etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,057 Commits 324 Branches 325 Tags 796 MiB
Commit Graph

74 Commits

Author SHA1 Message Date
Edison Su 2f9efa96b7 fix iptable rules after reboot inside guest vm, drop rule coming ahead of dhcp rule, so user vm can't get ip address anymore 2012-02-28 20:29:51 -08:00
Edison Su 84aec81cb9 bug 13733: make sure dhcp request/response are always allowd. status 13733: resolved fixed 2012-02-28 18:23:36 -08:00
Chiradeep Vittal 3c10c624dd bug 13733: allow dhcp requests and responses all the time 2012-02-15 15:50:15 -08:00
Chiradeep Vittal eadccb37c4 bug 13060: check for resident vms as xapi will return vms running on other hosts in the cluster 2012-01-17 18:33:05 -08:00
Chiradeep Vittal 4950a25c0b bug 13033: security rule prevents console access 2012-01-12 15:34:09 -08:00
anthony 50d166fe0d bug 13052: check if ebtables exists in can_bridge_firewall 
status 13052: resolved fixed
 2012-01-12 11:31:11 -08:00
Naredula Janardhana Reddy e82ec99261 Bug 12973: FIX : Icmp code/type validation for ingress/egress rules causing host plugin failure. 2012-01-11 10:50:19 +05:30
anthony 616f260402 bug 10363 : cleanup vhd in primary storage if download template to primary storage fails 2012-01-10 13:52:01 -08:00
Chiradeep Vittal 0e594fb6de bug 11302: dont allow stuff like BPDUS, don't allow vms to connect to hypervisor 2012-01-06 22:35:54 -08:00
Chiradeep Vittal 4ccc2c3a50 bug 12854: arp requests can also be used to poison arp caches 2012-01-05 17:50:06 -08:00
Chiradeep Vittal 342d4d7592 bug 12854: arp and ip antispoof independent of the order of vm start 2012-01-05 17:50:06 -08:00
anthony 67463e8c43 bug 12328: XenServer 6.0 changes vnc-port path in xenstore 
status 12328: resolved fixed

Conflicts:

	core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
 2012-01-05 15:32:15 -08:00
Chiradeep Vittal 42896d8212 add stronger security to defend against attacks originating in the vm 2011-12-16 22:02:09 -08:00
Chiradeep Vittal 005ef54cb2 bug 12290: improve antispoofing lgic 
handle reboot within vm correctly
iptables -S missing in csp
 2011-12-16 20:46:57 -08:00
Chiradeep Vittal 7dd98d4c73 bug 12290: arptables for vif mistakenly wiped out when tap device also present 2011-12-12 17:31:34 -08:00
Chiradeep Vittal 0395787f51 bug 11302: support new CSP for SP2. 
conditional check : --match-set vs --set
 2011-11-01 18:28:39 -07:00
Chiradeep Vittal f5eb82869b bug 11302: support new CSP for SP2. 
TB Done: conditional check to use --set vs --match-set
 2011-11-01 18:28:33 -07:00
Chiradeep Vittal 668754b845 bug 11336: compression to allow number of cidrs to scale beyond 8k 2011-10-06 17:37:31 -07:00
Chiradeep Vittal 5b86cb12fd bug 11625: separate out error paths to enable fine grained error handling and cleanup 
status 11625: resolved fixed
 2011-10-06 17:37:11 -07:00
Chiradeep Vittal 450ace1051 bug 11420: reduce duration of disruption 2011-09-14 21:57:32 -07:00
Sheng Yang fb28c0a63a bug 11307: Add BumpUpPriorityCommand 2011-09-14 03:04:26 -07:00
Chiradeep Vittal 939946f9c6 fix a python bug 2011-09-07 13:58:49 -07:00
Chiradeep Vittal 335feb51e4 compare numbers, not strings 2011-09-07 13:58:48 -07:00
Chiradeep Vittal da857591f4 if sequence number increases but signature does not change, do not reprogram, but rewrite the rule log 2011-09-07 13:58:47 -07:00
Edison Su 76155d0ab5 Fix the regression on security group cleanup: 
In pre-2.2.10, the cleanup doens't work at all.
In 2.2.10, it works but make a mistake to delete all the rules for vmname ending with "-untagged"
 2011-08-31 10:45:32 -07:00
Chiradeep Vittal 8277584b8a merge ELB / nectarine branch 2011-08-08 15:20:56 -07:00
Chiradeep Vittal 736b6cf98e properly clean up rules for nonexistent vms 2011-08-04 22:58:42 -07:00
Chiradeep Vittal 0c408d8da5 handle elb vm restart 2011-08-04 22:05:48 -07:00
alena 8d47c53735 Revert "bug 10435: removed vpn feature" 
This reverts commit ea9e1b5d138950e8de49fce7ffdbb12a1c72c560.

