apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-12-16 10:32:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug 12917: security groups - icmp type/code validations.

Browse Source
This commit is contained in:
Naredula Janardhana Reddy 2012-01-06 19:33:07 +05:30
parent d1dc819df5
commit 6aa0560d37
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
scripts/vm/hypervisor/xenserver/vmops
View File

@ -1334,6 +1334,7 @@ def network_rules(session, args):
if start == "-1": if start == "-1":
range = "any" range = "any"
iptables = ['iptables', '-I', vmchain, '-p', 'icmp', '--icmp-type', range, '-m', 'set', keyword, ipsetname, direction, '-j', action] iptables = ['iptables', '-I', vmchain, '-p', 'icmp', '--icmp-type', range, '-m', 'set', keyword, ipsetname, direction, '-j', action]
cmds.append(iptables) cmds.append(iptables)
util.SMlog(iptables) util.SMlog(iptables)

4
server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
View File

@ -603,8 +603,8 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
if (icmpType == -1 && icmpCode != -1) { if (icmpType == -1 && icmpCode != -1) {
throw new InvalidParameterValueException("Invalid icmp type range"); throw new InvalidParameterValueException("Invalid icmp type range");
} }
if (icmpCode > 255) { if (icmpCode > 255 || icmpType > 255 || icmpCode < -1 || icmpType < -1) {
throw new InvalidParameterValueException("Invalid icmp code "); throw new InvalidParameterValueException("Invalid icmp type/code ");
} }
startPortOrType = icmpType; startPortOrType = icmpType;
endPortOrCode = icmpCode; endPortOrCode = icmpCode;