mirror of
				https://github.com/apache/cloudstack.git
				synced 2025-10-26 08:42:29 +01:00 
			
		
		
		
	Merge release branch 4.9 to master
* 4.9: cleanup trailing space for checkstyle Expanded tests of RFC1918 and RFC6598 validation code. Allow CGN (RFC6598) to be used within a VPC
This commit is contained in:
		
						commit
						3f7fca02d4
					
				| @ -2213,7 +2213,7 @@ public class NetworkOrchestrator extends ManagerBase implements NetworkOrchestra | |||||||
|         // Check if cidr is RFC1918 compliant if the network is Guest Isolated for IPv4 |         // Check if cidr is RFC1918 compliant if the network is Guest Isolated for IPv4 | ||||||
|         if (cidr != null && ntwkOff.getGuestType() == Network.GuestType.Isolated && ntwkOff.getTrafficType() == TrafficType.Guest) { |         if (cidr != null && ntwkOff.getGuestType() == Network.GuestType.Isolated && ntwkOff.getTrafficType() == TrafficType.Guest) { | ||||||
|             if (!NetUtils.validateGuestCidr(cidr)) { |             if (!NetUtils.validateGuestCidr(cidr)) { | ||||||
|                 throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC1918 compliant"); |                 throw new InvalidParameterValueException("Virtual Guest Cidr " + cidr + " is not RFC 1918 or 6598 compliant"); | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -1147,22 +1147,26 @@ public class NetUtils { | |||||||
|         // 10.0.0.0 - 10.255.255.255 (10/8 prefix) |         // 10.0.0.0 - 10.255.255.255 (10/8 prefix) | ||||||
|         // 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) |         // 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) | ||||||
|         // 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) |         // 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) | ||||||
| 
 |         // RFC 6598 - The IETF detailed shared address space for use in ISP CGN | ||||||
|         final String cidr1 = "10.0.0.0/8"; |         // deployments and NAT devices that can handle the same addresses occurring both on inbound and outbound interfaces. | ||||||
|         final String cidr2 = "172.16.0.0/12"; |         // ARIN returned space to the IANA as needed for this allocation. | ||||||
|         final String cidr3 = "192.168.0.0/16"; |         // The allocated address block is 100.64.0.0/10 | ||||||
|  |         final String[] allowedNetBlocks = {"10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10"}; | ||||||
| 
 | 
 | ||||||
|         if (!isValidCIDR(cidr)) { |         if (!isValidCIDR(cidr)) { | ||||||
|             s_logger.warn("Cidr " + cidr + " is not valid"); |             s_logger.warn("Cidr " + cidr + " is not valid"); | ||||||
|             return false; |             return false; | ||||||
|         } |         } | ||||||
| 
 | 
 | ||||||
|         if (isNetworkAWithinNetworkB(cidr, cidr1) || isNetworkAWithinNetworkB(cidr, cidr2) || isNetworkAWithinNetworkB(cidr, cidr3)) { |         for (String block: allowedNetBlocks) { | ||||||
|             return true; |             if (isNetworkAWithinNetworkB(cidr, block)) { | ||||||
|         } else { |                 return true; | ||||||
|             s_logger.warn("cidr " + cidr + " is not RFC 1918 compliant"); |             } | ||||||
|             return false; |  | ||||||
|         } |         } | ||||||
|  | 
 | ||||||
|  |         // not in allowedNetBlocks - return false | ||||||
|  |         s_logger.warn("cidr " + cidr + " is not RFC 1918 or 6598 compliant"); | ||||||
|  |         return false; | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     public static boolean verifyInstanceName(final String instanceName) { |     public static boolean verifyInstanceName(final String instanceName) { | ||||||
| @ -1171,7 +1175,6 @@ public class NetUtils { | |||||||
|             s_logger.warn("Instance name can not contain hyphen, spaces and \"+\" char"); |             s_logger.warn("Instance name can not contain hyphen, spaces and \"+\" char"); | ||||||
|             return false; |             return false; | ||||||
|         } |         } | ||||||
| 
 |  | ||||||
|         return true; |         return true; | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -314,9 +314,15 @@ public class NetUtilsTest { | |||||||
| 
 | 
 | ||||||
|     @Test |     @Test | ||||||
|     public void testValidateGuestCidr() throws Exception { |     public void testValidateGuestCidr() throws Exception { | ||||||
|         final String guestCidr = "192.168.1.0/24"; |         final String[] validCidrs = {"10.1.1.1/16", "172.16.1.0/16", "192.168.1.0/24", "100.64.1.0/24"}; | ||||||
|  |         final String[] invalidCidrs = {"172.33.1.0/16", "100.128.1.0/10"}; | ||||||
| 
 | 
 | ||||||
|         assertTrue(NetUtils.validateGuestCidr(guestCidr)); |         for (String cidr: validCidrs) { | ||||||
|  |             assertTrue(NetUtils.validateGuestCidr(cidr)); | ||||||
|  |         } | ||||||
|  |         for (String cidr: invalidCidrs) { | ||||||
|  |             assertFalse(NetUtils.validateGuestCidr(cidr)); | ||||||
|  |         } | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     @Test |     @Test | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user