Fixed response processing in createFirewallRule command

2025-11-03 04:12:31 +01:00 · 2011-08-10 10:47:45 -07:00 · 2011-08-10 10:47:45 -07:00 · 32b53351ff
commit 32b53351ff
parent 3f3c64025b
5 changed files with 52 additions and 27 deletions
--- a/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
+++ b/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
@ -66,6 +66,9 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta
    @Parameter(name = ApiConstants.OPEN_FIREWALL, type = CommandType.BOOLEAN, description = "if true, firewall rule for source/end pubic port is automatically created; if false - firewall rule has to be created explicitely. Has value true by default")
    private Boolean openFirewall;
    
+    @Parameter(name = ApiConstants.CIDR_LIST, type = CommandType.LIST, collectionType = CommandType.STRING, description = "the cidr list to forward traffic from")
+    private List<String> cidrlist;
+    

    /////////////////////////////////////////////////////
    /////////////////// Accessors ///////////////////////
@ -102,6 +105,7 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta

    @Override
    public void execute() throws ResourceUnavailableException{ 
+        
        boolean result = true;
        FirewallRule rule = null;
        try {
@ -127,15 +131,19 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta

 	@Override
 	public void create() {
-		StaticNatRule rule;
+	    
+	    //cidr list parameter is deprecated
+        if (cidrlist != null) {
+            throw new InvalidParameterValueException("Parameter cidrList is deprecated; if you need to open firewall rule for the specific cidr, please refer to createFirewallRule command");
+        }
+	    
        try {
-            rule = _rulesService.createStaticNatRule(this, getOpenFirewall());
+            StaticNatRule rule = _rulesService.createStaticNatRule(this, getOpenFirewall());
+            this.setEntityId(rule.getId());
        } catch (NetworkRuleConflictException e) {
-            s_logger.info("Unable to create Static Nat Rule due to " + e.getMessage());
+            s_logger.info("Unable to create Static Nat Rule due to ", e);
            throw new ServerApiException(BaseCmd.NETWORK_RULE_CONFLICT_ERROR, e.getMessage());
        }
-        
-        this.setEntityId(rule.getId());
 	}

    @Override
@ -263,8 +271,7 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta
    public Integer getIcmpType() {
        return null;
    }
-
-    @Override
+    
    public List<String> getSourceCidrList() {
        return null;
    }
--- a/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
+++ b/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
@ -81,6 +81,9 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCmd  /*implements LoadBa
    @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the load balancer")
    private Long domainId;
    
+    @Parameter(name = ApiConstants.CIDR_LIST, type = CommandType.LIST, collectionType = CommandType.STRING, description = "the cidr list to forward traffic from")
+    private List<String> cidrlist;
+    
    /////////////////////////////////////////////////////
    /////////////////// Accessors ///////////////////////
    /////////////////////////////////////////////////////
@ -125,6 +128,14 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCmd  /*implements LoadBa
            return true;
        }
    }
+    
+    public List<String> getSourceCidrList() {
+        if (cidrlist != null) {
+            throw new InvalidParameterValueException("Parameter cidrList is deprecated; if you need to open firewall rule for the specific cidr, please refer to createFirewallRule command");
+        }
+        return null;
+    }
+    

    /////////////////////////////////////////////////////
    /////////////// API Implementation///////////////////
@ -137,9 +148,17 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCmd  /*implements LoadBa
    
