Return-Path: 
 <issues-return-31838-apmail-cloudstack-issues-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-issues-archive@www.apache.org
Delivered-To: apmail-cloudstack-issues-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 8818810ED9
	for <apmail-cloudstack-issues-archive@www.apache.org>;
 Tue, 12 Nov 2013 10:04:31 +0000 (UTC)
Received: (qmail 28537 invoked by uid 500); 12 Nov 2013 10:04:22 -0000
Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org
Received: (qmail 28486 invoked by uid 500); 12 Nov 2013 10:04:20 -0000
Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:issues@cloudstack.apache.org>
List-Id: <issues.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list issues@cloudstack.apache.org
Received: (qmail 28452 invoked by uid 500); 12 Nov 2013 10:04:18 -0000
Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org
Received: (qmail 28440 invoked by uid 99); 12 Nov 2013 10:04:17 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 Nov 2013 10:04:17 +0000
Date: Tue, 12 Nov 2013 10:04:17 +0000 (UTC)
From: "Gaurav Aradhye (JIRA)" <jira@apache.org>
To: cloudstack-issues@incubator.apache.org
Message-ID: <JIRA.12678761.1384250547689.56980.1384250657287@arcas>
In-Reply-To: <JIRA.12678761.1384250547689@arcas>
References: <JIRA.12678761.1384250547689@arcas>
Subject: [jira] [Created] (CLOUDSTACK-5144) Basic Zone Security Groups - SSH
 to VM is allowed even when there is no ingress rule defined for the
 security group
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Gaurav Aradhye created CLOUDSTACK-5144:
------------------------------------------

             Summary: Basic Zone Security Groups - SSH to VM is allowed even when there is no ingress rule defined for the security group
                 Key: CLOUDSTACK-5144
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5144
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.3.0
            Reporter: Gaurav Aradhye
             Fix For: 4.3.0


In Basic Zone Setup:
1. Create an account
2. Deploy a VM in that account
3. Verify that any ingress rule is not defined for the security group belonging to the account
4. Try SSH to VM using the nic ipaddress from external client

SSH is successful to the VM where as it should fail when the ingress rule is not defined.



--
This message was sent by Atlassian JIRA
(v6.1#6144)