce1058","updated":"2018-05-15 09:54:03.000000000","message":"ok, but then why configure port range in rules instead of set only one port to be allowed? I just thought that if there is range specified, it could be good it some different port than first one could be used :)","commit_id":"7e04216cc152cc7eb64cc291f443f9a744f42909"},{"author":{"_account_id":8655,"name":"Jakub Libosvar","email":"libosvar@redhat.com","username":"jlibosva"},"change_message_id":"56904d8c65b16fb9ad4967cad3c5b3e69c408ae4","unresolved":false,"context_lines":[{"line_number":328,"context_line":"        for i in range(2):"},{"line_number":329,"context_line":"            for vm in range(2):"},{"line_number":330,"context_line":"                server_ssh_clients[2].exec_command("},{"line_number":331,"context_line":"                    \"(echo foo | nc -l -p 3000 \u003e /dev/null \u0026)\")"},{"line_number":332,"context_line":"                # matches on rule_list[vm]"},{"line_number":333,"context_line":"                self.assertEqual("},{"line_number":334,"context_line":"                    \"foo\\n\","}],"source_content_type":"text/x-python","patch_set":3,"id":"5f7c97a3_9dce1058","line":331,"range":{"start_line":331,"start_character":42,"end_line":331,"end_character":46},"in_reply_to":"5f7c97a3_f9717845","updated":"2018-05-15 09:50:54.000000000","message":"I don\u0027t think testing port range is a subject of this test. For such a thing, we should have a separate test aiming port range.","commit_id":"7e04216cc152cc7eb64cc291f443f9a744f42909"},{"author":{"_account_id":9200,"name":"IWAMOTO Toshihiro","email":"iwamoto@valinux.co.jp","username":"toshii"},"change_message_id":"9e701cc5dcab8b1125e357217287f30328b55f98","unresolved":false,"context_lines":[{"line_number":328,"context_line":"        for i in range(2):"},{"line_number":329,"context_line":"            for vm in range(2):"},{"line_number":330,"context_line":"                server_ssh_clients[2].exec_command("},{"line_number":331,"context_line":"                    \"(echo foo | nc -l -p 3000 \u003e /dev/null \u0026)\")"},{"line_number":332,"context_line":"                # matches on rule_list[vm]"},{"line_number":333,"context_line":"                self.assertEqual("},{"line_number":334,"context_line":"                    \"foo\\n\","}],"source_content_type":"text/x-python","patch_set":3,"id":"5f7c97a3_1e796c2e","line":331,"range":{"start_line":331,"start_character":42,"end_line":331,"end_character":46},"in_reply_to":"5f7c97a3_fd1624a8","updated":"2018-05-17 03:12:38.000000000","message":"Port ranges are expanded into rules in a bitmask like algorithm and that\u0027s tested elsewhere.\n\nIf you really uneasy then the port ranges above can be 3000-3000. ;)","commit_id":"7e04216cc152cc7eb64cc291f443f9a744f42909"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"467593631a3f19ee4cc5669a047a4d52c551edb2","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"cc5c82c6_5084dbc9","line":611,"updated":"2021-04-27 05:51:27.000000000","message":"sorry, but I don\u0027t really understand why we need this loop here? Can You explain a bit more?","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":9200,"name":"IWAMOTO Toshihiro","email":"iwamoto@valinux.co.jp","username":"toshii"},"change_message_id":"5873ada44008fcd5494247467579cc36bd32f947","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"8d9dafae_b15686d7","line":611,"in_reply_to":"017cf574_b083a445","updated":"2021-06-11 06:33:59.000000000","message":"When I wrote this patch, the neutron community was generally against for adding long sleeps because such sleeps will slow down tests, IIRC.\nIt has been a long time since then, and I have no strong opinion on this.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":8655,"name":"Jakub Libosvar","email":"libosvar@redhat.com","username":"jlibosva"},"change_message_id":"31a2738067d5c8da6005b79de2abd920914b8096","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"7936fddf_63540363","line":611,"in_reply_to":"32ac87ad_97245e65","updated":"2021-05-25 09:49:15.000000000","message":"@Iwamoto: Is that because of conntrack entries? I also fail to see why do we need to test one connection twice, my apologies for that :) Having a different conntrack entry was the only that would make sense to me.