Repository: cloudstack Updated Branches: refs/heads/master 6379ca454 -> 8c671c49b
CLOUDSTACK-7548:removeNICFromVM should check for networkId while checking for PF rules on the nic Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/8c671c49 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/8c671c49 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/8c671c49 Branch: refs/heads/master Commit: 8c671c49b3a351d2f72a727bae6724fd1234e71c Parents: 6379ca4 Author: Saksham Srivastava <[email protected]> Authored: Mon Sep 15 19:14:50 2014 +0530 Committer: Saksham Srivastava <[email protected]> Committed: Mon Sep 15 19:15:09 2014 +0530 ---------------------------------------------------------------------- .../rules/dao/PortForwardingRulesDao.java | 4 ++-- .../rules/dao/PortForwardingRulesDaoImpl.java | 4 ++-- .../cloud/network/rules/RulesManagerImpl.java | 19 ++++++++++++++----- 3 files changed, 18 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/8c671c49/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java ---------------------------------------------------------------------- diff --git a/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java index 5b0e748..b89d04a 100644 --- a/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java +++ b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java @@ -44,7 +44,7 @@ public interface PortForwardingRulesDao extends GenericDao<PortForwardingRuleVO, List<PortForwardingRuleVO> listByDestIpAddr(String ip4Address); - List<PortForwardingRuleVO> listByVmidAndDestIpAddr(String ip4Address,long vmid); - PortForwardingRuleVO findByIdAndIp(long id, String secondaryIp); + + List<PortForwardingRuleVO> listByNetworkAndDestIpAddr(String ip4Address, long networkId); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/8c671c49/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java ---------------------------------------------------------------------- diff --git a/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java index 6bc401b..3aa6181 100644 --- a/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java +++ b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java @@ -158,10 +158,10 @@ public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRul } @Override - public List<PortForwardingRuleVO> listByVmidAndDestIpAddr(String ip4Address,long vmid) { + public List<PortForwardingRuleVO> listByNetworkAndDestIpAddr(String ip4Address, long networkId) { SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create(); sc.setParameters("dstIp", ip4Address); - sc.setParameters("vmId", vmid); + sc.setParameters("networkId", networkId); return listBy(sc); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/8c671c49/server/src/com/cloud/network/rules/RulesManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java index 59025f2..56a075d 100755 --- a/server/src/com/cloud/network/rules/RulesManagerImpl.java +++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java @@ -1463,14 +1463,20 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules @Override public List<FirewallRuleVO> listAssociatedRulesForGuestNic(Nic nic) { + s_logger.debug("Checking if PF/StaticNat/LoadBalancer rules are configured for nic " + nic.getId()); List<FirewallRuleVO> result = new ArrayList<FirewallRuleVO>(); // add PF rules - result.addAll(_portForwardingDao.listByVmidAndDestIpAddr(nic.getIp4Address(),nic.getInstanceId())); + result.addAll(_portForwardingDao.listByNetworkAndDestIpAddr(nic.getIp4Address(), nic.getNetworkId())); + if(result.size() > 0) { + s_logger.debug("Found " + result.size() + " portforwarding rule configured for the nic in the network " + nic.getNetworkId()); + } // add static NAT rules List<FirewallRuleVO> staticNatRules = _firewallDao.listStaticNatByVmId(nic.getInstanceId()); for (FirewallRuleVO rule : staticNatRules) { - if (rule.getNetworkId() == nic.getNetworkId()) + if (rule.getNetworkId() == nic.getNetworkId()) { result.add(rule); + s_logger.debug("Found rule " + rule.getId() + " " + rule.getPurpose() + " configured"); + } } List<? extends IpAddress> staticNatIps = _ipAddressDao.listStaticNatPublicIps(nic.getNetworkId()); for (IpAddress ip : staticNatIps) { @@ -1479,17 +1485,20 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules // generate a static Nat rule on the fly because staticNATrule does not persist into db anymore // FIX ME FirewallRuleVO staticNatRule = - new FirewallRuleVO(null, ip.getId(), 0, 65535, NetUtils.ALL_PROTO.toString(), nic.getNetworkId(), vm.getAccountId(), vm.getDomainId(), - Purpose.StaticNat, null, null, null, null, null); + new FirewallRuleVO(null, ip.getId(), 0, 65535, NetUtils.ALL_PROTO.toString(), nic.getNetworkId(), vm.getAccountId(), vm.getDomainId(), + Purpose.StaticNat, null, null, null, null, null); result.add(staticNatRule); + s_logger.debug("Found rule " + staticNatRule.getId() + " " + staticNatRule.getPurpose() + " configured"); } } // add LB rules List<LoadBalancerVMMapVO> lbMapList = _loadBalancerVMMapDao.listByInstanceId(nic.getInstanceId()); for (LoadBalancerVMMapVO lb : lbMapList) { FirewallRuleVO lbRule = _firewallDao.findById(lb.getLoadBalancerId()); - if (lbRule.getNetworkId() == nic.getNetworkId()) + if (lbRule.getNetworkId() == nic.getNetworkId()) { result.add(lbRule); + s_logger.debug("Found rule " + lbRule.getId() + " " + lbRule.getPurpose() + " configured"); + } } return result; }