    @Override
    public void execute() throws ResourceAllocationException, ResourceUnavailableException {        
-        LoadBalancer result = null;
+        
+        //cidr list parameter is deprecated
+        if (cidrlist != null) {
+            throw new InvalidParameterValueException("Parameter cidrList is deprecated; if you need to open firewall rule for the specific cidr, please refer to createFirewallRule command");
+        }
+        
        try {
-            result = _lbService.createLoadBalancerRule(this, getOpenFirewall());
+            LoadBalancer result = _lbService.createLoadBalancerRule(this, getOpenFirewall());
+            LoadBalancerResponse response = _responseGenerator.createLoadBalancerResponse(result);
+            response.setResponseName(getCommandName());
+            this.setResponseObject(response);
        } catch (NetworkRuleConflictException e) {
            s_logger.warn("Exception: ", e);
            throw new ServerApiException(BaseCmd.NETWORK_RULE_CONFLICT_ERROR, e.getMessage());
@ -147,9 +166,6 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCmd  /*implements LoadBa
            s_logger.warn("Exception: ", e);
            throw new ServerApiException(BaseCmd.INSUFFICIENT_CAPACITY_ERROR, e.getMessage());
        }
-        LoadBalancerResponse response = _responseGenerator.createLoadBalancerResponse(result);
-        response.setResponseName(getCommandName());
-        this.setResponseObject(response);
    }

  
--- a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
+++ b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
@ -98,7 +98,10 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P
    }

    public List<String> getSourceCidrList() {
-        return cidrlist;
+        if (cidrlist != null) {
+            throw new InvalidParameterValueException("Parameter cidrList is deprecated; if you need to open firewall rule for the specific cidr, please refer to createFirewallRule command");
+        }
+        return null;
    }
    
    public Boolean getOpenFirewall() {
@ -117,10 +120,6 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P
    public String getCommandName() {
        return s_name;
    }
-    
-    public void setSourceCidrList(List<String> cidrs){
-        cidrlist = cidrs;
-    }

    @Override
    public void execute() throws ResourceUnavailableException {
@ -227,17 +226,17 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P

    @Override
    public void create() {
-        if (cidrlist != null)
-            for (String cidr: cidrlist){
-                if (!NetUtils.isValidCIDR(cidr)){
-                    throw new ServerApiException(BaseCmd.PARAM_ERROR, "Source cidrs formatting error " + cidr); 
-                }
-            }
+        
+        //cidr list parameter is deprecated
+        if (cidrlist != null) {
+            throw new InvalidParameterValueException("Parameter cidrList is deprecated; if you need to open firewall rule for the specific cidr, please refer to createFirewallRule command");
+        }
+        
        try {
            PortForwardingRule result = _rulesService.createPortForwardingRule(this, virtualMachineId, getOpenFirewall());
            setEntityId(result.getId());
        } catch (NetworkRuleConflictException ex) {
-            s_logger.info("Network rule conflict: " + ex.getMessage());
+            s_logger.info("Network rule conflict: " , ex);
            s_logger.trace("Network Rule Conflict: ", ex);
            throw new ServerApiException(BaseCmd.NETWORK_RULE_CONFLICT_ERROR, ex.getMessage());
        }
--- a/core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@ -6455,7 +6455,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
 	}
 	
 	protected SetFirewallRulesAnswer execute(SetFirewallRulesCommand cmd) {
-		String[] results = new String[cmd.getRules().length+1];
+		String[] results = new String[cmd.getRules().length];
 		String callResult;
 		Connection conn = getConnection();
 		String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
@ -6479,7 +6479,10 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
 		callResult = callHostPlugin(conn, "vmops", "setFirewallRule", "args", args);

 		if (callResult == null || callResult.isEmpty()) {
-			results[cmd.getRules().length] = "failed";
+		    //FIXME - in the future we have to process each rule separately; now we temporarely set every rule to be false if single rule fails
+		    for (int i=0; i < results.length; i++) {
+		        results[i] = "Failed";
+		    }
 			return new SetFirewallRulesAnswer(cmd, false, results);
 		}
 		return new SetFirewallRulesAnswer(cmd, true, results);
--- a/server/src/com/cloud/network/rules/RulesManagerImpl.java
+++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java
@ -225,7 +225,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
            if (e instanceof NetworkRuleConflictException) {
                throw (NetworkRuleConflictException) e;
            }
-            throw new CloudRuntimeException("Unable to add rule for the ip id=" + newRule.getSourceIpAddressId(), e);
+            throw new CloudRuntimeException("Unable to add rule for the ip id=" + ipAddrId, e);
        }
    }