cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jayapal Reddy" <>
Subject Review Request: Egress firewall rules default policy configuration using network offering
Date Thu, 20 Jun 2013 05:05:31 GMT

This is an automatically generated e-mail. To reply, visit:

Review request for cloudstack, Anthony Urso, Abhinandan Prateek, Murali Reddy, and Alena Prokharchyk.


Egress rules default policy configuration using the network offering.
This patch is for xenserver with VR as firewall provider.

Here is the FS:

The work flow:
1. For default network offerings the egress default policy is block
2. While creating network offering, by default egress default policy is allow and it can be
configured to deny.
3. When egress default policy is allow, rules are added to block the traffic and if default
policy is deny rules added to allow the traffic

This addresses bug CLOUDSTACK-1578.


  api/src/com/cloud/agent/api/to/ f296aa4 
  api/src/com/cloud/offering/ 72e2a2b 
  api/src/org/apache/cloudstack/api/ ab1402c 
  api/src/org/apache/cloudstack/api/command/admin/network/ 6410715

  api/src/org/apache/cloudstack/api/response/ 7a7e371 
  core/src/com/cloud/agent/api/routing/ ddb7ac8 
  engine/schema/src/com/cloud/network/rules/ 9f73029 
  engine/schema/src/com/cloud/offerings/ 3ae0bf3 
  patches/systemvm/debian/config/root/ 0da7718 
  plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/ 5e8283a

  server/src/com/cloud/api/ 94c5d6c 
  server/src/com/cloud/configuration/ 8db037b 
  server/src/com/cloud/configuration/ 131d340 
  server/src/com/cloud/network/ d6a6450 
  server/src/com/cloud/network/firewall/ f7275b0 
  server/src/com/cloud/network/router/ 8da5176 
  server/src/com/cloud/network/rules/ 2bce8fe 
  server/src/com/cloud/server/ d334d7e 
  server/test/com/cloud/network/ 95bb1d1 
  server/test/com/cloud/vpc/ 21b3590 
  server/test/org/apache/cloudstack/networkoffering/ 4a2c867

  setup/db/db/schema-410to420.sql bcfbcc9 



1. Tested on xenserver with VR as firewall


Jayapal Reddy

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message