You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Kishan Kavala (JIRA)" <ji...@apache.org> on 2013/05/15 11:57:15 UTC
[jira] [Commented] (CLOUDSTACK-2491) NTier: Creation of ACL Rule
for protocol AH (51) and ESP (50) Fails
[ https://issues.apache.org/jira/browse/CLOUDSTACK-2491?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13658204#comment-13658204 ]
Kishan Kavala commented on CLOUDSTACK-2491:
-------------------------------------------
protocol 51 and 50 do not require start and end ports. UI should change to make start and endport optional. Use API with same protocol and without start and endports, it'll work
> NTier: Creation of ACL Rule for protocol AH (51) and ESP (50) Fails
> -------------------------------------------------------------------
>
> Key: CLOUDSTACK-2491
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2491
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Management Server
> Affects Versions: 4.2.0
> Reporter: Chandan Purushothama
> Priority: Blocker
> Fix For: 4.2.0
>
>
> ================
> Steps to Reproduce:
> ================
> 1. Create a VPC.
> 2. Create a Network Tier
> 3. Create an ACL rule on the Network Tier with protocol AH(51)
> 4 Create an ACL rule on the Network Tier with protocol ESP (50)
> ==========
> Observations:
> ==========
> **Creation of ACL Rules with Protocol 51**
> 2013-05-14 15:02:45,842 DEBUG [cloud.api.ApiServlet] (catalina-exec-3:null) ===START=== 10.216.133.86 -- GET command=createNetworkACL&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=10.223.195.44%2F32&protocol=51&startport=81&endport=82&networkid=bcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=Ingress&_=1368569008881
> 2013-05-14 15:02:45,849 DEBUG [cloud.user.AccountManagerImpl] (catalina-exec-3:null) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:02:45,853 DEBUG [cloud.user.AccountManagerImpl] (catalina-exec-3:null) Access to [VPC [1-Atoms-VPC-1] granted to Acct[3-atoms] by DomainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:02:45,879 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina-exec-3:null) submit async job-22, details: AsyncJobVO {id:22, userId: 3, accountId: 3, sessionKey: null, instanceType: None, instanceId: 11, cmd: org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd, cmdOriginator: null, cmdInfo: {"sessionkey":"1ew3VD0LppS+SreQld9FNtVnLwo\u003d","protocol":"51","ctxUserId":"3","traffictype":"Ingress","httpmethod":"GET","startport":"81","endport":"82","response":"json","id":"11","cidrlist":"10.223.195.44/32","_":"1368569008881","ctxAccountId":"3","networkid":"bcc163c5-c23f-4b47-a0c8-562b8460b3fe","ctxStartEventId":"78"}, cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode: 0, result: null, initMsid: 7508777239729, completeMsid: null, lastUpdated: null, lastPolled: null, created: null}
> 2013-05-14 15:02:45,881 DEBUG [cloud.api.ApiServlet] (catalina-exec-3:null) ===END=== 10.216.133.86 -- GET command=createNetworkACL&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=10.223.195.44%2F32&protocol=51&startport=81&endport=82&networkid=bcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=Ingress&_=1368569008881
> 2013-05-14 15:02:45,882 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-9:job-22) Executing org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd for job-22
> 2013-05-14 15:02:45,887 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-9:job-22) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:02:45,897 DEBUG [network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-9:job-22) Applying network acls in network Ntwk[206|Guest|11]
> 2013-05-14 15:02:45,907 DEBUG [cloud.network.NetworkModelImpl] (Job-Executor-9:job-22) Service SecurityGroup is not supported in the network id=206
> 2013-05-14 15:02:45,918 DEBUG [agent.transport.Request] (Job-Executor-9:job-22) Seq 1-1228472477: Sending { Cmd , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2},{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag":"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,80],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072","protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":9}],"nic":{"deviceId":2,"networkRateMbps":200,"defaultNic":false,"uuid":"1a0c7f7d-d2f2-4be7-b148-4582f741633a","ip":"192.168.10.1","netmask":"255.255.255.0","gateway":"192.168.10.1","mac":"02:00:25:a3:00:02","broadcastType":"Vlan","type":"Guest","broadcastUri":"vlan://2072","isolationUri":"vlan://2072","isSecurityGroupEnabled":false},"accessDetails":{"router.guest.ip":"192.168.10.1","guest.vlan.tag":"2072","zone.network.type":"Advanced","router.ip":"169.254.1.178","router.name":"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:02:45,921 DEBUG [agent.transport.Request] (Job-Executor-9:job-22) Seq 1-1228472477: Executing: { Cmd , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2},{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag":"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,80],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072","protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":9}],"nic":{"deviceId":2,"networkRateMbps":200,"defaultNic":false,"uuid":"1a0c7f7d-d2f2-4be7-b148-4582f741633a","ip":"192.168.10.1","netmask":"255.255.255.0","gateway":"192.168.10.1","mac":"02:00:25:a3:00:02","broadcastType":"Vlan","type":"Guest","broadcastUri":"vlan://2072","isolationUri":"vlan://2072","isSecurityGroupEnabled":false},"accessDetails":{"router.guest.ip":"192.168.10.1","guest.vlan.tag":"2072","zone.network.type":"Advanced","router.ip":"169.254.1.178","router.name":"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:02:45,921 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-117:null) Seq 1-1228472477: Executing request
