diff --git a/api/src/com/cloud/api/ResponseGenerator.java b/api/src/com/cloud/api/ResponseGenerator.java index 9e6ab8e6b3a..7a29c5ff583 100755 --- a/api/src/com/cloud/api/ResponseGenerator.java +++ b/api/src/com/cloud/api/ResponseGenerator.java @@ -113,7 +113,6 @@ import com.cloud.network.VpnUser; import com.cloud.network.router.VirtualRouter; import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.LoadBalancer; -import com.cloud.network.rules.NetworkACL; import com.cloud.network.rules.PortForwardingRule; import com.cloud.network.rules.StaticNatRule; import com.cloud.network.rules.StickinessPolicy; @@ -323,7 +322,7 @@ public interface ResponseGenerator { * @param networkACL * @return */ - NetworkACLResponse createNetworkACLResponse(NetworkACL networkACL); + NetworkACLResponse createNetworkACLResponse(FirewallRule networkACL); /** * @param result diff --git a/api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java b/api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java index 5ab908b248a..ca33c41527f 100644 --- a/api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java +++ b/api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java @@ -316,5 +316,10 @@ public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements Firewal public AsyncJob.Type getInstanceType() { return AsyncJob.Type.FirewallRule; } + + @Override + public TrafficType getTrafficType() { + return null; + } } diff --git a/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java b/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java index ba2992b5ebc..a688d134352 100644 --- a/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java +++ b/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java @@ -302,5 +302,10 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta public AsyncJob.Type getInstanceType() { return AsyncJob.Type.FirewallRule; } + + @Override + public TrafficType getTrafficType() { + return null; + } } diff --git a/api/src/com/cloud/api/commands/CreateNetworkACLCmd.java b/api/src/com/cloud/api/commands/CreateNetworkACLCmd.java index 2016f29b6e3..25d433b5c9e 100644 --- a/api/src/com/cloud/api/commands/CreateNetworkACLCmd.java +++ b/api/src/com/cloud/api/commands/CreateNetworkACLCmd.java @@ -22,7 +22,6 @@ import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.Network; import com.cloud.network.rules.FirewallRule; -import com.cloud.network.rules.NetworkACL; import com.cloud.network.vpc.Vpc; import com.cloud.user.Account; import com.cloud.user.UserContext; @@ -30,7 +29,7 @@ import com.cloud.utils.net.NetUtils; @Implementation(description = "Creates a ACL rule the given network (the network has to belong to VPC)", responseObject = NetworkACLResponse.class) -public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements NetworkACL { +public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallRule { public static final Logger s_logger = Logger.getLogger(CreateNetworkACLCmd.class.getName()); private static final String s_name = "createnetworkaclresponse"; @@ -139,7 +138,7 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements NetworkAC public void execute() throws ResourceUnavailableException { UserContext callerContext = UserContext.current(); boolean success = false; - NetworkACL rule = _networkACLService.getNetworkACL(getEntityId()); + FirewallRule rule = _networkACLService.getNetworkACL(getEntityId()); try { UserContext.current().setEventDetails("Rule Id: " + getEntityId()); success = _networkACLService.applyNetworkACLs(rule.getNetworkId(), callerContext.getCaller()); @@ -239,7 +238,7 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements NetworkAC } try { - NetworkACL result = _networkACLService.createNetworkACL(this); + FirewallRule result = _networkACLService.createNetworkACL(this); setEntityId(result.getId()); } catch (NetworkRuleConflictException