cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chipchild...@apache.org
Subject [2/3] git commit: refs/heads/4.1 - Summary: Prevent deletion of wrong iptables rules
Date Thu, 14 Mar 2013 19:41:42 GMT
Summary: Prevent deletion of wrong iptables rules

Detail: A grep in security_group.py wasn't defined well enough, could
potentially delete rules for VMs other than intended

BUG-ID: CLOUDSTACK-309
Bugfix-for: master
Reviewed-by:
Reported-by: Francois Scala
Signed-off-by: John Kinsella <jlk@stratosec.co> 1363222521 -0700


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/4a556d12
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/4a556d12
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/4a556d12

Branch: refs/heads/4.1
Commit: 4a556d1280a558c8234c40ce6511794b0ad4081c
Parents: beb6170
Author: John Kinsella <jlk@stratosec.co>
Authored: Wed Mar 13 17:54:50 2013 -0700
Committer: Chip Childers <chip.childers@gmail.com>
Committed: Thu Mar 14 15:40:35 2013 -0400

----------------------------------------------------------------------
 scripts/vm/network/security_group.py |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/4a556d12/scripts/vm/network/security_group.py
----------------------------------------------------------------------
diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py
index 50a1641..1bcbc3e 100755
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@@ -344,7 +344,7 @@ def post_default_network_rules(vm_name, vm_id, vm_ip, vm_mac, vif, brname,
dhcpS
 def delete_rules_for_vm_in_bridge_firewall_chain(vmName):
     vm_name = vmName
     if vm_name.startswith('i-') or vm_name.startswith('r-'):
-        vm_name =  '-'.join(vm_name.split('-')[:-1])
+	vm_name = '-'.join(vm_name.split('-')[:-1]) + "-def"
     
     vmchain = vm_name
     


Mime
View raw message