From f488a8f72cfa60ed9f6540f1d6ec1cb3b44579fa Mon Sep 17 00:00:00 2001
From: Jayapal <jayapal@apache.org>
Date: Wed, 15 Oct 2014 17:08:59 +0530
Subject: [PATCH] CLOUDSTACK-7728: Fixed adding icmp rules with different types
 and codes

---
 server/src/com/cloud/network/firewall/FirewallManagerImpl.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
index ddc2f732373..0537a2758be 100644
--- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
+++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
@@ -406,7 +406,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
                 (newRule.getSourcePortStart() != null && newRule.getSourcePortEnd() != null && rule.getSourcePortStart() != null && rule.getSourcePortEnd() != null);
             boolean nullPorts =
                 (newRule.getSourcePortStart() == null && newRule.getSourcePortEnd() == null && rule.getSourcePortStart() == null && rule.getSourcePortEnd() == null);
-            if(nullPorts && duplicatedCidrs && (rule.getProtocol().equalsIgnoreCase(newRule.getProtocol())))
+            if(nullPorts && duplicatedCidrs && (rule.getProtocol().equalsIgnoreCase(newRule.getProtocol())) && !newRule.getProtocol().equalsIgnoreCase(NetUtils.ICMP_PROTO))
             {
                 throw new NetworkRuleConflictException("There is already a firewall rule specified with protocol = " +newRule.getProtocol()+ " and no ports");
             }