From a3bbda8075a42e395385d0e4833ac496fd80dd2a Mon Sep 17 00:00:00 2001
From: Murali reddy <Murali.Reddy@citrix.com>
Date: Wed, 25 Jan 2012 17:58:49 +0530
Subject: [PATCH] bug 13276: Static NAT on Elastic Ip does not respect the
 Ingress rules that are set on the VM
 Reviewed-by:Prasanna.Santhanam@citrix.com

This fix configures Inat and LB rules on the NetScaler device to send the source IP recived on the packets
as is, so that security groups configured can take affect
---
 core/src/com/cloud/network/resource/NetscalerResource.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/core/src/com/cloud/network/resource/NetscalerResource.java b/core/src/com/cloud/network/resource/NetscalerResource.java
index 7d6840753f9..9c90cc2e271 100644
--- a/core/src/com/cloud/network/resource/NetscalerResource.java
+++ b/core/src/com/cloud/network/resource/NetscalerResource.java
@@ -459,6 +459,8 @@ public class NetscalerResource implements ServerResource {
                                 newService.set_servername(nsServerName);
                                 newService.set_state("ENABLED");
                                 newService.set_servicetype(lbProtocol);
+                                newService.set_usip("ON");
+
                                 apiCallResult = com.citrix.netscaler.nitro.resource.config.basic.service.add(_netscalerService, newService);
                                 if (apiCallResult.errorcode != 0) {
                                     throw new ExecutionException("Failed to create service " + nsServiceName + " using server " + nsServerName + " due to" + apiCallResult.message);
@@ -799,8 +801,8 @@ public class NetscalerResource implements ServerResource {
                         iNatRule.set_name(iNatRuleName);
                         iNatRule.set_publicip(srcIp);
                         iNatRule.set_privateip(dstIP);
-                        iNatRule.set_usnip("ON");
-                        iNatRule.set_usip("OFF");
+                        iNatRule.set_usnip("OFF");
+                        iNatRule.set_usip("ON");
                         try {
                             apiCallResult = inat.add(_netscalerService, iNatRule);
                         } catch (nitro_exception e) {
@@ -821,6 +823,7 @@ public class NetscalerResource implements ServerResource {
                     s_logger.debug("Deleted Inat rule on the Netscaler device " + _ip + " to remove static NAT from " +  srcIp + " to " + dstIP);
                 }
 
+                saveConfiguration();
                 results[i++] = "Static nat rule from " + srcIp + " to " + dstIP + " successfully " + (rule.revoked() ? " revoked.":" created.");
             }
         }  catch (Exception e) {