ex) { s_logger.info("Network rule conflict: " + ex.getMessage()); diff --git a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java index f60d840f885..666611476aa 100644 --- a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java +++ b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java @@ -358,4 +358,9 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P return AsyncJob.Type.FirewallRule; } + @Override + public TrafficType getTrafficType() { + return null; + } + } diff --git a/api/src/com/cloud/api/commands/DeleteNetworkACLCmd.java b/api/src/com/cloud/api/commands/DeleteNetworkACLCmd.java index 414822bdb33..9c0846544dd 100644 --- a/api/src/com/cloud/api/commands/DeleteNetworkACLCmd.java +++ b/api/src/com/cloud/api/commands/DeleteNetworkACLCmd.java @@ -29,7 +29,7 @@ import com.cloud.async.AsyncJob; import com.cloud.event.EventTypes; import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.ResourceUnavailableException; -import com.cloud.network.rules.NetworkACL; +import com.cloud.network.rules.FirewallRule; import com.cloud.user.UserContext; @Implementation(description="Deletes a Network ACL", responseObject=SuccessResponse.class) @@ -78,7 +78,7 @@ public class DeleteNetworkACLCmd extends BaseAsyncCmd { @Override public long getEntityOwnerId() { if (ownerId == null) { - NetworkACL rule = _networkACLService.getNetworkACL(id); + FirewallRule rule = _networkACLService.getNetworkACL(id); if (rule == null) { throw new InvalidParameterValueException("Unable to find network ACL by id=" + id); } else { diff --git a/api/src/com/cloud/api/commands/ListNetworkACLsCmd.java b/api/src/com/cloud/api/commands/ListNetworkACLsCmd.java index c6e477b9428..e7d37907dad 100644 --- a/api/src/com/cloud/api/commands/ListNetworkACLsCmd.java +++ b/api/src/com/cloud/api/commands/ListNetworkACLsCmd.java @@ -26,10 +26,9 @@ import com.cloud.api.BaseListProjectAndAccountResourcesCmd; import com.cloud.api.IdentityMapper; import com.cloud.api.Implementation; import com.cloud.api.Parameter; -import com.cloud.api.response.FirewallResponse; import com.cloud.api.response.ListResponse; import com.cloud.api.response.NetworkACLResponse; -import com.cloud.network.rules.NetworkACL; +import com.cloud.network.rules.FirewallRule; @Implementation(description="Lists all network ACLs", responseObject=NetworkACLResponse.class) public class ListNetworkACLsCmd extends BaseListProjectAndAccountResourcesCmd { @@ -78,11 +77,11 @@ public class ListNetworkACLsCmd extends BaseListProjectAndAccountResourcesCmd { @Override public void execute(){ - List result = _networkACLService.listNetworkACLs(this); + List result = _networkACLService.listNetworkACLs(this); ListResponse response = new ListResponse(); List aclResponses = new ArrayList(); - for (NetworkACL acl : result) { + for (FirewallRule acl : result) { NetworkACLResponse ruleData = _responseGenerator.createNetworkACLResponse(acl); aclResponses.add(ruleData); } diff --git a/api/src/com/cloud/network/firewall/NetworkACLService.java b/api/src/com/cloud/network/firewall/NetworkACLService.java index 3cdb0583aae..4aaf058d93e 100644 --- a/api/src/com/cloud/network/firewall/NetworkACLService.java +++ b/api/src/com/cloud/network/firewall/NetworkACLService.java @@ -17,21 +17,21 @@ import java.util.List; import com.cloud.api.commands.ListNetworkACLsCmd; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.ResourceUnavailableException; -import com.cloud.network.rules.NetworkACL; +import com.cloud.network.rules.FirewallRule; import com.cloud.user.Account; /** * @author Alena Prokharchyk */ public interface NetworkACLService { - NetworkACL getNetworkACL(long ruleId); + FirewallRule getNetworkACL(long ruleId); boolean applyNetworkACLs(long networkId, Account caller) throws ResourceUnavailableException; /** * @param createNetworkACLCmd * @return */ - NetworkACL createNetworkACL(NetworkACL