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"9f4f70044a64b288b99d5d495c1acf213bdc2703","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"7ca6997a_f7aea64d","line":611,"in_reply_to":"5e74348b_cd560379","updated":"2021-05-18 07:24:46.000000000","message":"@IWAMOTO Toshihiro: sorry but I still don\u0027t understand that comment and the reason why we need to test connectivity from each vm twice. I know that Alex was testing that without that loop and it was working fine for him. IMO we can go with it like it\u0027s now if we don\u0027t really understand clearly the need of that additional loop","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":9200,"name":"IWAMOTO Toshihiro","email":"iwamoto@valinux.co.jp","username":"toshii"},"change_message_id":"42096958f3e96f6b7d4f01aa7a3f86aa4dc6ced5","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"32ac87ad_97245e65","line":611,"in_reply_to":"6caa57a4_e5660e8a","updated":"2021-05-25 08:19:10.000000000","message":"If my memory is correct, the ovs fw had a logic that merges several rules in order to minimize the number of flows.\nIf the second connection attempt is failing, it sounds somewhat alarming.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":9200,"name":"IWAMOTO Toshihiro","email":"iwamoto@valinux.co.jp","username":"toshii"},"change_message_id":"03c8d8b8166260fdf576e9138bfa2e6a8244a9f8","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"bae831e1_7d88628c","line":611,"in_reply_to":"7936fddf_63540363","updated":"2021-05-26 00:46:38.000000000","message":"Hi Jakub, it is due to the conjunction thing. I almost forgot everything but internals/openvswitch_firewall.rst still seems familiar to me. 😊\n\nIIRC, the scenario what I wanted to detect was:\n1. rules for secgrps[0] activated\n2. connection tests to secgrps[0] succeeds\n3. rules for secgrps[1] activated, destroying connectivity for secgrps[0]\n4. connection tests to secgrps[1] succeeds and the test succedes\n\nThe reason I chose to use the outermost loop (line 611) rather than sleep(30) was to speed up the test when it succeeds, AFAIK.\n\nIf the loop is so unpopular, you can replace it with a reasonably long sleep().","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"d9b6f8b411154fcf037cb9c0aa72bc01d44a5cfe","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"6caa57a4_e5660e8a","line":611,"in_reply_to":"7ca6997a_f7aea64d","updated":"2021-05-24 11:33:57.000000000","message":"The OF rule definition is static. For example, there are no \"learn actions\" [1] that could modify the decision path. The dataplane traffic won\u0027t change the OF table and won\u0027t affect other traffic (other conntrack tuple) firewalling.\n\nThat means the double check is not needed. As the LP said, if the reproducer commands are executed, one of the rules will fail (and I\u0027ll amend that that will happen regardless of the number of tries or order).\n\nHaving said that, the test case is not reproducing the LP bug. What we need is:\n- vm1, with sg1\n- vm2, with sg2\n- vm2, with sg1 and sg2\n\nThen we need to add the following rules to sg1:\n$ openstack security group rule create --remote-group sg2 --dst-port 3000:3004 --protocol tcp --ingress sg1\n$ openstack security group rule create --remote-group sg1 --dst-port 3000 --protocol tcp --ingress sg1\n\nThis is when we\u0027ll have overlapping port rules on the same SG (in this case, port 80. And those rules will be treated with different priorities (first one, prio offset + 2; second one, prio offset +1).\n\nI would recommend to remove this unnecessary loop and change the SG rules.\n\n[1]https://man7.org/linux/man-pages/man7/ovs-actions.7.html","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"020ecd23896f23e9e13f0b2e0f673fc285ba5829","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"95e15591_6f19bbc9","line":611,"in_reply_to":"8d9dafae_b15686d7","updated":"2021-06-23 12:00:14.000000000","message":"Lets finish the review of this patch. The OF rule definition is static, anything that is defined initially will be there always. The rule set does not change.