apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,354 Commits 304 Branches 324 Tags
Commit Graph

45 Commits

Author SHA1 Message Date
Edison Su
cefc5cbff3 bug CS-16172 
Reviewed-by: chiradeep
 2012-08-24 16:13:29 -07:00
David Nalley
d630fa8697 license header changes for scripts folder from Chip Childers 2012-06-23 00:58:00 -04:00
Wido den Hollander
bdec29b3dc Create iptable rules for all bridges assigned to a system VM 
The default_network_rules_systemvm method in security_group.py only created the appropriate rules for
just one bridge.

This however leads to traffic not being forwarded to the virtual machine in the case of the system VMs
both (console & storage) having different bridges in basic networking.

This patch makes sure rules are generated for all target devices based on their source device/bridge

It however excludes the LinkLocalBridge since no filtering is needed on that bridge.
 2012-06-19 12:20:22 +02:00
John Kinsella
efe318336a CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1 
Description:
Unindented 3 lines to update logic flow to execute iptables when
passed ICMP type is not -1.
 2012-05-27 19:39:56 -04:00
Edison Su
d913e3bdfb security group: exactly match bridge name 2012-05-04 13:56:34 -07:00
frank
2f634c0913 Switch to Apache license 2012-04-03 04:50:05 -07:00
frank
52610ffcb3 add copyright header to shell scripts 2012-01-11 18:41:53 -08:00
Naredula Janardhana Reddy
c7766ea6c8 bug 10617: kvm related changes. 2011-12-02 17:07:36 +05:30
Naredula Janardhana Reddy
09905b641b bug 10617: merge code from branch bug10617. 2011-12-01 14:17:52 +05:30
Naredula Janardhana Reddy
f1b99f4f07 Revert "bug 10617: merging code from branch bug10617" 
This reverts commit 8bc33448b9220534ba0ddc6c642ffb1e69d5844e.

Conflicts:

	server/src/com/cloud/api/ApiResponseHelper.java
 2011-11-11 20:23:26 +05:30
Naredula Janardhana Reddy
02adbd4bd3 bug 10617: merging code from branch bug10617 2011-11-10 15:23:48 +05:30
Chiradeep Vittal
d817f3c364 Revert "bug 10617: Added Egress rules to Security groups." 
revert pending review

This reverts commit a19212703b9734ebd44ebf55cfdd81ebdc9d7fe4.
 2011-09-12 14:45:58 -07:00
Chiradeep Vittal
53970c89dc Revert "bug 10617: blocking between security groups for egress rules fixed." 
revert pending review

This reverts commit 7d30dfd79e3c4b01492f606333c26e36bcdc5d13.
 2011-09-12 14:45:58 -07:00
Chiradeep Vittal
e216686029 Revert "bug 10617: Intermediate checking" 
revert pending review

This reverts commit 561b27565512d438db3d8896df6f97b644b0b498.
 2011-09-12 14:45:58 -07:00
Naredula Janardhana Reddy
f9b0962ad9 bug 10617: Intermediate checking 
Changes :
         - Fixing API doc +response name + errorMessage
         - Adding seperate events to Egress rules
         - Egress rules Using the same database table as that of ingress with new column type.

   Pending Tasks:
         - db upgrade
         - database table rename from security_ingress_rule to generic name, renaming some of the jave class from ingress to generic name.
         - Retesting on kvm
 2011-09-09 18:14:19 +05:30
Naredula Janardhana Reddy
10d2ca8d0a bug 10617: blocking between security groups for egress rules fixed. 2011-09-02 16:17:08 +05:30
Naredula Janardhana Reddy
854f81962f bug 10617: Added Egress rules to Security groups. 
Description :
   API's:
     -  Two new api's authorizeSecurityGroupEgress,revokeSecurityGroupEgressCmd are added. These two API's are similer to ingress rule API's.
           - authorizeSecurityGroupEgress :Authorizes a particular egress rule for this security group . Usageof API is very similer to that of authorizeSecurityGroupIngress except that instead of source cidr  there will be destination cidr. By default like ingress, all the outgoing flows are blocked.
           - revokeSecurityGroupEgress : It is similer to revokeSecurityGroupIngress api, It removes the egress rule.
     -  listSecurityGroup API's response changed. It include's egress list apart from the existing ingress rules in the output of the API.

