You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by al...@apache.org on 2012/08/03 03:54:13 UTC
[6/30] git commit: VPC: CS-15818 - don't allow having ICMP
networkACLs with the same cidr and icmpType=-1 for rule1 and icmpType!=-1 for
rule 2 as the rule1 covers rule2 in this case
VPC: CS-15818 - don't allow having ICMP networkACLs with the same cidr and icmpType=-1 for rule1 and icmpType!=-1 for rule 2 as the rule1 covers rule2 in this case
Conflicts:
server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
utils/src/com/cloud/utils/net/NetUtils.java
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/0588c974
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/0588c974
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/0588c974
Branch: refs/heads/vpc
Commit: 0588c9748cca36aa9ad75852bff637fa4ca50f51
Parents: 39485a4
Author: Alena Prokharchyk <al...@citrix.com>
Authored: Thu Aug 2 17:05:36 2012 -0700
Committer: Alena Prokharchyk <al...@citrix.com>
Committed: Thu Aug 2 18:09:10 2012 -0700
----------------------------------------------------------------------
.../cloud/network/vpc/NetworkACLManagerImpl.java | 10 ++++++----
utils/src/com/cloud/utils/net/NetUtils.java | 4 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/0588c974/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
index 1e09a14..3375714 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -155,11 +155,11 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{
//validate icmp code and type
if (icmpType != null) {
- if (!NetUtils.validateIcmpType(icmpType)) {
+ if (icmpType.longValue() != -1 && !NetUtils.validateIcmpType(icmpType.longValue())) {
throw new InvalidParameterValueException("Invalid icmp type; should belong to [0-255] range");
}
if (icmpCode != null) {
- if (!NetUtils.validateIcmpCode(icmpCode)) {
+ if (icmpCode.longValue() != -1 && !NetUtils.validateIcmpCode(icmpCode.longValue())) {
throw new InvalidParameterValueException("Invalid icmp code; should belong to [0-15] range and can" +
" be defined when icmpType belongs to [0-40] range");
}
@@ -264,8 +264,10 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{
if (newRule.getProtocol().equalsIgnoreCase(NetUtils.ICMP_PROTO)
&& newRule.getProtocol().equalsIgnoreCase(rule.getProtocol())) {
- if (newRule.getIcmpCode().longValue() == rule.getIcmpCode().longValue()
- && newRule.getIcmpType().longValue() == rule.getIcmpType().longValue()
+ if ((newRule.getIcmpCode().longValue() == rule.getIcmpCode().longValue()
+ || rule.getIcmpCode().longValue() == -1 || newRule.getIcmpCode().longValue() == -1)
+ && (newRule.getIcmpType().longValue() == rule.getIcmpType().longValue()
+ || rule.getIcmpType().longValue() == -1 || newRule.getIcmpType().longValue() == -1)
&& newRule.getProtocol().equalsIgnoreCase(rule.getProtocol()) && duplicatedCidrs) {
throw new InvalidParameterValueException("New network ACL conflicts with existing network ACL id=" + rule.getId());
}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/0588c974/utils/src/com/cloud/utils/net/NetUtils.java
----------------------------------------------------------------------
diff --git a/utils/src/com/cloud/utils/net/NetUtils.java b/utils/src/com/cloud/utils/net/NetUtils.java
index 7e1d7cb..0ebe7fb 100755
--- a/utils/src/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/com/cloud/utils/net/NetUtils.java
@@ -1108,7 +1108,7 @@ public class NetUtils {
return true;
}
- public static boolean validateIcmpType(int icmpType) {
+ public static boolean validateIcmpType(long icmpType) {
//Source - http://www.erg.abdn.ac.uk/~gorry/course/inet-pages/icmp-code.html
if(!(icmpType >=0 && icmpType <=255)) {
s_logger.warn("impcType is not within 0-255 range");
@@ -1117,7 +1117,7 @@ public class NetUtils {
return true;
}
- public static boolean validateIcmpCode(int icmpCode) {
+ public static boolean validateIcmpCode(long icmpCode) {
//Source - http://www.erg.abdn.ac.uk/~gorry/course/inet-pages/icmp-code.html
if(!(icmpCode >=0 && icmpCode <=15)) {