\n\nThe conntrack entries are ruled by the OF definitions but conntrack status can change the datapath. Let\u0027s use the loop solution to avoid a sleep. That should work the same as with sleep and will be faster.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"6e69cc29d254dce5b425817e8e65ebaad7f3d7b1","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"804f3fcd_d0603537","line":611,"in_reply_to":"95e15591_6f19bbc9","updated":"2021-06-23 12:00:47.000000000","message":"BTW, document that in the code.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"73ba7ebb87e586195ace18b6773e83831366fccf","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"017cf574_b083a445","line":611,"in_reply_to":"bae831e1_7d88628c","updated":"2021-06-08 06:06:22.000000000","message":"@Iwamoto: so IIUC that loop was here just to wait all rules to be applied on the agent\u0027s side. Is that correct? If yes, I personally think that sleep with proper description would be more easy to understand :)","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":31450,"name":"Alex Katz","email":"akatz@redhat.com","username":"akatz"},"change_message_id":"40cbfce68bf5facbb0a092b976f89c60cf067f91","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"e6f74489_d5e4c9a4","line":611,"in_reply_to":"cc5c82c6_5084dbc9","updated":"2021-04-27 06:09:49.000000000","message":"Good question indeed. I just double checked that it was here from the beginning and to be honest I see no reason for that. Will remove that loop.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":31450,"name":"Alex Katz","email":"akatz@redhat.com","username":"akatz"},"change_message_id":"cc70b7eb6435ce6bd82ed39ab6ae59c09d012a6e","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"5e74348b_cd560379","line":611,"in_reply_to":"cfba5633_93583c3b","updated":"2021-04-28 10:02:45.000000000","message":"Do you mean that passing traffic which matches with the second rule can break the first one?","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":9200,"name":"IWAMOTO Toshihiro","email":"iwamoto@valinux.co.jp","username":"toshii"},"change_message_id":"34b83da459bfbb7bc785e2ddc563311bed8bbe24","unresolved":true,"context_lines":[{"line_number":608,"context_line":"        # Repeat twice to make sure the both rules are active."},{"line_number":609,"context_line":"        # We can assure that if the first round succeeds."},{"line_number":610,"context_line":"        target_addr \u003d ports[2][\u0027fixed_ips\u0027][0][\u0027ip_address\u0027]"},{"line_number":611,"context_line":"        for i in range(2):"},{"line_number":612,"context_line":"            for vm in range(2):"},{"line_number":613,"context_line":"                for port in range(3000, 3004):"},{"line_number":614,"context_line":"                    self._verify_http_connection("}],"source_content_type":"text/x-python","patch_set":33,"id":"cfba5633_93583c3b","line":611,"in_reply_to":"e6f74489_d5e4c9a4","updated":"2021-04-28 09:32:33.000000000","message":"The reason is written in the above comment.\nWithout repeating twice, we cannot detect if the second rule doesn\u0027t break the first rule.","commit_id":"8874866639b5492f61f6bbe2f55640adf50464b5"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"917f472e638e55fe92b50266d6e9f5669a9742ca","unresolved":true,"context_lines":[{"line_number":595,"context_line":"        rule_list \u003d [{\u0027protocol\u0027: constants.PROTO_NUM_TCP,"},{"line_number":596,"context_line":"                      \u0027direction\u0027: constants.INGRESS_DIRECTION,"},{"line_number":597,"context_line":"                      \u0027port_range_min\u0027: 3000,"},{"line_number":598,"context_line":"                      \u0027port_range_max\u0027: 3000,"},{"line_number":599,"context_line":"                      \u0027remote_group_id\u0027: secgrps[0][\u0027id\u0027]},"},{"line_number":600,"context_line":"                     {\u0027protocol\u0027: constants.PROTO_NUM_TCP,"},{"line_number":601,"context_line":"                      \u0027direction\u0027: constants.INGRESS_DIRECTION,"}],"source_content_type":"text/x-python","patch_set":36,"id":"be87810c_653c36f0","line":598,"range":{"start_line":598,"start_character":0,"end_line":598,"end_character":6},"updated":"2021-05-25 07:56:53.000000000","message":"this is not needed, you should remove this line","commit_id":"621fa979a82042f47b8e567410fc2a55b46f310e"},{"author":{"_account_id":31450,"name":"Alex Katz","email":"akatz@redhat.com","username":"akatz"},"change_message_id":"a28a2837222fe0ebc86c4595678b038b580e9949","unresolved":false,"context_lines":[{"line_number":595,"context_line":"        rule_list \u003d [{\u0027protocol\u0027: constants.PROTO_NUM_TCP,"},{"line_number":596,"context_line":"                      \u0027direction\u0027: constants.INGRESS_DIRECTION,"},{"line_number":597,"context_line":"                      \u0027port_range_min\u0027: 3000,"},{"line_number":598,"context_line":"                      \u0027port_range_max\u0027: 3000,"},{"line_number":599,"context_line":"                      \u0027remote_group_id\u0027: secgrps[0][\u0027id\u0027]},"},{"line_number":600,"context_line":"                     {\u0027protocol\u0027: constants.PROTO_NUM_TCP,"},{"line_number":601,"context_line":"                      \u0027direction\u0027: constants.INGRESS_DIRECTION,"}],"source_content_type":"text/x-python","patch_set":36,"id":"9419d0c5_41c06be2","line":598,"range":{"start_line":598,"start_character":0,"end_line":598,"end_character":6},"in_reply_to":"be87810c_653c36f0","updated":"2021-05-25 08:21:16.000000000","message":"I got {\u0027type\u0027: \u0027SecurityGroupInvalidPortRange\u0027, \u0027message\u0027: \u0027For TCP/UDP protocols, port_range_min must be \u003c\u003d port_range_max\u0027, \u0027detail\u0027: \u0027\u0027} error without this parameter","commit_id":"621fa979a82042f47b8e567410fc2a55b46f310e"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"917f472e638e55fe92b50266d6e9f5669a9742ca","unresolved":true,"context_lines":[{"line_number":605,"context_line":"        self.client.update_port(srv_port[\u0027id\u0027],"},{"line_number":606,"context_line":"                security_groups\u003d[secgrps[0][\u0027id\u0027], secgrps[1][\u0027id\u0027]])"},{"line_number":607,"context_line":"        self.create_secgroup_rules(rule_list, secgroup_id\u003dsecgrps[0][\u0027id\u0027])"},{"line_number":608,"context_line":"        self._verify_http_connection(client_ssh[0], srv_ssh, srv_ip, 3000, [])"},{"line_number":609,"context_line":"        self._verify_http_connection(client_ssh[1], srv_ssh, srv_ip, 3000, [])"}],"source_content_type":"text/x-python","patch_set":36,"id":"8bbd1c45_d5278c92","line":609,"range":{"start_line":608,"start_character":8,"end_line":609,"end_character":78},"updated":"2021-05-25 07:56:53.000000000","message":"You should check ports 3000 to 3003, to check that not only rule1 (and the overlapping section of rule2) apply on port 3000, but rule2 also works fine.","commit_id":"621fa979a82042f47b8e567410fc2a55b46f310e"},{"author":{"_account_id":31450,"name":"Alex Katz","email":"akatz@redhat.com","username":"akatz"},"change_message_id":"a28a2837222fe0ebc86c4595678b038b580e9949","unresolved":false,"context_lines":[{"line_number":605,"context_line":"        self.client.update_port(srv_port[\u0027id\u0027],"},{"line_number":606,"context_line":"                security_groups\u003d[secgrps[0][\u0027id\u0027], secgrps[1][\u0027id\u0027]])"},{"line_number":607,"context_line":"        self.create_secgroup_rules(rule_list, secgroup_id\u003dsecgrps[0][\u0027id\u0027])"},{"line_number":608,"context_line":"        self._verify_http_connection(client_ssh[0], srv_ssh, srv_ip, 3000, [])"},{"line_number":609,"context_line":"        self._verify_http_connection(client_ssh[1], srv_ssh, srv_ip, 3000, [])"}],"source_content_type":"text/x-python","patch_set":36,"id":"37b0e03a_16141628","line":609,"range":{"start_line":608,"start_character":8,"end_line":609,"end_character":78},"in_reply_to":"8bbd1c45_d5278c92","updated":"2021-05-25 08:21:16.000000000","message":"Done","commit_id":"621fa979a82042f47b8e567410fc2a55b46f310e"}]}