acl) throws NetworkRuleConflictException; + FirewallRule createNetworkACL(FirewallRule acl) throws NetworkRuleConflictException; /** * @param ruleId * @param apply @@ -42,6 +42,6 @@ public interface NetworkACLService { * @param listNetworkACLsCmd * @return */ - List listNetworkACLs(ListNetworkACLsCmd cmd); + List listNetworkACLs(ListNetworkACLsCmd cmd); } diff --git a/api/src/com/cloud/network/lb/LoadBalancingRule.java b/api/src/com/cloud/network/lb/LoadBalancingRule.java index d49d0e9971a..9b4eddcc61c 100644 --- a/api/src/com/cloud/network/lb/LoadBalancingRule.java +++ b/api/src/com/cloud/network/lb/LoadBalancingRule.java @@ -218,4 +218,9 @@ public class LoadBalancingRule implements FirewallRule, LoadBalancer{ public FirewallRuleType getType() { return FirewallRuleType.User; } + + @Override + public TrafficType getTrafficType() { + return null; + } } diff --git a/api/src/com/cloud/network/rules/FirewallRule.java b/api/src/com/cloud/network/rules/FirewallRule.java index cb79e5eb18f..5c57dffcd78 100644 --- a/api/src/com/cloud/network/rules/FirewallRule.java +++ b/api/src/com/cloud/network/rules/FirewallRule.java @@ -19,6 +19,7 @@ package com.cloud.network.rules; import java.util.List; import com.cloud.acl.ControlledEntity; +import com.cloud.network.rules.FirewallRule.TrafficType; public interface FirewallRule extends ControlledEntity { enum Purpose { @@ -90,4 +91,9 @@ public interface FirewallRule extends ControlledEntity { FirewallRuleType getType(); + /** + * @return + */ + TrafficType getTrafficType(); + } diff --git a/api/src/com/cloud/network/rules/NetworkACL.java b/api/src/com/cloud/network/rules/NetworkACL.java deleted file mode 100644 index d0f7f21eca0..00000000000 --- a/api/src/com/cloud/network/rules/NetworkACL.java +++ /dev/null @@ -1,26 +0,0 @@ -// Copyright 2012 Citrix Systems, Inc. Licensed under the -// Apache License, Version 2.0 (the "License"); you may not use this -// file except in compliance with the License. Citrix Systems, Inc. -// reserves all rights not expressly granted by the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Automatically generated by addcopyright.py at 04/03/2012 -package com.cloud.network.rules; - - -/** - * @author Alena Prokharchyk - */ -public interface NetworkACL extends FirewallRule{ - - /** - * @return - */ - TrafficType getTrafficType(); - -} diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java index ded86e92fdb..b9c5444546f 100755 --- a/server/src/com/cloud/api/ApiResponseHelper.java +++ b/server/src/com/cloud/api/ApiResponseHelper.java @@ -151,7 +151,6 @@ import com.cloud.network.VpnUser; import com.cloud.network.router.VirtualRouter; import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.LoadBalancer; -import com.cloud.network.rules.NetworkACL; import com.cloud.network.rules.PortForwardingRule; import com.cloud.network.rules.StaticNatRule; import com.cloud.network.rules.StickinessPolicy; @@ -2983,7 +2982,7 @@ public class ApiResponseHelper implements ResponseGenerator { } @Override - public NetworkACLResponse createNetworkACLResponse(NetworkACL networkACL) { + public NetworkACLResponse createNetworkACLResponse(FirewallRule networkACL) { NetworkACLResponse response = new NetworkACLResponse(); response.setId(networkACL.getId()); diff --git a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java index 1be7b0b0b57..83a64505802 100644 --- a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java +++ b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java @@ -46,7 +46,6 @@ import com.cloud.network.router.VirtualRouter; import com.cloud.network.router.VirtualRouter.Role; import com.cloud.network.router.VpcVirtualNetworkApplianceManager; import com.cloud.network.rules.FirewallRule; -import com.cloud.network.rules.NetworkACL; import com.cloud.network.vpc.PrivateGateway; import com.cloud.network.vpc.StaticRouteProfile; import com.cloud.network.vpc.Vpc; @@ -406,7 +405,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc return true; } - if (!