From bb790b41f7fa8c8efd5e1beead15819c9f126bac Mon Sep 17 00:00:00 2001
From: edison <edison@cloud.com>
Date: Tue, 23 Nov 2010 20:45:35 -0800
Subject: [PATCH] bug 7322: fix NPE when setting firewall rule for 1:1 NAT on
 kvm status 7322: resolved fixed

---
 .../VirtualRoutingResource.java               | 61 +++++++++++++++----
 1 file changed, 48 insertions(+), 13 deletions(-)

diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
index d7895b714c5..8463db98a09 100755
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -447,19 +447,54 @@ public class VirtualRoutingResource implements Manager {
     }
     
     protected Answer execute(final SetFirewallRuleCommand cmd) {
-        final String result = setFirewallRules(cmd.isEnable(),
-        								 cmd.getRouterName(),
-                                         cmd.getRouterIpAddress(),
-                                         cmd.getProtocol().toLowerCase(),
-                                         cmd.getPublicIpAddress(),
-                                         cmd.getPublicPort(),
-                                         cmd.getPrivateIpAddress(),
-                                         cmd.getPrivatePort(),
-                                         cmd.getOldPrivateIP(),
-                                         cmd.getOldPrivatePort(),
-                                         cmd.getVlanNetmask());
-                                         
-        return new Answer(cmd, result == null, result);
+    	String args;
+
+    	if(cmd.isNat()){
+    		//1:1 NAT needs instanceip;publicip;domrip;op
+    		if(cmd.isCreate())
+    			args = "-A";
+    		else
+    			args = "-D";
+
+    		args += " -l " + cmd.getPublicIpAddress();
+    		args += " -i " + cmd.getRouterIpAddress();
+    		args += " -r " + cmd.getPrivateIpAddress();
+    		args += " -G " + cmd.getProtocol();
+    	}else{
+    		if (cmd.isEnable()) {
+    			args = "-A";
+    		} else {
+    			args = "-D";
+    		}
+
+    		args += " -P " + cmd.getProtocol().toLowerCase();
+    		args += " -l " + cmd.getPublicIpAddress();
+    		args += " -p " + cmd.getPublicPort();
+    		args += " -n " + cmd.getRouterName();
+    		args += " -i " + cmd.getRouterIpAddress();
+    		args += " -r " + cmd.getPrivateIpAddress();
+    		args += " -d " + cmd.getPrivatePort();
+    		args += " -N " + cmd.getVlanNetmask();
+
+    		String oldPrivateIP = cmd.getOldPrivateIP();
+    		String oldPrivatePort = cmd.getOldPrivatePort();
+
+    		if (oldPrivateIP != null) {
+    			args += " -w " + oldPrivateIP;
+    		}
+
+    		if (oldPrivatePort != null) {
+    			args += " -x " + oldPrivatePort;
+    		}
+    	}
+
+    	final Script command = new Script(_firewallPath, _timeout, s_logger);
+    	String [] argsArray = args.split(" ");
+    	for (String param : argsArray) {
+    		command.add(param);
+    	}
+    	String result = command.execute();
+    	return new Answer(cmd, result == null, result);
     }
     
     protected String getDefaultScriptsDir() {