diff --git a/quantum/db/securitygroups_db.py b/quantum/db/securitygroups_db.py index b61f1dcb33..6e2eb5d296 100644 --- a/quantum/db/securitygroups_db.py +++ b/quantum/db/securitygroups_db.py @@ -127,20 +127,13 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase): context.session.add(security_group_db) if s.get('name') == 'default': for ethertype in self.sg_supported_ethertypes: - # Allow all egress traffic - db = SecurityGroupRule( - id=utils.str_uuid(), tenant_id=tenant_id, - security_group=security_group_db, - direction='egress', - ethertype=ethertype) - context.session.add(db) # Allow intercommunication db = SecurityGroupRule( id=utils.str_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction='ingress', - source_group=security_group_db, - ethertype=ethertype) + ethertype=ethertype, + source_group=security_group_db) context.session.add(db) return self._make_security_group_dict(security_group_db) diff --git a/quantum/tests/unit/test_extension_security_group.py b/quantum/tests/unit/test_extension_security_group.py index efda1c7d5c..83c17713d3 100644 --- a/quantum/tests/unit/test_extension_security_group.py +++ b/quantum/tests/unit/test_extension_security_group.py @@ -367,7 +367,7 @@ class TestSecurityGroups(SecurityGroupDBTestCase): self.assertEquals(len(groups['security_groups']), 1) res = self.new_list_request('security-group-rules') rules = self.deserialize('json', res.get_response(self.ext_api)) - self.assertEquals(len(rules['security_group_rules']), 4) + self.assertEquals(len(rules['security_group_rules']), 2) # just generic rules to allow default egress and # intergroup communicartion for rule in rules['security_group_rules']: