From 836a063a9ebc11dacce93fc5abc12dc95207ff78 Mon Sep 17 00:00:00 2001
From: Alena Prokharchyk <Alena.Prokharchyk@citrix.com>
Date: Wed, 22 Feb 2012 18:45:13 -0800
Subject: [PATCH] bug 13924: default Firewall provider to Juniper when Juniper
 is a provider for Pf/StaticNat or source nat service status 13924: resolved
 fixed reviewed-by: Will Chan

---
 .../configuration/ConfigurationManagerImpl.java  | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
index d293ca809b6..5b6526ff386 100755
--- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -3101,6 +3101,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
         // populate providers
         Map<Provider, Set<Service>> providerCombinationToVerify = new HashMap<Provider, Set<Service>>();
         Map<String, List<String>> svcPrv = cmd.getServiceProviders();
+        boolean isSrx = false;
         if (svcPrv != null) {
             for (String serviceStr : svcPrv.keySet()) {
                 Network.Service service = Network.Service.getService(serviceStr);
@@ -3117,11 +3118,10 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
                             throw new InvalidParameterValueException("Invalid service provider: " + prvNameStr);
                         }
 
-                        // Only VirtualRouter can be specified as a firewall provider
-                        if (service == Service.Firewall && provider != Provider.VirtualRouter) {
-                            throw new InvalidParameterValueException("Only Virtual router can be specified as a provider for the Firewall service");
+                        if (provider == Provider.JuniperSRX) {
+                            isSrx = true;
                         }
-
+                            
                         providers.add(provider);
 
                         Set<Service> serviceSet = null;
@@ -3169,6 +3169,14 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
         serviceCapabilityMap.put(Service.Lb, lbServiceCapabilityMap);
         serviceCapabilityMap.put(Service.SourceNat, sourceNatServiceCapabilityMap);
         serviceCapabilityMap.put(Service.StaticNat, staticNatServiceCapabilityMap);
+        
+        //if Firewall service is missing, and Juniper is a provider for any other service, add Firewall service/provider combination
+        if (isSrx)  {
+            s_logger.debug("Adding Firewall service with provider " + Provider.JuniperSRX.getName());
+            Set<Provider> firewallProvider = new HashSet<Provider>();
+            firewallProvider.add(Provider.JuniperSRX);
+            serviceProviderMap.put(Service.Firewall, firewallProvider);
+        }
 
         return createNetworkOffering(userId, name, displayText, trafficType, tags, specifyVlan, availability, networkRate, serviceProviderMap, false, guestType,
                 false, serviceOfferingId, conserveMode, serviceCapabilityMap, specifyIpRanges);