   Hypervisors :
      - It is implemented in Xen and KVM.

   Pending Tasks :  Blocking using destination security groups.

   Previous commits: c9fda641673df7701f44963ef27e1d488f121219 , 24e4e44b8f0712a37147a3777833de3f9e24829e
 2011-08-30 16:28:35 +05:30
Edison Su
c3174664de after vm reboot, change the security group if needed 2011-07-29 15:28:16 -07:00
Edison Su
5724a016c6 fix security group clean up on centos 5 2011-07-26 16:57:49 -07:00
Edison Su
1e944a2d86 cleanup ebtables rules if vm is manually deleted 2011-06-20 10:32:05 -04:00
Edison Su
ad5162ef86 fix ebtable cleanup issue: on ubuntu, it's not got deleted if vm is stopped 2011-06-16 19:26:24 -04:00
Edison Su
49550aff44 fix ebtable, which should only add a new DNAT rule for dhcp server 2011-06-10 11:39:43 -04:00
Edison Su
8312f1314b remove augtools 2011-05-26 23:19:53 -04:00
Edison Su
29c510de28 need to insert iptable rules into FORWARD chain instead of append, as on rhel6, there is a reject rule added at the end of FORWARD 2011-05-13 16:05:20 -04:00
Edison Su
58e034fa41 add License header back 2011-05-03 11:47:10 -04:00
Chiradeep Vittal
303e2a7481 Start of zonesfeature / mycloud/cloudkit 2011-05-03 10:40:17 -07:00
Frank
92155522f2 Add license header to files 2011-04-14 11:23:14 -07:00
Edison Su
159f52c2ff bug 9242: add vlan dependence for ubuntu, and set name type to DEV_PLUS_VID_NO_PAD, before creating vlan 
status 9242: resolved fixed
 2011-03-31 19:11:15 -04:00
Edison Su
9ad5139fda fix delete security group rule 2011-03-03 13:44:48 -05:00
Edison Su
d7b7d6bc26 bug 8771: multitenancy on same host in security group 
status 8711: resolved fixed
 2011-03-01 16:38:06 -05:00
Edison Su
a7c6b9f28e fix security group rules 2011-02-28 12:16:40 -05:00
Edison Su
0e90ede56a don't break basic zone mode 2011-02-28 12:16:40 -05:00
Edison Su
2705adb3b1 security group is per bridge 2011-02-28 12:16:40 -05:00
Edison Su
adbd20ca5a bug 8655: add security group for direct tagged network 2011-02-23 15:53:14 -05:00
Edison Su
0c8b86fc56 add multiple nics support for security group 2011-02-23 15:52:04 -05:00
Edison Su
37cb0ae2c9 add security group for direct tagged vlan 2011-02-23 15:52:04 -05:00
Edison Su
4b355ca301 bug 8118: add security group back 
status 8118: resolved fixed
 2011-01-22 04:04:52 -05:00
edison
3a143577b9 bug 7659: fix the race condition that agent inside systemvm connecting to mgt server at the head of startcommand returning to mgt server, then got a NPE. and fix bugs in security group of KVM 
status 7659: resolved fixed
 2010-12-28 15:51:28 -08:00
edison
eebb1021c1 fix security bug for kvm 2010-12-20 16:58:02 -08:00
edison
19431d31d3 add security group support for kvm 2010-12-16 18:02:41 -08:00
Anthony Xu
f62d9ae9c9 remove unused files 2010-11-18 14:43:20 -08:00
edison
6944979f94 bug 7142: fix the race condition that multiple create vlan requests coming from mgt svr 
status 7142: resolved fixed
 2010-11-10 13:36:50 -08:00
Manuel Amador (Rudd-O)
14ae76781e Committing Kris' big merge 2010-08-11 16:02:57 -07:00
Manuel Amador (Rudd-O)
ac730ec496 Branch 2.1.refactor committed 2010-08-11 09:13:42 -07:00
Manuel Amador (Rudd-O)
05c020e1f6 Source code committed 2010-08-11 09:13:29 -07:00