apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Validate port ranges in PF rule only when startPort != endPort in private or public range

Browse Source
This commit is contained in:
Alena Prokharchyk 2012-09-14 15:22:25 -07:00
parent bbbccc0a7b
commit 6875f48966
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -245,6 +245,14 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
dstIp = new Ip(guestNic.getIp4Address()); dstIp = new Ip(guestNic.getIp4Address());
} }
//if start port and end port are passed in, and they are not equal to each other, perform the validation
boolean validatePortRange = false;
if (rule.getSourcePortStart().intValue() != rule.getSourcePortEnd().intValue()
|| rule.getDestinationPortStart() != rule.getDestinationPortEnd()) {
validatePortRange = true;
}
if (validatePortRange) {
//source start port and source dest port should be the same. The same applies to dest ports //source start port and source dest port should be the same. The same applies to dest ports
if (rule.getSourcePortStart().intValue() != rule.getDestinationPortStart()) { if (rule.getSourcePortStart().intValue() != rule.getDestinationPortStart()) {
throw new InvalidParameterValueException("Private port start should be equal to public port start", null); throw new InvalidParameterValueException("Private port start should be equal to public port start", null);
@ -253,6 +261,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
if (rule.getSourcePortEnd().intValue() != rule.getDestinationPortEnd()) { if (rule.getSourcePortEnd().intValue() != rule.getDestinationPortEnd()) {
throw new InvalidParameterValueException("Private port end should be equal to public port end", null); throw new InvalidParameterValueException("Private port end should be equal to public port end", null);
} }
}
Transaction txn = Transaction.currentTxn(); Transaction txn = Transaction.currentTxn();
txn.start(); txn.start();