[caclmgrd] Fix application of IPv6 service ACL rules (#3917)

files/image_config/caclmgrd/caclmgrd

@@ -194,13 +194,14 @@ class ControlPlaneAclManager(object):
                             continue
 
                         # If we haven't determined the IP version for this ACL table yet,
-                        # try to do it now. We determine heuristically based on whether the
-                        # src IP is an IPv4 or IPv6 address.
-                        if not table_ip_version and "SRC_IP" in rule_props and rule_props["SRC_IP"]:
-                            ip_addr = ipaddress.IPAddress(rule_props["SRC_IP"].split("/")[0])
-                            if isinstance(ip_addr, ipaddress.IPv6Address):
+                        # try to do it now. We attempt to determine heuristically based on
+                        # whether the src or dst IP of this rule is an IPv4 or IPv6 address.
+                        if not table_ip_version:
+                            if (("SRC_IPV6" in rule_props and rule_props["SRC_IPV6"]) or
+                                ("DST_IPV6" in rule_props and rule_props["DST_IPV6"])):
                                 table_ip_version = 6
-                            elif isinstance(ip_addr, ipaddress.IPv4Address):
+                            elif (("SRC_IP" in rule_props and rule_props["SRC_IP"]) or
+                                  ("DST_IP" in rule_props and rule_props["DST_IP"])):
                                 table_ip_version = 4
 
                 # If we were unable to determine whether this ACL table contains