From 318c7f2af0a664c057ec1ed057ccaad608339f62 Mon Sep 17 00:00:00 2001
From: Jayapal <jayapalreddy.uradi@citrix.com>
Date: Fri, 26 Apr 2013 14:28:02 +0530
Subject: [PATCH] CLOUDSTACK-1794 Throwing error when configuring egress rules
 for shared networks

---
 .../cloud/network/firewall/FirewallManagerImpl.java  | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
index 080f7b0edf6..4ad8868b86a 100644
--- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
+++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
@@ -27,6 +27,7 @@ import javax.ejb.Local;
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.network.dao.*;
 import org.apache.cloudstack.api.command.user.firewall.ListFirewallRulesCmd;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
@@ -56,10 +57,6 @@ import com.cloud.network.Networks.TrafficType;
 import com.cloud.network.NetworkManager;
 import com.cloud.network.NetworkModel;
 import com.cloud.network.NetworkRuleApplier;
-import com.cloud.network.dao.FirewallRulesCidrsDao;
-import com.cloud.network.dao.FirewallRulesDao;
-import com.cloud.network.dao.IPAddressDao;
-import com.cloud.network.dao.IPAddressVO;
 import com.cloud.network.element.FirewallServiceProvider;
 import com.cloud.network.element.NetworkACLServiceProvider;
 import com.cloud.network.element.PortForwardingServiceProvider;
@@ -127,6 +124,8 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
     @Inject
     ResourceTagDao _resourceTagDao;
     @Inject
+    NetworkDao _networkDao;
+    @Inject
     VpcManager _vpcMgr;
     @Inject List<FirewallServiceProvider> _firewallElements;
 
@@ -150,6 +149,11 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
     @Override
     public FirewallRule createEgressFirewallRule(FirewallRule rule) throws NetworkRuleConflictException {
         Account caller = UserContext.current().getCaller();
+
+        Network network = _networkDao.findById(rule.getNetworkId());
+        if (network.getGuestType() == Network.GuestType.Shared) {
+            throw new InvalidParameterValueException("Egress firewall rules are not supported for " + network.getGuestType() + "  networks");
+        }
         
         return createFirewallRule(null, caller, rule.getXid(), rule.getSourcePortStart(), 
                 rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(), rule.getIcmpCode(),