From 95ee2854a84a102d7375b12e5bf51c196d4c07ba Mon Sep 17 00:00:00 2001
From: Jayapal <jayapal@apache.org>
Date: Thu, 20 Jun 2013 16:32:11 +0530
Subject: [PATCH] CLOUDSTACK-1578 kvm:Egress default policy configurable using
 network offering on kvm

---
 .../resource/virtualnetwork/VirtualRoutingResource.java   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
index dae1c8591f4..4f0cceca4a1 100755
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -224,6 +224,7 @@ public class VirtualRoutingResource implements Manager {
             results[i] = "Failed";
         }
         String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
+        String egressDefault = cmd.getAccessDetail(NetworkElementCommand.FIREWALL_EGRESS_DEFAULT);
 
         if (routerIp == null) {
             return new SetFirewallRulesAnswer(cmd, false, results);
@@ -239,6 +240,13 @@ public class VirtualRoutingResource implements Manager {
         
         if (trafficType == FirewallRule.TrafficType.Egress){
             command.add("-E");
+            if (egressDefault.equals("true")) {
+                command.add("-P ", "1");
+            } else if (egressDefault.equals("System")) {
+                command.add("-P ", "2");
+            } else {
+                command.add("-P ", "0");
+            }
         }
 
         StringBuilder sb = new StringBuilder();