From c94678413423f6755dbabe9a7febe458408fb937 Mon Sep 17 00:00:00 2001
From: Roey Chen <roeyc@vmware.com>
Date: Wed, 30 Mar 2016 03:53:17 -0700
Subject: [PATCH] Remove attribute not specified before checking duplicate sg
 rules

The security-group extension secgroup-local-ip-prefix allows the user to
specify a new rule attribute in the request, before passing the request
to Neutron, we must remove ATTR_NOT_SPECIFIED if the attribute was not
specified and replace it with None.
The bug is due to change: I2bd6b3381c715c1286dfa10bf3b143c73fecf49d

Closes-Bug: #1563790
Change-Id: Ie921f9e41fc6b45d521bf8f9f041c773cdd19c31
---
 vmware_nsx/db/extended_security_group_rule.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/vmware_nsx/db/extended_security_group_rule.py b/vmware_nsx/db/extended_security_group_rule.py
index a91c459d5d..41e9d6f33e 100644
--- a/vmware_nsx/db/extended_security_group_rule.py
+++ b/vmware_nsx/db/extended_security_group_rule.py
@@ -56,8 +56,13 @@ class ExtendedSecurityGroupRuleMixin(object):
     def _check_local_ip_prefix(self, context, rule):
         rule_specify_local_ip_prefix = attr.is_attr_set(
             rule.get(ext_local_ip.LOCAL_IP_PREFIX))
+
         if rule_specify_local_ip_prefix and rule['direction'] != 'ingress':
             raise NotIngressRule()
+
+        if not rule_specify_local_ip_prefix:
+            # remove ATTR_NOT_SPECIFIED
+            rule[ext_local_ip.LOCAL_IP_PREFIX] = None
         return rule_specify_local_ip_prefix
 
     def _process_security_group_rule_properties(self, context,