> 2013-05-14 15:02:46,005 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-355:null) Seq 1-1228472325: Response Received:
> 2013-05-14 15:02:46,005 DEBUG [agent.transport.Request] (DirectAgent-355:null) Seq 1-1228472325: Processing: { Ans: , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 10, [{"ClusterSyncAnswer":{"_clusterId":1,"_newStates":{},"_isExecuted":false,"result":true,"wait":0}}] }
> 2013-05-14 15:02:46,641 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-117:null) Seq 1-1228472477: Response Received:
> 2013-05-14 15:02:46,642 DEBUG [agent.transport.Request] (DirectAgent-117:null) Seq 1-1228472477: Processing: { Ans: , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 0, [{"routing.SetNetworkACLAnswer":{"results":["Failed","Failed","Failed","Failed","Failed","Failed","Failed","Failed","Failed"],"result":false,"wait":0}}] }
> 2013-05-14 15:02:46,642 DEBUG [agent.transport.Request] (Job-Executor-9:job-22) Seq 1-1228472477: Received: { Ans: , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 0, { SetNetworkACLAnswer } }
> 2013-05-14 15:02:46,643 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-9:job-22) Unexpected exception while executing org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd
> com.cloud.exception.InvalidParameterValueException: ACL Items in default ACL cannot be deleted
> at com.cloud.network.vpc.NetworkACLServiceImpl.revokeNetworkACLItem(NetworkACLServiceImpl.java:449)
> at org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd.execute(CreateNetworkACLCmd.java:227)
> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
> at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
> at java.util.concurrent.FutureTask.run(FutureTask.java:166)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 15:02:46,644 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-9:job-22) Complete async job-22, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: ACL Items in default ACL cannot be deleted
> **Creation of ACL Rules with Protocol 50**
> 2013-05-14 15:08:53,485 DEBUG [cloud.api.ApiServlet] (catalina-exec-20:null) ===START=== 10.216.133.86 -- GET command=createNetworkACL&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=10.223.195.44%2F32&protocol=50&startport=82&endport=83&networkid=bcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=Ingress&_=1368569376535
> 2013-05-14 15:08:53,492 DEBUG [cloud.user.AccountManagerImpl] (catalina-exec-20:null) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:08:53,496 DEBUG [cloud.user.AccountManagerImpl] (catalina-exec-20:null) Access to [VPC [1-Atoms-VPC-1] granted to Acct[3-atoms] by DomainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:08:53,519 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina-exec-20:null) submit async job-23, details: AsyncJobVO {id:23, userId: 3, accountId: 3, sessionKey: null, instanceType: None, instanceId: 12, cmd: org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd, cmdOriginator: null, cmdInfo: {"sessionkey":"1ew3VD0LppS+SreQld9FNtVnLwo\u003d","protocol":"50","ctxUserId":"3","traffictype":"Ingress","httpmethod":"GET","startport":"82","endport":"83","response":"json","id":"12","cidrlist":"10.223.195.44/32","_":"1368569376535","ctxAccountId":"3","networkid":"bcc163c5-c23f-4b47-a0c8-562b8460b3fe","ctxStartEventId":"80"}, cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode: 0, result: null, initMsid: 7508777239729, completeMsid: null, lastUpdated: null, lastPolled: null, created: null}
> 2013-05-14 15:08:53,520 DEBUG [cloud.api.ApiServlet] (catalina-exec-20:null) ===END=== 10.216.133.86 -- GET command=createNetworkACL&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=10.223.195.44%2F32&protocol=50&startport=82&endport=83&networkid=bcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=Ingress&_=1368569376535
> 2013-05-14 15:08:53,522 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-10:job-23) Executing org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd for job-23
> 2013-05-14 15:08:53,527 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-10:job-23) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:08:53,538 DEBUG [network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-10:job-23) Applying network acls in network Ntwk[206|Guest|11]
> 2013-05-14 15:08:53,547 DEBUG [cloud.network.NetworkModelImpl] (Job-Executor-10:job-23) Service SecurityGroup is not supported in the network id=206
