You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by al...@apache.org on 2012/08/03 03:54:13 UTC

[6/30] git commit: VPC: CS-15818 - don't allow having ICMP networkACLs with the same cidr and icmpType=-1 for rule1 and icmpType!=-1 for rule 2 as the rule1 covers rule2 in this case

VPC: CS-15818 - don't allow having ICMP networkACLs with the same cidr and icmpType=-1 for rule1 and icmpType!=-1 for rule 2 as the rule1 covers rule2 in this case

Conflicts:

	server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
	utils/src/com/cloud/utils/net/NetUtils.java


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/0588c974
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/0588c974
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/0588c974

Branch: refs/heads/vpc
Commit: 0588c9748cca36aa9ad75852bff637fa4ca50f51
Parents: 39485a4
Author: Alena Prokharchyk <al...@citrix.com>
Authored: Thu Aug 2 17:05:36 2012 -0700
Committer: Alena Prokharchyk <al...@citrix.com>
Committed: Thu Aug 2 18:09:10 2012 -0700

----------------------------------------------------------------------
 .../cloud/network/vpc/NetworkACLManagerImpl.java   |   10 ++++++----
 utils/src/com/cloud/utils/net/NetUtils.java        |    4 ++--
 2 files changed, 8 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/0588c974/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
index 1e09a14..3375714 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -155,11 +155,11 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{
         
         //validate icmp code and type
         if (icmpType != null) {
-            if (!NetUtils.validateIcmpType(icmpType)) {
+            if (icmpType.longValue() != -1 && !NetUtils.validateIcmpType(icmpType.longValue())) {
                 throw new InvalidParameterValueException("Invalid icmp type; should belong to [0-255] range");
             }
             if (icmpCode != null) {
-                if (!NetUtils.validateIcmpCode(icmpCode)) {
+                if (icmpCode.longValue() != -1 && !NetUtils.validateIcmpCode(icmpCode.longValue())) {
                     throw new InvalidParameterValueException("Invalid icmp code; should belong to [0-15] range and can" +
                             " be defined when icmpType belongs to [0-40] range");
                 }
@@ -264,8 +264,10 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{
 
             if (newRule.getProtocol().equalsIgnoreCase(NetUtils.ICMP_PROTO) 
                     && newRule.getProtocol().equalsIgnoreCase(rule.getProtocol())) {
-                if (newRule.getIcmpCode().longValue() == rule.getIcmpCode().longValue() 
-                        && newRule.getIcmpType().longValue() == rule.getIcmpType().longValue()
+                if ((newRule.getIcmpCode().longValue() == rule.getIcmpCode().longValue() 
+                        || rule.getIcmpCode().longValue() == -1 || newRule.getIcmpCode().longValue() == -1)
+                        && (newRule.getIcmpType().longValue() == rule.getIcmpType().longValue() 
+                        || rule.getIcmpType().longValue() == -1 || newRule.getIcmpType().longValue() == -1)
                         && newRule.getProtocol().equalsIgnoreCase(rule.getProtocol()) && duplicatedCidrs) {
                     throw new InvalidParameterValueException("New network ACL conflicts with existing network ACL id=" + rule.getId());
                 }

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/0588c974/utils/src/com/cloud/utils/net/NetUtils.java
----------------------------------------------------------------------
diff --git a/utils/src/com/cloud/utils/net/NetUtils.java b/utils/src/com/cloud/utils/net/NetUtils.java
index 7e1d7cb..0ebe7fb 100755
--- a/utils/src/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/com/cloud/utils/net/NetUtils.java
@@ -1108,7 +1108,7 @@ public class NetUtils {
         return true;
     }
     
-    public static boolean validateIcmpType(int icmpType) {
+    public static boolean validateIcmpType(long icmpType) {
         //Source - http://www.erg.abdn.ac.uk/~gorry/course/inet-pages/icmp-code.html
         if(!(icmpType >=0 && icmpType <=255)) {
             s_logger.warn("impcType is not within 0-255 range");
@@ -1117,7 +1117,7 @@ public class NetUtils {
         return true;
     }
     
-    public static boolean validateIcmpCode(int icmpCode) {
+    public static boolean validateIcmpCode(long icmpCode) {
         
         //Source - http://www.erg.abdn.ac.uk/~gorry/course/inet-pages/icmp-code.html
         if(!(icmpCode >=0 && icmpCode <=15)) {