_vpcRouterMgr.applyNetworkACLs(config, (List)rules, routers)) { + if (!_vpcRouterMgr.applyNetworkACLs(config, rules, routers)) { throw new CloudRuntimeException("Failed to apply firewall rules in network " + config.getId()); } else { return true; diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java index f0a3cececd3..fd05e984217 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java @@ -22,10 +22,10 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.Network; import com.cloud.network.Site2SiteVpnConnection; import com.cloud.network.VpcVirtualNetworkApplianceService; -import com.cloud.network.rules.NetworkACL; +import com.cloud.network.rules.FirewallRule; +import com.cloud.network.vpc.PrivateGateway; import com.cloud.network.vpc.StaticRouteProfile; import com.cloud.network.vpc.Vpc; -import com.cloud.network.vpc.PrivateGateway; import com.cloud.user.Account; import com.cloud.vm.DomainRouterVO; import com.cloud.vm.VirtualMachineProfile.Param; @@ -56,7 +56,7 @@ public interface VpcVirtualNetworkApplianceManager extends VirtualNetworkApplian * @return * @throws ResourceUnavailableException */ - boolean applyNetworkACLs(Network network, List rules, List routers) + boolean applyNetworkACLs(Network network, List rules, List routers) throws ResourceUnavailableException; /** diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index 7c30c804ef0..5738d5add97 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -59,7 +59,6 @@ import com.cloud.network.Network; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; import com.cloud.network.NetworkService; -import com.cloud.network.NetworkVO; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.IsolationType; import com.cloud.network.Networks.TrafficType; @@ -74,9 +73,7 @@ import com.cloud.network.VirtualRouterProvider.VirtualRouterProviderType; import com.cloud.network.VpcVirtualNetworkApplianceService; import com.cloud.network.addr.PublicIp; import com.cloud.network.dao.PhysicalNetworkDao; -import com.cloud.network.dao.Site2SiteVpnConnectionDao; -import com.cloud.network.firewall.NetworkACLService; -import com.cloud.network.rules.NetworkACL; +import com.cloud.network.rules.FirewallRule; import com.cloud.network.vpc.NetworkACLManager; import com.cloud.network.vpc.PrivateGateway; import com.cloud.network.vpc.PrivateIpAddress; @@ -90,7 +87,6 @@ import com.cloud.network.vpc.Dao.PrivateIpDao; import com.cloud.network.vpc.Dao.StaticRouteDao; import com.cloud.network.vpc.Dao.VpcDao; import com.cloud.network.vpc.Dao.VpcOfferingDao; -import com.cloud.network.vpn.Site2SiteVpnService; import com.cloud.user.Account; import com.cloud.utils.Pair; import com.cloud.utils.component.Inject; @@ -102,7 +98,6 @@ import com.cloud.vm.Nic; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; import com.cloud.vm.VirtualMachine; -import com.cloud.vm.VirtualMachine.State; import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.VirtualMachineProfile.Param; import com.cloud.vm.dao.VMInstanceDao; @@ -690,7 +685,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian } @Override - public boolean applyNetworkACLs(Network network, final List rules, List routers) + public boolean applyNetworkACLs(Network network, final List rules, List routers) throws ResourceUnavailableException { if (rules == null || rules.isEmpty()) { s_logger.debug("No network ACLs to be applied for network " + network.getId()); @@ -699,20 +694,20 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian return applyRules(network, routers, "network acls", false, null, false, new RuleApplier() { @Override public boolean execute(Network network, VirtualRouter router) throws ResourceUnavailableException { - return