From 0e90ede56aa9ab2a409efd45a7e7581ae54b5011 Mon Sep 17 00:00:00 2001
From: Edison Su <edison@cloud.com>
Date: Fri, 25 Feb 2011 22:31:38 -0500
Subject: [PATCH] don't break basic zone mode

---
 scripts/vm/network/security_group.py            | 17 ++++++++++++++---
 .../configuration/ConfigurationManagerImpl.java |  2 +-
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py
index 93fed8407af..ad6983f6165 100755
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@@ -90,6 +90,7 @@ def ipset(ipsetname, proto, start, end, ips):
 
 def destroy_network_rules_for_vm(vm_name):
     vmchain = vm_name
+    vmchain_default = None
     
     delete_rules_for_vm_in_bridge_firewall_chain(vm_name)
     if vm_name.startswith('i-') or vm_name.startswith('r-'):
@@ -98,13 +99,23 @@ def destroy_network_rules_for_vm(vm_name):
     destroy_ebtables_rules(vmchain)
     
     try:
-        execute("iptables -F " + vmchain_default)
-        execute("iptables -X " + vmchain_default)
+        if vmchain_default != None: 
+            execute("iptables -F " + vmchain_default)
     except:
-        logging.exception("Ignoring failure to delete  chain " + vmchain_default)
+        logging.debug("Ignoring failure to delete  chain " + vmchain_default)
     
+    try:
+        if vmchain_default != None: 
+            execute("iptables -X " + vmchain_default)
+    except:
+        logging.debug("Ignoring failure to delete  chain " + vmchain_default)
+
     try:
         execute("iptables -F " + vmchain)
+    except:
+        logging.debug("Ignoring failure to delete  chain " + vmchain)
+    
+    try:
         execute("iptables -X " + vmchain)
     except:
         logging.debug("Ignoring failure to delete  chain " + vmchain)
diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
index b550aa2c99d..672c7489556 100755
--- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -1584,7 +1584,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
             throw new InvalidParameterValueException("Unable to find zone by id " + zoneId);
         }
         
-        if (zone.isSecurityGroupEnabled() && forVirtualNetwork) {
+        if (zone.isSecurityGroupEnabled() && zone.getNetworkType() != DataCenter.NetworkType.Basic && forVirtualNetwork) {
             throw new InvalidParameterValueException("Can't add virtual network into a zone with security group enabled");
         }