apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1783 from jayapalu/CLOUDSTACK-9615

Browse Source 
CLOUDSTACK-9615: Fixd applying ingress rules without portsWhen ingress rule is applied without ports (port start and port end params are not passed) then API/UI is showing rule got applied but in the VR, iptables rule not got applied.

Fixed this issue in the VR script.

* pr/1783:
  CLOUDSTACK-9615: Fixed applying ingress rules without ports

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This commit is contained in:
Rohit Yadav 2016-12-22 12:37:13 +05:30
commit 2088f0ad73
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
systemvm/patches/debian/config/opt/cloud/bin/configure.py
View File

@ -122,10 +122,10 @@ class CsAcl(CsDataBag):
rnge = '' rnge = ''
if "first_port" in self.rule.keys() and \ if "first_port" in self.rule.keys() and \
self.rule['first_port'] == self.rule['last_port']: self.rule['first_port'] == self.rule['last_port']:
rnge = self.rule['first_port'] rnge = " --dport %s " %self.rule['first_port']
if "first_port" in self.rule.keys() and \ if "first_port" in self.rule.keys() and \
self.rule['first_port'] != self.rule['last_port']: self.rule['first_port'] != self.rule['last_port']:
rnge = "%s:%s" % (rule['first_port'], rule['last_port']) rnge = " --dport %s:%s" % (rule['first_port'], rule['last_port'])
if self.direction == 'ingress': if self.direction == 'ingress':
if rule['protocol'] == "icmp": if rule['protocol'] == "icmp":
self.fw.append(["mangle", "front", self.fw.append(["mangle", "front",
@ -140,7 +140,7 @@ class CsAcl(CsDataBag):
" -s %s " % cidr + " -s %s " % cidr +
" -p %s " % rule['protocol'] + " -p %s " % rule['protocol'] +
" -m %s " % rule['protocol'] + " -m %s " % rule['protocol'] +
" --dport %s -j RETURN" % rnge]) " %s -j RETURN" % rnge])
logging.debug("Current ACL IP direction is ==> %s", self.direction) logging.debug("Current ACL IP direction is ==> %s", self.direction)
if self.direction == 'egress': if self.direction == 'egress':
@ -174,7 +174,7 @@ class CsAcl(CsDataBag):
fwr += " -s %s " % cidr + \ fwr += " -s %s " % cidr + \
" -p %s " % rule['protocol'] + \ " -p %s " % rule['protocol'] + \
" -m %s " % rule['protocol'] + \ " -m %s " % rule['protocol'] + \
" --dport %s" % rnge " %s" % rnge
elif rule['protocol'] == "all": elif rule['protocol'] == "all":
fwr += " -s %s " % cidr fwr += " -s %s " % cidr