From 88327580b08e2abec2d3c817ab0336e394563cd6 Mon Sep 17 00:00:00 2001
From: Jayapal <jayapalatiiit@gmail.com>
Date: Thu, 23 Nov 2017 11:42:43 +0530
Subject: [PATCH] =?UTF-8?q?CLOUDSTACK-10152:=20Skip=20the=20destination=20?=
 =?UTF-8?q?cidr=20in=20ipset=20when=200.0.0.0/0=20pa=E2=80=A6=20(#2334)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Skip the destination cidr in ipset when 0.0.0.0/0 passed.
Fixed adding issue with egress dest cidr with 0.0.0.0/0.
---
 systemvm/patches/debian/config/opt/cloud/bin/configure.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index f1113098137..bc5349a52d8 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -120,6 +120,7 @@ class CsAcl(CsDataBag):
             self.add_rule()
 
         def add_rule(self):
+            CIDR_ALL = '0.0.0.0/0'
             icmp_type = ''
             rule = self.rule
             icmp_type = "any"
@@ -172,6 +173,8 @@ class CsAcl(CsDataBag):
 
                 logging.debug("egress   rule  ####==> %s", self.rule)
                 for cidr in self.rule['dcidr']:
+                    if cidr == CIDR_ALL:
+                        continue
                     ipsetAddCmd = 'ipset add '+ destIpsetName + ' '+cidr
                     CsHelper.execute(ipsetAddCmd)
                     dflag = True