cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sw...@apache.org
Subject [4/4] git commit: updated refs/heads/4.7 to 3952e3e
Date Tue, 28 Jun 2016 15:18:12 GMT
Merge pull request #1581 from pdube/network-acl-rules-order

CLOUDSTACK-9404 Fixed ordering of network ACL rules being sent to the VR. The comparator was
inverted.

Issue: https://issues.apache.org/jira/browse/CLOUDSTACK-9404

In this example, I created rules with the port numbers the same as the rule numbers.

Chain ACL_INBOUND_eth2 (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             225.0.0.50
ACCEPT     all  --  anywhere             vrrp.mcast.net
DROP       tcp  --  anywhere             anywhere             tcp dpt:netstat
DROP       tcp  --  anywhere             anywhere             tcp dpt:10
DROP       tcp  --  anywhere             anywhere             tcp dpt:5
DROP       tcp  --  anywhere             anywhere             tcp dpt:3
DROP       tcp  --  anywhere             anywhere             tcp dpt:2
DROP       all  --  anywhere             anywhere

We can see above that the rules are inverted.

After the fix:

Chain ACL_INBOUND_eth2 (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             225.0.0.50
ACCEPT     all  --  anywhere             vrrp.mcast.net
DROP       tcp  --  anywhere             anywhere             tcp dpt:2
DROP       tcp  --  anywhere             anywhere             tcp dpt:3
DROP       tcp  --  anywhere             anywhere             tcp dpt:5
DROP       tcp  --  anywhere             anywhere             tcp dpt:10
DROP       tcp  --  anywhere             anywhere             tcp dpt:netstat
DROP       all  --  anywhere             anywhere

* pr/1581:
  Added ASF license to unit test file
  Added unit test to verify ordering
  Fixed ordering of network ACL rules being sent to the VR. The comparator was inverted

Signed-off-by: Will Stevens <williamstevens@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/3952e3e8
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/3952e3e8
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/3952e3e8

Branch: refs/heads/4.7
Commit: 3952e3e83e29fb79fbc409b29255813bd77ee1ac
Parents: 9275ba2 9cdd23f
Author: Will Stevens <williamstevens@gmail.com>
Authored: Tue Jun 28 11:17:45 2016 -0400
Committer: Will Stevens <williamstevens@gmail.com>
Committed: Tue Jun 28 11:17:45 2016 -0400

----------------------------------------------------------------------
 .../agent/api/routing/SetNetworkACLCommand.java | 17 ++++---
 .../api/routing/SetNetworkACLCommandTest.java   | 53 ++++++++++++++++++++
 2 files changed, 64 insertions(+), 6 deletions(-)
----------------------------------------------------------------------



Mime
View raw message