Conflicts:

	api/src/com/cloud/api/ResponseGenerator.java
	scripts/vm/hypervisor/xenserver/vmops
	server/src/com/cloud/configuration/Config.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
 2011-08-02 18:12:57 -07:00
Chiradeep Vittal 29c88787e1 from eip feature: 
1. fix ordering of ingress and egress rules so that vms are protected from other vms on the same host in all cases
2. remove dependency on cloud-guest
 2011-07-28 16:08:51 -07:00
Sheng Yang 44d4113ae6 bug 10429: backport redundant router 
Part 2

commit 797839360c65cd348d2eb20630521177ab0919de
    bug 9154: redundant virtual router

commit 8ff7f230204d4d3a7a4adee75523a9a84f4276fe
    bug 9154: Replace domain_router.is_master with domain_router.redundant_state in DB

commit 230b99e9e0b152648f1dd2a5eab6f22315b8e7b4
    bug 9154: Add redundant state to DomainRouterResponse

commit ccefb5ff5e83d713798a347c99bce1a0d04b4317
    bug 9154: Add router fault state report

commit 7a3090378f9785caecf741b70554f6ea17c41764
    bug 9154: Send alert if found two virtual routers in master state

commit 66831056e4bf27665871bccd24e6159071564847
    bug 9154: Code clean up

commit bf3f58a85741fa7118bd848a42d8b21baa4478d4
    bug 9154: Add isRedundantRouter to DomainRouterResponse
 2011-07-18 18:30:02 -07:00
Chiradeep Vittal 7d95efb7c6 fix ipset problem introduced by 58e92bbe84 2011-07-10 12:44:15 -07:00
Edison Su 56bc4f27a9 fix user/meta data: if data is empty, return a blank file, not 404 2011-07-01 12:58:14 -07:00
alena 74f34a0e0c bug 10435: removed vpn feature 
status 10435: resolved fixed
 2011-06-24 09:18:46 -07:00
alena c2afcdec52 bug 9873: always add default security group to the SG list when deploy vm in 1) Basic zone 2) Advance zone using SG enabled network 
status 9873: resolved fixed

Following fixes were made as a part of the checkin:

* When deploy user vm and SG doesn't exist in the DB, create it automatically.
* SecurityGroup enabled use vm start: if map to default group is not present in security_group_vm_map table, create one.
* Added "name" (securityGroupName) parameter back to deleteSecurityGroup/authorizeSecurityGroupIngress/deployVm. Mutually exclusive with security group id parameter.

Conflicts:

	api/src/com/cloud/api/commands/AuthorizeSecurityGroupIngressCmd.java
	api/src/com/cloud/api/commands/DeleteSecurityGroupCmd.java
	api/src/com/cloud/api/commands/DeployVMCmd.java
	server/src/com/cloud/api/ApiDBUtils.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
 2011-05-17 15:08:13 -07:00
Chiradeep Vittal 46e40cab3f ebtables not programmed in some cases 2011-05-13 14:41:37 -07:00
Chiradeep Vittal 4ab68bd44a bug 9689: handle old style vm names 2011-05-04 14:21:49 -07:00
Chiradeep Vittal aecd64e51c bug 9092: consistent naming 2011-05-04 14:21:49 -07:00
anthony 054f6b0199 bug 9472: when get vnc port for a vm, check if the port is really used by this vm for security 
status 9472: resolved fixed
 2011-04-15 12:47:12 -07:00
anthony 44678b60bc add VERSION into to scripts 2011-03-23 14:54:31 -07:00
Chiradeep Vittal 697b4f60db bug 8380: use instance name status 8380: resolved fixed 2011-03-01 14:07:30 -08:00
Chiradeep Vittal 4f1342a4dd bug 8380: default chains weren't getting deleted 2011-02-04 12:04:53 -08:00
Chiradeep Vittal 58e92bbe84 bug 8347: skip ebtables if kernel doesn't support it 2011-02-03 11:57:31 -08:00
Chiradeep Vittal ca057a43dd bug 8347: skip ebtables if kernel doesn't support it 2011-02-03 11:53:25 -08:00
Chiradeep Vittal 6b8024ffaa bug 8302: dont hardcode ebtables path 
status 8302: resolved fixed
 2011-02-02 12:56:46 -08:00
Chiradeep Vittal 0be687dc09 bug 8302: dont hardcode ebtables path 
status 8302: resolved fixed
 2011-02-02 12:56:46 -08:00
Chiradeep Vittal dd7f8625cc bug 7380: SNAT rules when there are multiple public interfaces 
bug 6854: port from 2.1.x
 2011-01-13 16:59:35 -08:00
Frank c6683c2eab bug 7722: open vswitch - 
refine ovs plugin, create a separate plugin instead of messing with vmops
refine gre tunnel, maintains tunnel in database instead of plugin
fix an arp issue cause by overlap vlan range
 2011-01-11 02:55:36 -08:00
Frank c07d1be1aa bug 7722: open vswitch - fix issue that flows un-delete when VM stop 2011-01-10 14:34:31 -08:00
Frank a964494332 bug 7722: open vswitch - align some data type with master branch 2011-01-08 17:31:00 -08:00