etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Resend firewall rules on domR restart

This commit is contained in:
alena 2011-08-12 12:38:17 -07:00
parent 02aec3b3ef
commit 891f02f4d4
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/src/com/cloud/agent/api/to/IpAddressTO.java
View File

@ -39,7 +39,7 @@ public class IpAddressTO {
private TrafficType trafficType;
private String[] networkTags;
public IpAddressTO(String ipAddress, boolean add, boolean firstIP, boolean sourceNat, String vlanId, String vlanGateway, String vlanNetmask, String vifMacAddress, String guestIp, Integer networkRate) {
public IpAddressTO(String ipAddress, boolean add, boolean firstIP, boolean sourceNat, String vlanId, String vlanGateway, String vlanNetmask, String vifMacAddress, String guestIp, Integer networkRate, boolean isOneToOneNat) {
this.publicIp = ipAddress;
this.add = add;
this.firstIP = firstIP;
@ -50,6 +50,7 @@ public class IpAddressTO {
this.vifMacAddress = vifMacAddress;
this.guestIp = guestIp;
this.networkRate = networkRate;
this.oneToOneNat = isOneToOneNat;
}
protected IpAddressTO() {

10
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -1419,11 +1419,13 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
List<PortForwardingRule> pfRules = new ArrayList<PortForwardingRule>();
List<FirewallRule> staticNatFirewallRules = new ArrayList<FirewallRule>();
List<StaticNat> staticNats = new ArrayList<StaticNat>();
List<FirewallRule> firewallRules = new ArrayList<FirewallRule>();
//Get information about all the rules (StaticNats and StaticNatRules; PFVPN to reapply on domR start)
for (PublicIpAddress ip : publicIps) {
pfRules.addAll(_pfRulesDao.listForApplication(ip.getId()));
staticNatFirewallRules.addAll(_rulesDao.listByIpAndPurpose(ip.getId(), Purpose.StaticNat));
firewallRules.addAll(_rulesDao.listByIpAndPurpose(ip.getId(), Purpose.Firewall));
RemoteAccessVpn vpn = _vpnDao.findById(ip.getId());
if (vpn != null) {
@ -1442,6 +1444,12 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
if (!staticNats.isEmpty()) {
createApplyStaticNatCommands(staticNats, router, cmds);
}
//Re-apply firewall rules
s_logger.debug("Found " + staticNats.size() + " firewall rule(s) to apply as a part of domR " + router + " start.");
if (!firewallRules.isEmpty()) {
createFirewallRulesCommands(firewallRules, router, cmds);
}
// Re-apply port forwarding rules
s_logger.debug("Found " + pfRules.size() + " port forwarding rule(s) to apply as a part of domR " + router + " start.");
@ -1901,7 +1909,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
String vmGuestAddress = null;
IpAddressTO ip = new IpAddressTO(ipAddr.getAddress().addr(), add, firstIP, sourceNat, vlanId, vlanGateway, vlanNetmask, vifMacAddress, vmGuestAddress, networkRate);
IpAddressTO ip = new IpAddressTO(ipAddr.getAddress().addr(), add, firstIP, sourceNat, vlanId, vlanGateway, vlanNetmask, vifMacAddress, vmGuestAddress, networkRate, ipAddr.isOneToOneNat());
ip.setTrafficType(network.getTrafficType());
ip.setNetworkTags(network.getTags());
ipsToSend[i++] = ip;