You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Jayapal Reddy <ja...@citrix.com> on 2013/06/20 07:05:31 UTC
Review Request: Egress firewall rules default policy configuration using
network offering
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/11988/
-----------------------------------------------------------
Review request for cloudstack, Anthony Urso, Abhinandan Prateek, Murali Reddy, and Alena Prokharchyk.
Description
-------
Egress rules default policy configuration using the network offering.
This patch is for xenserver with VR as firewall provider.
Here is the FS:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Egress+firewall+rules+-+Ability+to+change+the+default
The work flow:
1. For default network offerings the egress default policy is block
2. While creating network offering, by default egress default policy is allow and it can be configured to deny.
3. When egress default policy is allow, rules are added to block the traffic and if default policy is deny rules added to allow the traffic
This addresses bug CLOUDSTACK-1578.
Diffs
-----
api/src/com/cloud/agent/api/to/FirewallRuleTO.java f296aa4
api/src/com/cloud/offering/NetworkOffering.java 72e2a2b
api/src/org/apache/cloudstack/api/ApiConstants.java ab1402c
api/src/org/apache/cloudstack/api/command/admin/network/CreateNetworkOfferingCmd.java 6410715
api/src/org/apache/cloudstack/api/response/NetworkOfferingResponse.java 7a7e371
core/src/com/cloud/agent/api/routing/NetworkElementCommand.java ddb7ac8
engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java 9f73029
engine/schema/src/com/cloud/offerings/NetworkOfferingVO.java 3ae0bf3
patches/systemvm/debian/config/root/firewallRule_egress.sh 0da7718
plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java 5e8283a
server/src/com/cloud/api/ApiResponseHelper.java 94c5d6c
server/src/com/cloud/configuration/ConfigurationManager.java 8db037b
server/src/com/cloud/configuration/ConfigurationManagerImpl.java 131d340
server/src/com/cloud/network/NetworkManagerImpl.java d6a6450
server/src/com/cloud/network/firewall/FirewallManagerImpl.java f7275b0
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 8da5176
server/src/com/cloud/network/rules/FirewallManager.java 2bce8fe
server/src/com/cloud/server/ConfigurationServerImpl.java d334d7e
server/test/com/cloud/network/MockFirewallManagerImpl.java 95bb1d1
server/test/com/cloud/vpc/MockConfigurationManagerImpl.java 21b3590
server/test/org/apache/cloudstack/networkoffering/CreateNetworkOfferingTest.java 4a2c867
setup/db/db/schema-410to420.sql bcfbcc9
Diff: https://reviews.apache.org/r/11988/diff/
Testing
-------
1. Tested on xenserver with VR as firewall
Thanks,
Jayapal Reddy