apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1

Browse Source 
Description:
Unindented 3 lines to update logic flow to execute iptables when
passed ICMP type is not -1.
This commit is contained in:
John Kinsella 2012-05-16 19:52:32 -07:00 committed by David Nalley
parent 980f7931f7
commit efe318336a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/vm/network/security_group.py
View File

@ -639,8 +639,8 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac, rules, vif
range = start + "/" + end range = start + "/" + end
if start == "-1": if start == "-1":
range = "any" range = "any"
for ip in ips: for ip in ips:
execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " " + direction + " " + ip + " -j "+ action) execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " " + direction + " " + ip + " -j "+ action)
if allow_any and protocol != 'all': if allow_any and protocol != 'all':
if protocol != 'icmp': if protocol != 'icmp':
@ -649,7 +649,7 @@ def add_network_rules(vm_name, vm_id, vm_ip, signature, seqno, vmMac, rules, vif
range = start + "/" + end range = start + "/" + end
if start == "-1": if start == "-1":
range = "any" range = "any"
execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j "+action) execute("iptables -I " + vmchain + " -p icmp --icmp-type " + range + " -j "+action)
egress_vmchain = egress_chain_name(vm_name) egress_vmchain = egress_chain_name(vm_name)
if egressrule == 0 : if egressrule == 0 :