apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-7548:removeNICFromVM should check for networkId while checking for PF rules on the nic

Browse Source
This commit is contained in:
Saksham Srivastava 2014-09-15 19:14:50 +05:30
parent 6379ca4548
commit 8c671c49b3
3 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java
View File

@ -44,7 +44,7 @@ public interface PortForwardingRulesDao extends GenericDao<PortForwardingRuleVO,
List<PortForwardingRuleVO> listByDestIpAddr(String ip4Address); List<PortForwardingRuleVO> listByDestIpAddr(String ip4Address);
List<PortForwardingRuleVO> listByVmidAndDestIpAddr(String ip4Address,long vmid);
PortForwardingRuleVO findByIdAndIp(long id, String secondaryIp); PortForwardingRuleVO findByIdAndIp(long id, String secondaryIp);
List<PortForwardingRuleVO> listByNetworkAndDestIpAddr(String ip4Address, long networkId);
} }

4
engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java
View File

@ -158,10 +158,10 @@ public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRul
} }
@Override @Override
public List<PortForwardingRuleVO> listByVmidAndDestIpAddr(String ip4Address,long vmid) { public List<PortForwardingRuleVO> listByNetworkAndDestIpAddr(String ip4Address, long networkId) {
SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create();
sc.setParameters("dstIp", ip4Address); sc.setParameters("dstIp", ip4Address);
sc.setParameters("vmId", vmid); sc.setParameters("networkId", networkId);
return listBy(sc); return listBy(sc);
} }

19
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -1463,14 +1463,20 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
@Override @Override
public List<FirewallRuleVO> listAssociatedRulesForGuestNic(Nic nic) { public List<FirewallRuleVO> listAssociatedRulesForGuestNic(Nic nic) {
s_logger.debug("Checking if PF/StaticNat/LoadBalancer rules are configured for nic " + nic.getId());
List<FirewallRuleVO> result = new ArrayList<FirewallRuleVO>(); List<FirewallRuleVO> result = new ArrayList<FirewallRuleVO>();
// add PF rules // add PF rules
result.addAll(_portForwardingDao.listByVmidAndDestIpAddr(nic.getIp4Address(),nic.getInstanceId())); result.addAll(_portForwardingDao.listByNetworkAndDestIpAddr(nic.getIp4Address(), nic.getNetworkId()));
if(result.size() > 0) {
s_logger.debug("Found " + result.size() + " portforwarding rule configured for the nic in the network " + nic.getNetworkId());
}
// add static NAT rules // add static NAT rules
List<FirewallRuleVO> staticNatRules = _firewallDao.listStaticNatByVmId(nic.getInstanceId()); List<FirewallRuleVO> staticNatRules = _firewallDao.listStaticNatByVmId(nic.getInstanceId());
for (FirewallRuleVO rule : staticNatRules) { for (FirewallRuleVO rule : staticNatRules) {
if (rule.getNetworkId() == nic.getNetworkId()) if (rule.getNetworkId() == nic.getNetworkId()) {
result.add(rule); result.add(rule);
s_logger.debug("Found rule " + rule.getId() + " " + rule.getPurpose() + " configured");
}
} }
List<? extends IpAddress> staticNatIps = _ipAddressDao.listStaticNatPublicIps(nic.getNetworkId()); List<? extends IpAddress> staticNatIps = _ipAddressDao.listStaticNatPublicIps(nic.getNetworkId());
for (IpAddress ip : staticNatIps) { for (IpAddress ip : staticNatIps) {
@ -1479,17 +1485,20 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
// generate a static Nat rule on the fly because staticNATrule does not persist into db anymore // generate a static Nat rule on the fly because staticNATrule does not persist into db anymore
// FIX ME // FIX ME
FirewallRuleVO staticNatRule = FirewallRuleVO staticNatRule =
new FirewallRuleVO(null, ip.getId(), 0, 65535, NetUtils.ALL_PROTO.toString(), nic.getNetworkId(), vm.getAccountId(), vm.getDomainId(), new FirewallRuleVO(null, ip.getId(), 0, 65535, NetUtils.ALL_PROTO.toString(), nic.getNetworkId(), vm.getAccountId(), vm.getDomainId(),
Purpose.StaticNat, null, null, null, null, null); Purpose.StaticNat, null, null, null, null, null);
result.add(staticNatRule); result.add(staticNatRule);
s_logger.debug("Found rule " + staticNatRule.getId() + " " + staticNatRule.getPurpose() + " configured");
} }
} }
// add LB rules // add LB rules
List<LoadBalancerVMMapVO> lbMapList = _loadBalancerVMMapDao.listByInstanceId(nic.getInstanceId()); List<LoadBalancerVMMapVO> lbMapList = _loadBalancerVMMapDao.listByInstanceId(nic.getInstanceId());
for (LoadBalancerVMMapVO lb : lbMapList) { for (LoadBalancerVMMapVO lb : lbMapList) {
FirewallRuleVO lbRule = _firewallDao.findById(lb.getLoadBalancerId()); FirewallRuleVO lbRule = _firewallDao.findById(lb.getLoadBalancerId());
if (lbRule.getNetworkId() == nic.getNetworkId()) if (lbRule.getNetworkId() == nic.getNetworkId()) {
result.add(lbRule); result.add(lbRule);
s_logger.debug("Found rule " + lbRule.getId() + " " + lbRule.getPurpose() + " configured");
}
} }
return result; return result;
} }