Comment 1 for bug 1300785
Revision history for this message
| Thierry Carrez (ttx) wrote Re: neutron allows security group rules with invalid cidrs, resulting in broken iptables rules (breaking iptables-restore) | #1 |
I think that's a valid DoS vector, due to its efficiency.
Not the first time an invalid iptables rule can be passed and wreck things -- maybe they should consider testing them in a sandbox before applying them, rather than try to sanitize them and then apply them blindly...