From 1ce8a4d419c0a9347fa20f7eef197347e2629bfb Mon Sep 17 00:00:00 2001
From: Roey Chen <roeyc@vmware.com>
Date: Tue, 6 Oct 2015 11:00:39 -0700
Subject: [PATCH] Fix DHCP firewall rule

DHCP uses UDP (as opposed to TCP).

Change-Id: I99de6c5176a95a0e15146ec626accacbd6e19e11
---
 vmware_nsx/nsxlib/v3/security.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vmware_nsx/nsxlib/v3/security.py b/vmware_nsx/nsxlib/v3/security.py
index 8107a38e95..62e8d3d15c 100644
--- a/vmware_nsx/nsxlib/v3/security.py
+++ b/vmware_nsx/nsxlib/v3/security.py
@@ -231,7 +231,7 @@ def _init_default_section(name, description, nsgroup_id):
         block_rule = firewall.get_firewall_rule_dict(
             'Block All', action=firewall.DROP)
         dhcp_client = firewall.get_nsservice(firewall.L4_PORT_SET_NSSERVICE,
-                                             l4_protocol=firewall.TCP,
+                                             l4_protocol=firewall.UDP,
                                              source_ports=[67],
                                              destination_ports=[68])
         dhcp_client_rule = firewall.get_firewall_rule_dict(