etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug 11778: Make sure that there exist no PF/LB rules before enabling static nat on an ip and vice versa. Reviewed by - Jana 

status 11778: resolved fixed
This commit is contained in:
Nitin 2011-11-07 17:08:58 +05:30
parent 3bdb5af2e2
commit 62e89dc132
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
View File

@ -401,12 +401,14 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
int defPortStart = lb.getDefaultPortStart();
int srcPortEnd = lb.getSourcePortEnd();
IPAddressVO ipAddr = _ipAddressDao.findById(lb.getSourceIpAddressId());
IPAddressVO ipAddr = _ipAddressDao.findById(ipId);
Long networkId = ipAddr.getSourceNetworkId();
// make sure ip address exists
if (ipAddr == null || !ipAddr.readyToUse()) {
throw new InvalidParameterValueException("Unable to create load balancer rule, invalid IP address id" + ipId);
}
} else if (ipAddr.isOneToOneNat()) {
throw new InvalidParameterValueException("Unable to create load balancer rule; ip id=" + ipId + " has static nat enabled");
}
_firewallMgr.validateFirewallRule(caller.getCaller(), ipAddr, srcPortStart, srcPortEnd, lb.getProtocol(), Purpose.LoadBalancing);

13
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -352,10 +352,15 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
throw new InvalidParameterValueException("Can't enable static, ip address id=" + ipId + " is a sourceNat ip address");
}
if (!ipAddress.isOneToOneNat()) {
List<FirewallRuleVO> rules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.PortForwarding);
if (rules != null && !rules.isEmpty()) {
throw new NetworkRuleConflictException("Failed to enable static nat for the ip address id=" + ipId + " as it already has firewall rules assigned");
if (!ipAddress.isOneToOneNat()) { // Dont allow to enable static nat if PF/LB rules exist for the IP
List<FirewallRuleVO> portForwardingRules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.PortForwarding);
if (portForwardingRules != null && !portForwardingRules.isEmpty()) {
throw new NetworkRuleConflictException("Failed to enable static nat for the ip address id=" + ipId + " as it already has PortForwarding rules assigned");
}
List<FirewallRuleVO> loadBalancingRules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.LoadBalancing);
if (loadBalancingRules != null && !loadBalancingRules.isEmpty()) {
throw new NetworkRuleConflictException("Failed to enable static nat for the ip address id=" + ipId + " as it already has LoadBalancing rules assigned");
}
} else {
if (ipAddress.getAssociatedWithVmId() != null && ipAddress.getAssociatedWithVmId().longValue() != vmId) {