From 6875f48966b7cbfeeab1300b7e08353dbae2cd5b Mon Sep 17 00:00:00 2001
From: Alena Prokharchyk <alena.prokharchyk@citrix.com>
Date: Fri, 14 Sep 2012 15:22:25 -0700
Subject: [PATCH] Validate port ranges in PF rule only when startPort !=
 endPort in private or public range

---
 .../cloud/network/rules/RulesManagerImpl.java | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java
index 3a61db9559b..37cae90eb9c 100755
--- a/server/src/com/cloud/network/rules/RulesManagerImpl.java
+++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java
@@ -245,13 +245,22 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
                 dstIp = new Ip(guestNic.getIp4Address());
             }
             
-            //source start port and source dest port should be the same. The same applies to dest ports
-            if (rule.getSourcePortStart().intValue() != rule.getDestinationPortStart()) {
-                throw new InvalidParameterValueException("Private port start should be equal to public port start", null);
+            //if start port and end port are passed in, and they are not equal to each other, perform the validation
+            boolean validatePortRange = false;
+            if (rule.getSourcePortStart().intValue() != rule.getSourcePortEnd().intValue() 
+                    || rule.getDestinationPortStart() != rule.getDestinationPortEnd()) {
+                validatePortRange = true;
             }
             
-            if (rule.getSourcePortEnd().intValue() != rule.getDestinationPortEnd()) {
-                throw new InvalidParameterValueException("Private port end should be equal to public port end", null);
+            if (validatePortRange) {
+                //source start port and source dest port should be the same. The same applies to dest ports
+                if (rule.getSourcePortStart().intValue() != rule.getDestinationPortStart()) {
+                    throw new InvalidParameterValueException("Private port start should be equal to public port start", null);
+                }
+                
+                if (rule.getSourcePortEnd().intValue() != rule.getDestinationPortEnd()) {
+                    throw new InvalidParameterValueException("Private port end should be equal to public port end", null);
+                }
             }
 
             Transaction txn = Transaction.currentTxn();