You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ja...@apache.org on 2013/06/27 13:03:16 UTC
git commit: updated refs/heads/master-6-17-stable to 21e2bf4
Updated Branches:
refs/heads/master-6-17-stable eb74a8741 -> 21e2bf480
Updated to show same value in log msg SetFirewallRulesCommand and accessdetails for egress default policy
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/21e2bf48
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/21e2bf48
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/21e2bf48
Branch: refs/heads/master-6-17-stable
Commit: 21e2bf480e407e3389e61eedc426170526480ad2
Parents: eb74a87
Author: Jayapal <ja...@apache.org>
Authored: Thu Jun 27 16:21:33 2013 +0530
Committer: Jayapal <ja...@apache.org>
Committed: Thu Jun 27 16:22:33 2013 +0530
----------------------------------------------------------------------
api/src/com/cloud/agent/api/to/FirewallRuleTO.java | 6 ++++++
.../network/router/VirtualNetworkApplianceManagerImpl.java | 9 +++++----
2 files changed, 11 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/21e2bf48/api/src/com/cloud/agent/api/to/FirewallRuleTO.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/agent/api/to/FirewallRuleTO.java b/api/src/com/cloud/agent/api/to/FirewallRuleTO.java
index 29d9c6f..8c7b552 100644
--- a/api/src/com/cloud/agent/api/to/FirewallRuleTO.java
+++ b/api/src/com/cloud/agent/api/to/FirewallRuleTO.java
@@ -109,6 +109,12 @@ public class FirewallRuleTO implements InternalIdentity {
this.trafficType = trafficType;
}
+ public FirewallRuleTO(FirewallRule rule, String srcVlanTag, String srcIp, FirewallRule.Purpose purpose, FirewallRule.TrafficType trafficType, boolean defaultEgressPolicy) {
+ this(rule.getId(),srcVlanTag, srcIp, rule.getProtocol(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getState()==State.Revoke, rule.getState()==State.Active, purpose,rule.getSourceCidrList(),rule.getIcmpType(),rule.getIcmpCode());
+ this.trafficType = trafficType;
+ this.defaultEgressPolicy = defaultEgressPolicy;
+ }
+
public FirewallRuleTO(FirewallRule rule, String srcVlanTag, String srcIp, FirewallRule.Purpose purpose, boolean revokeState, boolean alreadyAdded) {
this(rule.getId(),srcVlanTag, srcIp, rule.getProtocol(), rule.getSourcePortStart(), rule.getSourcePortEnd(), revokeState, alreadyAdded, purpose,rule.getSourceCidrList(),rule.getIcmpType(),rule.getIcmpCode());
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/21e2bf48/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index d2a3c6b..b07b6f8 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -3680,6 +3680,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
private void createFirewallRulesCommands(List<? extends FirewallRule> rules, VirtualRouter router, Commands cmds, long guestNetworkId) {
List<FirewallRuleTO> rulesTO = null;
String systemRule = null;
+ Boolean defaultEgressPolicy = false;
if (rules != null) {
if (rules.size() > 0) {
if (rules.get(0).getTrafficType() == FirewallRule.TrafficType.Egress && rules.get(0).getType() == FirewallRule.FirewallRuleType.System) {
@@ -3694,17 +3695,17 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(),Purpose.Firewall,traffictype);
rulesTO.add(ruleTO);
} else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress){
+ NetworkVO network = _networkDao.findById(guestNetworkId);
+ NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
+ defaultEgressPolicy = offering.getEgressDefaultPolicy();
assert (rule.getSourceIpAddressId()==null) : "ipAddressId should be null for egress firewall rule. ";
- FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null,"",Purpose.Firewall, traffictype);
+ FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null,"",Purpose.Firewall, traffictype, defaultEgressPolicy);
rulesTO.add(ruleTO);
}
}
}
- NetworkVO network = _networkDao.findById(guestNetworkId);
- NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
- Boolean defaultEgressPolicy = offering.getEgressDefaultPolicy();
SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, getRouterIpInNetwork(guestNetworkId, router.getId()));