etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-3084: Added check to disallow -ve number for ACL rule

This commit is contained in:
Kishan Kavala 2013-06-24 17:13:52 +05:30
parent 390022c4ea
commit bd5ad442d0
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
View File

@ -308,7 +308,7 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
}
validateNetworkACLItem(aclItemCmd.getSourcePortStart(), aclItemCmd.getSourcePortEnd(), aclItemCmd.getSourceCidrList(),
aclItemCmd.getProtocol(), aclItemCmd.getIcmpCode(), aclItemCmd.getIcmpType(), aclItemCmd.getAction());
aclItemCmd.getProtocol(), aclItemCmd.getIcmpCode(), aclItemCmd.getIcmpType(), aclItemCmd.getAction(), aclItemCmd.getNumber());
return _networkAclMgr.createNetworkACLItem(aclItemCmd.getSourcePortStart(),
aclItemCmd.getSourcePortEnd(), aclItemCmd.getProtocol(), aclItemCmd.getSourceCidrList(), aclItemCmd.getIcmpCode(),
@ -316,7 +316,7 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
}
private void validateNetworkACLItem(Integer portStart, Integer portEnd, List<String> sourceCidrList, String protocol, Integer icmpCode,
Integer icmpType, String action) {
Integer icmpType, String action, Integer number) {
if (portStart != null && !NetUtils.isValidPort(portStart)) {
throw new InvalidParameterValueException("publicPort is an invalid value: " + portStart);
@ -388,6 +388,11 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
throw new InvalidParameterValueException("Invalid action. Allowed actions are Allow and Deny");
}
}
//Check for valid number
if(number != null && number < 1){
throw new InvalidParameterValueException("Invalid number. Number cannot be < 1");
}
}
@Override
@ -526,7 +531,7 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
}
validateNetworkACLItem((sourcePortStart == null) ? aclItem.getSourcePortStart() : sourcePortStart, (sourcePortEnd == null) ? aclItem.getSourcePortEnd() : sourcePortEnd,
sourceCidrList, protocol, icmpCode, (icmpType == null) ? aclItem.getIcmpType() : icmpType, action);
sourceCidrList, protocol, icmpCode, (icmpType == null) ? aclItem.getIcmpType() : icmpType, action, number);
return _networkAclMgr.updateNetworkACLItem(id, protocol, sourceCidrList, trafficType, action, number, sourcePortStart,
sourcePortEnd, icmpCode, icmpType);