sendNetworkACLs(router, (List)rules, network.getId()); + return sendNetworkACLs(router, rules, network.getId()); } }); } - protected boolean sendNetworkACLs(VirtualRouter router, List rules, long guestNetworkId) + protected boolean sendNetworkACLs(VirtualRouter router, List rules, long guestNetworkId) throws ResourceUnavailableException { Commands cmds = new Commands(OnError.Continue); createNetworkACLsCommands(rules, router, cmds, guestNetworkId); return sendCommandsToRouter(router, cmds); } - private void createNetworkACLsCommands(List rules, VirtualRouter router, Commands cmds, long guestNetworkId) { + private void createNetworkACLsCommands(List rules, VirtualRouter router, Commands cmds, long guestNetworkId) { List rulesTO = null; String guestVlan = null; Network guestNtwk = _networkDao.findById(guestNetworkId); @@ -724,7 +719,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian if (rules != null) { rulesTO = new ArrayList(); - for (NetworkACL rule : rules) { + for (FirewallRule rule : rules) { NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType()); rulesTO.add(ruleTO); } @@ -892,11 +887,11 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian super.finalizeNetworkRulesForNetwork(cmds, router, provider, guestNetworkId); if (_networkMgr.isProviderSupportServiceInNetwork(guestNetworkId, Service.NetworkACL, Provider.VPCVirtualRouter)) { - List networkACLs = _networkACLMgr.listNetworkACLs(guestNetworkId); + List networkACLs = _networkACLMgr.listNetworkACLs(guestNetworkId); s_logger.debug("Found " + networkACLs.size() + " network ACLs to apply as a part of VPC VR " + router + " start for guest network id=" + guestNetworkId); if (!networkACLs.isEmpty()) { - createNetworkACLsCommands((List)networkACLs, router, cmds, guestNetworkId); + createNetworkACLsCommands(networkACLs, router, cmds, guestNetworkId); } } } diff --git a/server/src/com/cloud/network/rules/FirewallRuleVO.java b/server/src/com/cloud/network/rules/FirewallRuleVO.java index 625d2db7fcc..fc37d62abc8 100644 --- a/server/src/com/cloud/network/rules/FirewallRuleVO.java +++ b/server/src/com/cloud/network/rules/FirewallRuleVO.java @@ -44,7 +44,7 @@ import com.cloud.utils.net.NetUtils; @Table(name="firewall_rules") @Inheritance(strategy=InheritanceType.JOINED) @DiscriminatorColumn(name="purpose", discriminatorType=DiscriminatorType.STRING, length=32) -public class FirewallRuleVO implements Identity, NetworkACL { +public class FirewallRuleVO implements Identity, FirewallRule { protected final FirewallRulesCidrsDaoImpl _firewallRulesCidrsDao = ComponentLocator.inject(FirewallRulesCidrsDaoImpl.class); @Id diff --git a/server/src/com/cloud/network/rules/StaticNatRuleImpl.java b/server/src/com/cloud/network/rules/StaticNatRuleImpl.java index f611d24b063..4ae7ab2adab 100644 --- a/server/src/com/cloud/network/rules/StaticNatRuleImpl.java +++ b/server/src/com/cloud/network/rules/StaticNatRuleImpl.java @@ -18,8 +18,6 @@ package com.cloud.network.rules; import java.util.List; -import com.cloud.network.rules.FirewallRule.FirewallRuleType; - public class StaticNatRuleImpl implements StaticNatRule{ long id; @@ -132,5 +130,10 @@ public class StaticNatRuleImpl implements StaticNatRule{ public FirewallRuleType getType() { return FirewallRuleType.User; } + + @Override + public TrafficType getTrafficType() { + return null; + } } diff --git a/server/src/com/cloud/network/vpc/NetworkACLManager.java b/server/src/com/cloud/network/vpc/NetworkACLManager.java index 01f54f01b2f..c271bfa9c96 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManager.