You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Paul Angus (JIRA)" <ji...@apache.org> on 2015/03/06 10:45:38 UTC
[jira] [Comment Edited] (CLOUDSTACK-8248) VPC ACL Rules are
dropping the CIDR
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8248?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14350158#comment-14350158 ]
Paul Angus edited comment on CLOUDSTACK-8248 at 3/6/15 9:44 AM:
----------------------------------------------------------------
To confirm Geoff's findings. The API requests to ListNetworkACLS returns blank CIDRs --> "cidrlist": "",
UI is therefore also broken as it can only return the blank CIDR.
The CIDR IS in the database.
(local) SBCM53> list networkacls
{
"count": 4,
"networkacl": [
{
"aclid": "c9d2af5e-c34c-11e4-96ad-02006bc60050",
"action": "Allow",
"cidrlist": "",
"fordisplay": true,
"id": "c9d2d1c8-c34c-11e4-96ad-02006bc60050",
"number": 2,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Egress"
},
{
"aclid": "c9d2af5e-c34c-11e4-96ad-02006bc60050",
"action": "Allow",
"cidrlist": "",
"fordisplay": true,
"id": "c9d2c21e-c34c-11e4-96ad-02006bc60050",
"number": 1,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
},
{
"aclid": "c9d26cf6-c34c-11e4-96ad-02006bc60050",
"action": "Deny",
"cidrlist": "",
"fordisplay": true,
"id": "c9d29898-c34c-11e4-96ad-02006bc60050",
"number": 2,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Egress"
},
{
"aclid": "c9d26cf6-c34c-11e4-96ad-02006bc60050",
"action": "Deny",
"cidrlist": "",
"fordisplay": true,
"id": "c9d28588-c34c-11e4-96ad-02006bc60050",
"number": 1,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
}
]
}
So the issue is with the API
was (Author: paulangus):
To confirm Geoff's findings. The API requests to ListNetworkACLS returns blank CIDRs --> "cidrlist": "",
UI is therefore also broken as it can only return the blank CIDR.
The CIDR IS in the database.
(local) SBCM53> list networkacls
{
"count": 4,
"networkacl": [
{
"aclid": "c9d2af5e-c34c-11e4-96ad-02006bc60050",
"action": "Allow",
"cidrlist": "",
"fordisplay": true,
"id": "c9d2d1c8-c34c-11e4-96ad-02006bc60050",
"number": 2,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Egress"
},
{
"aclid": "c9d2af5e-c34c-11e4-96ad-02006bc60050",
"action": "Allow",
"cidrlist": "",
"fordisplay": true,
"id": "c9d2c21e-c34c-11e4-96ad-02006bc60050",
"number": 1,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
},
{
"aclid": "c9d26cf6-c34c-11e4-96ad-02006bc60050",
"action": "Deny",
"cidrlist": "",
"fordisplay": true,
"id": "c9d29898-c34c-11e4-96ad-02006bc60050",
"number": 2,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Egress"
},
{
"aclid": "c9d26cf6-c34c-11e4-96ad-02006bc60050",
"action": "Deny",
"cidrlist": "",
"fordisplay": true,
"id": "c9d28588-c34c-11e4-96ad-02006bc60050",
"number": 1,
"protocol": "all",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
}
]
}
> VPC ACL Rules are dropping the CIDR
> -----------------------------------
>
> Key: CLOUDSTACK-8248
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8248
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Virtual Router
> Affects Versions: 4.5.0
> Environment: ACS 4.5.0 running on CentOS 6.6, XenServer 6.5 Hypervisors
> Reporter: Geoff Higgibottom
> Priority: Blocker
>
> When creating or updating a VPC ACL Rule from either the UI or the API, the CIDR value is dropped so the rules do not work as expected.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)