From 1aee7561841e619306de65b4ae67a5c16a26b5d0 Mon Sep 17 00:00:00 2001
From: abhishek <abhishek@cloud.com>
Date: Tue, 30 Nov 2010 10:05:32 -0800
Subject: [PATCH] bug 7345: During the expunge operation, we were not calling
 the deleteipforwardingrule method, for a rule which was static nat. Adding
 that logic. Also, making a change in the domr script as we do not need to
 execute a line on deletion of a rule status 7345: resolved fixed

---
 patches/systemvm/debian/config/root/firewall.sh |  2 --
 server/src/com/cloud/vm/UserVmManagerImpl.java  | 12 +++++++++---
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/patches/systemvm/debian/config/root/firewall.sh b/patches/systemvm/debian/config/root/firewall.sh
index 2def133e108..494361057a2 100755
--- a/patches/systemvm/debian/config/root/firewall.sh
+++ b/patches/systemvm/debian/config/root/firewall.sh
@@ -91,8 +91,6 @@ add_one_to_one_nat_entry() {
   if [ "$op" == "-A" ]
   then
     iptables -P FORWARD DROP
-  else
-    iptables -P FORWARD ACCEPT
   fi
   iptables $op FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
   iptables $op FORWARD -i eth2 -o eth0 -d $guestIp -m state --state NEW -j ACCEPT
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index af6470c4100..d370f975d08 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -2245,9 +2245,15 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, VirtualM
 						{
 							if((publicIp.getAccountId().longValue() == vm.getAccountId()))
 							{
-								_networkMgr.deletePortForwardingRule(rule.getId(),true);//delete the rule with the sys user's credentials
-								if(s_logger.isDebugEnabled())
-									s_logger.debug("Rule "+rule.getId()+" for vm:"+vm.getHostName()+" is deleted successfully during expunge operation");
+								if(publicIp.isOneToOneNat()){
+									_networkMgr.deleteIpForwardingRule(rule.getId());
+									if(s_logger.isDebugEnabled())
+										s_logger.debug("Rule "+rule.getId()+" for vm:"+vm.getHostName()+" is deleted successfully during expunge operation");									
+								}else{
+									_networkMgr.deletePortForwardingRule(rule.getId(),true);//delete the rule with the sys user's credentials
+									if(s_logger.isDebugEnabled())
+										s_logger.debug("Rule "+rule.getId()+" for vm:"+vm.getHostName()+" is deleted successfully during expunge operation");
+								}
 							}
 						}
 					}