From c809d057efd42bf01d585326e09e51e0c0ff1cee Mon Sep 17 00:00:00 2001 From: Murali Reddy Date: Tue, 12 Feb 2013 15:25:07 +0530 Subject: [PATCH] CLOUDSTACK-1241: Network apply rules logic is broken added logic to check if the network element is configured service provider for the network before applying rules --- .../network/firewall/FirewallManagerImpl.java | 20 +++++++++++++++++++ .../lb/LoadBalancingRulesManagerImpl.java | 5 +++++ 2 files changed, 25 insertions(+) diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index d3b4c0beabf..0d17ba720a9 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -536,12 +536,22 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, switch (purpose){ case Firewall: for (FirewallServiceProvider fwElement: _firewallElements) { + Network.Provider provider = fwElement.getProvider(); + boolean isFwProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, provider); + if (!isFwProvider) { + continue; + } handled = fwElement.applyFWRules(network, rules); if (handled) break; } case PortForwarding: for (PortForwardingServiceProvider element: _pfElements) { + Network.Provider provider = element.getProvider(); + boolean isPfProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, provider); + if (!isPfProvider) { + continue; + } handled = element.applyPFRules(network, (List) rules); if (handled) break; @@ -549,6 +559,11 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, break; case StaticNat: for (StaticNatServiceProvider element: _staticNatElements) { + Network.Provider provider = element.getProvider(); + boolean isSnatProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.StaticNat, provider); + if (!isSnatProvider) { + continue; + } handled = element.applyStaticNats(network, (List) rules); if (handled) break; @@ -556,6 +571,11 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, break; case NetworkACL: for (NetworkACLServiceProvider element: _networkAclElements) { + Network.Provider provider = element.getProvider(); + boolean isAclProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.NetworkACL, provider); + if (!isAclProvider) { + continue; + } handled = element.applyNetworkACLs(network, rules); if (handled) break; diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java index 85e850c0b5a..531a42805b6 100755 --- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java +++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java @@ -1158,6 +1158,11 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements assert(purpose == Purpose.LoadBalancing): "LB Manager asked to handle non-LB rules"; boolean handled = false; for (LoadBalancingServiceProvider lbElement: _lbProviders) { + Provider provider = lbElement.getProvider(); + boolean isLbProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Lb, provider); + if (!isLbProvider) { + continue; + } handled = lbElement.applyLBRules(network, (List) rules); if (handled) break;