> 2013-05-14 15:08:53,559 DEBUG [agent.transport.Request] (Job-Executor-10:job-23) Seq 1-1228472494: Sending { Cmd , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2},{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag":"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,80],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072","protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":9},{"id":0,"vlanTag":"2072","protocol":"50","portRange":[82,83],"revoked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":10}],"nic":{"deviceId":2,"networkRateMbps":200,"defaultNic":false,"uuid":"1a0c7f7d-d2f2-4be7-b148-4582f741633a","ip":"192.168.10.1","netmask":"255.255.255.0","gateway":"192.168.10.1","mac":"02:00:25:a3:00:02","broadcastType":"Vlan","type":"Guest","broadcastUri":"vlan://2072","isolationUri":"vlan://2072","isSecurityGroupEnabled":false},"accessDetails":{"router.guest.ip":"192.168.10.1","guest.vlan.tag":"2072","zone.network.type":"Advanced","router.ip":"169.254.1.178","router.name":"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:08:53,561 DEBUG [agent.transport.Request] (Job-Executor-10:job-23) Seq 1-1228472494: Executing: { Cmd , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2},{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRange":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag":"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,80],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072","protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":9},{"id":0,"vlanTag":"2072","protocol":"50","portRange":[82,83],"revoked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","number":10}],"nic":{"deviceId":2,"networkRateMbps":200,"defaultNic":false,"uuid":"1a0c7f7d-d2f2-4be7-b148-4582f741633a","ip":"192.168.10.1","netmask":"255.255.255.0","gateway":"192.168.10.1","mac":"02:00:25:a3:00:02","broadcastType":"Vlan","type":"Guest","broadcastUri":"vlan://2072","isolationUri":"vlan://2072","isSecurityGroupEnabled":false},"accessDetails":{"router.guest.ip":"192.168.10.1","guest.vlan.tag":"2072","zone.network.type":"Advanced","router.ip":"169.254.1.178","router.name":"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:08:53,562 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-32:null) Seq 1-1228472494: Executing request
> 2013-05-14 15:08:55,909 DEBUG [storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Zone 1 is ready to launch secondary storage VM
> 2013-05-14 15:08:56,179 DEBUG [cloud.consoleproxy.ConsoleProxyManagerImpl] (consoleproxy-1:null) Zone 1 is ready to launch console proxy
> 2013-05-14 15:08:56,621 DEBUG [cloud.api.ApiServlet] (catalina-exec-19:null) ===START=== 10.216.133.86 -- GET command=queryAsyncJobResult&jobId=f257cf39-9efb-49ec-977d-a6b60ef1a5f3&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&_=1368569379648
> 2013-05-14 15:08:56,637 DEBUG [cloud.api.ApiServlet] (catalina-exec-19:null) ===END=== 10.216.133.86 -- GET command=queryAsyncJobResult&jobId=f257cf39-9efb-49ec-977d-a6b60ef1a5f3&response=json&sessionkey=1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&_=1368569379648
> 2013-05-14 15:08:56,936 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-32:null) Seq 1-1228472494: Response Received:
> 2013-05-14 15:08:56,936 DEBUG [agent.transport.Request] (DirectAgent-32:null) Seq 1-1228472494: Processing: { Ans: , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 0, [{"routing.SetNetworkACLAnswer":{"results":["Failed","Failed","Failed","Failed","Failed","Failed","Failed","Failed","Failed","Failed"],"result":false,"wait":0}}] }
> 2013-05-14 15:08:56,936 DEBUG [agent.transport.Request] (Job-Executor-10:job-23) Seq 1-1228472494: Received: { Ans: , MgmtId: 7508777239729, via: 1, Ver: v1, Flags: 0, { SetNetworkACLAnswer } }
> 2013-05-14 15:08:56,938 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-10:job-23) Unexpected exception while executing org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd
> com.cloud.exception.InvalidParameterValueException: ACL Items in default ACL cannot be deleted
> at com.cloud.network.vpc.NetworkACLServiceImpl.revokeNetworkACLItem(NetworkACLServiceImpl.java:449)
> at org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd.execute(CreateNetworkACLCmd.java:227)
> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
> at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
> at java.util.concurrent.FutureTask.run(FutureTask.java:166)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 15:08:56,938 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-10:job-23) Complete async job-23, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: ACL Items in default ACL cannot be deleted
> =============
> On The VPC VR:
> =============
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network: 192.168.10.1/24, inbound::51:81:82:10.223.195.44/32
> May 14 14:04:37 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::51:81:82:10.223.195.44/32
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network : 192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network: 192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network: 192.168.10.1/24, inbound::6:80:81:10.223.131.170/32
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network : 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network: 192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:10:47 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network : 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network: 192.168.10.1/24
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira