From eaf562899835cc6d98172f989a046559cc8d6dbc Mon Sep 17 00:00:00 2001
From: Jessica Wang <jessica.wang@citrix.com>
Date: Wed, 22 Aug 2012 15:19:43 -0700
Subject: [PATCH 1/4] CS-16134: cloudstack 3.0 UI - autoscale - basic zone of
 elastic IP - Add Load Balancer tab - pass domainid and account to
 createLoadBalancerRule API since IP Address is not available. (Reviewed-by:
 Brian)

---
 ui/scripts/autoscaler.js | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/ui/scripts/autoscaler.js b/ui/scripts/autoscaler.js
index f36ae27715a..7719e22fda9 100644
--- a/ui/scripts/autoscaler.js
+++ b/ui/scripts/autoscaler.js
@@ -1243,8 +1243,17 @@
             openfirewall: false,
             networkid: networkid
           };
-          if(args.context.ipAddresses != undefined)
-            data = $.extend(data, {publicipid: args.context.ipAddresses[0].id});
+          if(args.context.ipAddresses != null) {
+            data = $.extend(data, {
+						  publicipid: args.context.ipAddresses[0].id
+						});
+					}
+					else {
+					  data = $.extend(data, {
+						  domainid: g_domainid,
+              account: g_account
+						});
+					}
 
           $.ajax({
             url: createURL('createLoadBalancerRule'),

From 3095f51d81b3032a1444d8534a3061d423205eb6 Mon Sep 17 00:00:00 2001
From: Brian Federle <brian.federle@citrix.com>
Date: Wed, 22 Aug 2012 15:21:28 -0700
Subject: [PATCH 2/4] CS-16138: Fix instance wizard 'add network' radio button

When no guest networks are present but VPC tier is, fix 'add new
network' radio button being unselected.

reviewed-by: jessica
---
 ui/scripts/ui-custom/instanceWizard.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ui/scripts/ui-custom/instanceWizard.js b/ui/scripts/ui-custom/instanceWizard.js
index ff604732b13..7536f30508a 100644
--- a/ui/scripts/ui-custom/instanceWizard.js
+++ b/ui/scripts/ui-custom/instanceWizard.js
@@ -485,8 +485,7 @@
                 $checkbox.attr('checked', false);
                 $newNetwork.addClass('unselected');
               } else {
-                $checkbox.attr('checked', true);
-                $newNetwork.removeClass('unselected');
+                $newNetwork.find('input[name=defaultNetwork]').filter('[value=new-network]').click();
               }
 
               $checkbox.change();

From fb20d5a9cae8973cb7157d448d96f20fe739e472 Mon Sep 17 00:00:00 2001
From: anthony <anthony@cloud.com>
Date: Wed, 22 Aug 2012 15:31:31 -0700
Subject: [PATCH 3/4] Bug 13734 : after upgrade, dhcp traffic is allowed for
 all VMs

reviewed-by: kelven
---
 scripts/vm/hypervisor/xenserver/vmops | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops
index ed9a5340e7f..3102a6eb979 100755
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@@ -431,6 +431,19 @@ def can_bridge_firewall(session, args):
         util.pread2(['iptables', '-D', 'FORWARD',  '-j', 'RH-Firewall-1-INPUT'])
     except:
         util.SMlog('Chain BRIDGE-FIREWALL already exists')
+
+    try:
+        util.pread2(['iptables', '-N', 'BRIDGE-DEFAULT-FIREWALL'])
+        util.pread2(['iptables', '-A', 'BRIDGE-DEFAULT-FIREWALL', '-m', 'state', '--state', 'RELATED,ESTABLISHED', '-j', 'ACCEPT'])
+        util.pread2(['iptables', '-A', 'BRIDGE-DEFAULT-FIREWALL', '-m', 'physdev', '--physdev-is-bridged',  '-p', 'udp', '--dport', '67', '--sport', '68',  '-j', 'ACCEPT'])
+        util.pread2(['iptables', '-A', 'BRIDGE-DEFAULT-FIREWALL', '-m', 'physdev', '--physdev-is-bridged',  '-p', 'udp', '--dport', '68', '--sport', '67',  '-j', 'ACCEPT'])
+        util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '-j', 'BRIDGE-DEFAULT-FIREWALL'])
+        util.pread2(['iptables', '-D', 'BRIDGE-FIREWALL', '-m', 'state', '--state', 'RELATED,ESTABLISHED', '-j', 'ACCEPT'])
+        util.pread2(['iptables', '-D', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged',  '-p', 'udp', '--dport', '67', '--sport', '68',  '-j', 'ACCEPT'])
+        util.pread2(['iptables', '-D', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged',  '-p', 'udp', '--dport', '68', '--sport', '67',  '-j', 'ACCEPT'])
+    except:
+        util.SMlog('Chain BRIDGE-DEFAULT-FIREWALL already exists')
+
     privnic = get_private_nic(session, args)
     result = 'true'
     try:
@@ -756,7 +769,7 @@ def default_network_rules_systemvm(session, args):
     for vif in vifs:
         try:
             util.pread2(['iptables', '-A', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', vif, '-j', vmchain])
-            util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '4', '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', vif, '-j', vmchain])
+            util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '2', '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', vif, '-j', vmchain])
             util.pread2(['iptables', '-I', vmchain, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', vif, '-j', 'RETURN'])
         except:
             util.SMlog("Failed to program default rules")
@@ -828,7 +841,7 @@ def default_network_rules(session, args):
     try:
         for v in vifs:
             util.pread2(['iptables', '-A', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', v, '-j', vmchain_default])
-            util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '4', '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-j', vmchain_default])
+            util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '2', '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-j', vmchain_default])
 
         #don't let vm spoof its ip address
         for v in vifs:
@@ -933,7 +946,7 @@ def network_rules_for_rebooted_vm(session, vmName):
 
     for v in vifs:
         util.pread2(['iptables', '-A', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', v, '-j', vmchain_default])
-        util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '4', '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-j', vmchain_default])
+        util.pread2(['iptables', '-I', 'BRIDGE-FIREWALL', '2', '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-j', vmchain_default])
 
     #change antispoof rule in vmchain
     try:

From 71bd6b41c6b939ce1a6b4785ba064a89415e66d9 Mon Sep 17 00:00:00 2001
From: anthony <anthony@cloud.com>
Date: Wed, 22 Aug 2012 15:52:29 -0700
Subject: [PATCH 4/4] CS-15542, return success when vif is not there on
 deipassoc

reviewed-by : kelven
---
 .../cloud/hypervisor/vmware/resource/VmwareResource.java   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 4d612b18e3e..1e291b1c774 100755
--- a/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -1495,7 +1495,12 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
 
         int ethDeviceNum = this.findRouterEthDeviceIndex(domrName, routerIp, ip.getVifMacAddress());
         if (ethDeviceNum < 0) {
-            throw new InternalErrorException("Failed to find DomR VIF to associate/disassociate IP with.");
+            if (ip.isAdd()) {
+                throw new InternalErrorException("Failed to find DomR VIF to associate/disassociate IP with.");
+            } else {
+                 s_logger.debug("VIF to deassociate IP with does not exist, return success");
+                return;
+            }
         }           
 
         String args = "";