[lxc-devel] [lxd/master] Network: Fix project restricted subnets check in OVN network validateExternalSubnet

[tomponline on Github]

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 361 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201019/4f387113/attachment.bin>
-------------- next part --------------
From bccedf2bdde9459fcf7bc5dd1862f6f651a92679 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 19 Oct 2020 17:44:15 +0100
Subject: [PATCH] lxd/network/driver/ovn: Fix project restricted subnets check
 in validateExternalSubnet

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_ovn.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index ea1616d269..cf1b91ed82 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -86,7 +86,7 @@ func (n *ovn) validateExternalSubnet(uplinkRoutes []*net.IPNet, projectRestricte
 	if projectRestrictedSubnets != nil {
 		foundMatch := false
 		for _, projectRestrictedSubnet := range projectRestrictedSubnets {
-			if !SubnetContains(projectRestrictedSubnet, ipNet) {
+			if SubnetContains(projectRestrictedSubnet, ipNet) {
 				foundMatch = true
 				break
 			}