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManager.java @@ -16,7 +16,7 @@ import java.util.List; import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.firewall.NetworkACLService; -import com.cloud.network.rules.NetworkACL; +import com.cloud.network.rules.FirewallRule; import com.cloud.user.Account; /** @@ -33,6 +33,6 @@ public interface NetworkACLManager extends NetworkACLService{ */ boolean revokeAllNetworkACLsForNetwork(long networkId, long userId, Account caller) throws ResourceUnavailableException; - List listNetworkACLs(long guestNtwkId); + List listNetworkACLs(long guestNtwkId); } diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java index 985f7145ad8..faef7115ed9 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java @@ -42,7 +42,6 @@ import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.FirewallRule.Purpose; import com.cloud.network.rules.FirewallRule.TrafficType; import com.cloud.network.rules.FirewallRuleVO; -import com.cloud.network.rules.NetworkACL; import com.cloud.projects.Project.ListProjectResourcesCriteria; import com.cloud.user.Account; import com.cloud.user.AccountManager; @@ -111,7 +110,7 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ } @Override - public NetworkACL createNetworkACL(NetworkACL acl) throws NetworkRuleConflictException { + public FirewallRule createNetworkACL(FirewallRule acl) throws NetworkRuleConflictException { return createNetworkACL(UserContext.current().getCaller(), acl.getXid(), acl.getSourcePortStart(), acl.getSourcePortEnd(), acl.getProtocol(), acl.getSourceCidrList(), acl.getIcmpCode(), acl.getIcmpType(), null, acl.getType(), acl.getNetworkId(), acl.getTrafficType()); @@ -119,7 +118,7 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ @DB @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_OPEN, eventDescription = "creating firewall rule", create = true) - protected NetworkACL createNetworkACL(Account caller, String xId, Integer portStart, + protected FirewallRule createNetworkACL(Account caller, String xId, Integer portStart, Integer portEnd, String protocol, List sourceCidrList, Integer icmpCode, Integer icmpType, Long relatedRuleId, FirewallRule.FirewallRuleType type, long networkId, TrafficType trafficType) throws NetworkRuleConflictException { @@ -173,7 +172,7 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ txn.commit(); - return newRule; + return getNetworkACL(newRule.getId()); } @@ -210,9 +209,13 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ } } - protected void detectNetworkACLConflict(NetworkACL newRule) throws NetworkRuleConflictException { - - List rules = _firewallDao.listByNetworkPurposeTrafficTypeAndNotRevoked(newRule.getNetworkId(), Purpose.NetworkACL, newRule.getTrafficType()); + protected void detectNetworkACLConflict(FirewallRuleVO newRule) throws NetworkRuleConflictException { + if (newRule.getPurpose() != Purpose.NetworkACL) { + return; + } + + List rules = _firewallDao.listByNetworkPurposeTrafficTypeAndNotRevoked(newRule.getNetworkId(), + Purpose.NetworkACL, newRule.getTrafficType()); assert (rules.size() >= 1) : "For network ACLs, we now always first persist the rule and then check for " + "network conflicts so we should at least have one rule at this point."; @@ -301,8 +304,8 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ } @Override - public NetworkACL getNetworkACL(long ACLId) { - FirewallRuleVO rule = _firewallDao.findById(ACLId); + public FirewallRule getNetworkACL(long ACLId) { + FirewallRule rule = _firewallDao.findById(ACLId); if (rule != null && rule.getPurpose() == Purpose.NetworkACL) { return rule; } @@ -310,7 +313,7 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ } @Override - public List listNetworkACLs(ListNetworkACLsCmd cmd) { + public List listNetworkACLs(ListNetworkACLsCmd cmd) { Long networkId = cmd.getNetworkId(); Long id = cmd.getId(); String trafficType = cmd.getTrafficType(); @@ -357,7 +360,7 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ @Override - public List listNetworkACLs(long guestNtwkId) { + public List listNetworkACLs(long guestNtwkId) { return _firewallDao.listByNetworkAndPurpose(guestNtwkId, Purpose.NetworkACL); }