cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Uradi <jayapal.ur...@accelerite.com>
Subject Re: JuniperSRX firewall configure plugin source bug
Date Wed, 24 Aug 2016 04:52:51 GMT
Hi Gust,

The changes look good  please go head and raise a PR for it.

Thanks,
Jayapal
> On Aug 24, 2016, at 8:14 AM, Gust <digitalgust@163.com> wrote:
> 
> Hi , all
> 
> There is a bug in com.cloud.network.resource.JuniperSrxResource
> 
> It will report syntax error when configure  outgress rule to Juniper srx hardware firewall.
> 
> 
> begin line 2830 :
> 
>                    if (type.equals(SecurityPolicyType.SECURITYPOLICY_EGRESS_DEFAULT))
{
>                        if (defaultEgressAction == false) {
>                            //for default policy is false add default deny rules
>                            action = "<deny></deny>";
>                        } else {
>                            action = "<permit></permit>";
>                        }
> 
>                    } else {
>                        if (defaultEgressAction == true) {
>                            //configure egress rules to deny the traffic when default
egress is allow
>                            action = "<deny></deny>";
>                        } else {
>                            action = "<permit></permit>";
>                        }
> //error here
>                        xml = replaceXmlValue(xml, "action", action);
> 
>                    }
> 
> fix:
> 
>                    if (type.equals(SecurityPolicyType.SECURITYPOLICY_EGRESS_DEFAULT))
{
>                        if (defaultEgressAction == false) {
>                            //for default policy is false add default deny rules
>                            action = "<deny></deny>";
>                        } else {
>                            action = "<permit></permit>";
>                        }
> 
>                    } else {
>                        if (defaultEgressAction == true) {
>                            //configure egress rules to deny the traffic when default
egress is allow
>                            action = "<deny></deny>";
>                        } else {
>                            action = "<permit></permit>";
>                        }
>                    }
> //move replace  out
>                    xml = replaceXmlValue(xml, "action", action);
> 
> 
> 
> gust 
> 
> Being china.
> 2016-08-24
> 
> 
> 
> 




DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Accelerite,
a Persistent Systems business. It is intended only for the use of the individual or entity
to which it is addressed. If you are not the intended recipient, you are not authorized to
read, retain, copy, print, distribute or use this message. If you have received this communication
in error, please notify the sender and delete all copies of this message. Accelerite, a Persistent
Systems business does not accept any liability for virus infected mails.

Mime
View raw message