From 8eeefad97f6e7c71eb3f9b70211129c11221364e Mon Sep 17 00:00:00 2001 From: Jayapal Date: Wed, 26 Jun 2013 12:49:39 +0530 Subject: [PATCH] CLOUDSTACK-3199 apply acl item to private gateway when added to acl list --- .../network/vpc/NetworkACLManagerImpl.java | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java index 4881b734e73..eb18eb7f515 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java @@ -88,6 +88,8 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana @Override public boolean applyNetworkACL(long aclId) throws ResourceUnavailableException { boolean handled = true; + boolean aclApplyStatus = true; + List rules = _networkACLItemDao.listByACL(aclId); //Find all networks using this ACL and apply the ACL List networks = _networkDao.listByAclId(aclId); @@ -97,7 +99,18 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana break; } } - if(handled){ + + List vpcGateways = _vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private); + for (VpcGatewayVO vpcGateway : vpcGateways) { + PrivateGateway privateGateway = _vpcMgr.getVpcPrivateGateway(vpcGateway.getId()); + if (!applyACLToPrivateGw(privateGateway)) { + aclApplyStatus = false; + s_logger.debug("failed to apply network acl item on private gateway " + privateGateway.getId() + "acl id " + aclId); + break; + } + } + + if(handled && aclApplyStatus){ for (NetworkACLItem rule : rules) { if (rule.getState() == NetworkACLItem.State.Revoke) { removeRule(rule); @@ -108,7 +121,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana } } } - return handled; + return handled && aclApplyStatus; } @Override