Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@cloudstack.apache.org
Date: Wed, 15 May 2013 12:37:16 +0000 (UTC)
From: "ASF subversion and git services (JIRA)" <jira@apache.org>
To: cloudstack-issues@incubator.apache.org
Message-ID: <JIRA.12647631.1368570842895.323363.1368621436963@arcas>
In-Reply-To: <JIRA.12647631.1368570842895@arcas>
References: <JIRA.12647631.1368570842895@arcas>
Subject: [jira] [Commented] (CLOUDSTACK-2491) NTier: Creation of ACL Rule
 for protocol AH (51) and ESP (50) Fails
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2491?page=3Dcom.atla=
ssian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=
=3D13658305#comment-13658305 ]=20

ASF subversion and git services commented on CLOUDSTACK-2491:
-------------------------------------------------------------

Commit 6d6887533ff6270335b2b64bd5b9fc453c41182f in branch refs/heads/master=
 from [~pranav.saxena@citrix.com]
[ https://git-wip-us.apache.org/repos/asf?p=3Dcloudstack.git;h=3D6d68875 ]

CLOUDSTACK-2491:NTier: Creation of ACL Rule for protocol AH (51) and ESP (5=
0) Fails

               =20
> NTier: Creation of ACL Rule for protocol AH (51) and ESP (50) Fails
> -------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2491
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-249=
1
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the defa=
ult.)=20
>          Components: UI
>    Affects Versions: 4.2.0
>            Reporter: Chandan Purushothama
>            Assignee: Pranav Saxena
>             Fix For: 4.2.0
>
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Steps to Reproduce:
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
> 1. Create a VPC.
> 2. Create a Network Tier
> 3. Create an ACL rule on the Network Tier with protocol AH(51)
> 4  Create an ACL rule on the Network Tier with protocol ESP (50)
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Observations:
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> **Creation of ACL Rules with Protocol 51**=20
> 2013-05-14 15:02:45,842 DEBUG [cloud.api.ApiServlet] (catalina-exec-3:nul=
l) =3D=3D=3DSTART=3D=3D=3D  10.216.133.86 -- GET  command=3DcreateNetworkAC=
L&response=3Djson&sessionkey=3D1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=3D=
10.223.195.44%2F32&protocol=3D51&startport=3D81&endport=3D82&networkid=3Dbc=
c163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=3DIngress&_=3D1368569008881
> 2013-05-14 15:02:45,849 DEBUG [cloud.user.AccountManagerImpl] (catalina-e=
xec-3:null) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainCheck=
er_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:02:45,853 DEBUG [cloud.user.AccountManagerImpl] (catalina-e=
xec-3:null) Access to [VPC [1-Atoms-VPC-1] granted to Acct[3-atoms] by Doma=
inChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:02:45,879 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina=
-exec-3:null) submit async job-22, details: AsyncJobVO {id:22, userId: 3, a=
ccountId: 3, sessionKey: null, instanceType: None, instanceId: 11, cmd: org=
.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd, cmdOrigina=
tor: null, cmdInfo: {"sessionkey":"1ew3VD0LppS+SreQld9FNtVnLwo\u003d","prot=
ocol":"51","ctxUserId":"3","traffictype":"Ingress","httpmethod":"GET","star=
tport":"81","endport":"82","response":"json","id":"11","cidrlist":"10.223.1=
95.44/32","_":"1368569008881","ctxAccountId":"3","networkid":"bcc163c5-c23f=
-4b47-a0c8-562b8460b3fe","ctxStartEventId":"78"}, cmdVersion: 0, callbackTy=
pe: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode: 0, r=
esult: null, initMsid: 7508777239729, completeMsid: null, lastUpdated: null=
, lastPolled: null, created: null}
> 2013-05-14 15:02:45,881 DEBUG [cloud.api.ApiServlet] (catalina-exec-3:nul=
l) =3D=3D=3DEND=3D=3D=3D  10.216.133.86 -- GET  command=3DcreateNetworkACL&=
response=3Djson&sessionkey=3D1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=3D10=
.223.195.44%2F32&protocol=3D51&startport=3D81&endport=3D82&networkid=3Dbcc1=
63c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=3DIngress&_=3D1368569008881
> 2013-05-14 15:02:45,882 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-9:job-22) Executing org.apache.cloudstack.api.command.user.network.Cre=
ateNetworkACLCmd for job-22
> 2013-05-14 15:02:45,887 DEBUG [cloud.user.AccountManagerImpl] (Job-Execut=
or-9:job-22) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChec=
ker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:02:45,897 DEBUG [network.router.VirtualNetworkApplianceMana=
gerImpl] (Job-Executor-9:job-22) Applying network acls in network Ntwk[206|=
Guest|11]
> 2013-05-14 15:02:45,907 DEBUG [cloud.network.NetworkModelImpl] (Job-Execu=
tor-9:job-22) Service SecurityGroup is not supported in the network id=3D20=
6
> 2013-05-14 15:02:45,918 DEBUG [agent.transport.Request] (Job-Executor-9:j=
ob-22) Seq 1-1228472477: Sending  { Cmd , MgmtId: 7508777239729, via: 1, Ve=
r: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0,"v=
lanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrLi=
st":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"id"=
:0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"c=
idrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2},{=
"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":fals=
e,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingres=
s","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6","p=
ortRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.1=
31.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":0,"=
vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"already=
Added":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","actio=
n":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRange"=
:[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"=
],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag":"=
2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded":t=
rue,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEP=
T","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,80]=
,"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"traff=
icType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072","p=
rotocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"cid=
rList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","numb=
er":9}],"nic":{"deviceId":2,"networkRateMbps":200,"defaultNic":false,"uuid"=
:"1a0c7f7d-d2f2-4be7-b148-4582f741633a","ip":"192.168.10.1","netmask":"255.=
255.255.0","gateway":"192.168.10.1","mac":"02:00:25:a3:00:02","broadcastTyp=
e":"Vlan","type":"Guest","broadcastUri":"vlan://2072","isolationUri":"vlan:=
//2072","isSecurityGroupEnabled":false},"accessDetails":{"router.guest.ip":=
"192.168.10.1","guest.vlan.tag":"2072","zone.network.type":"Advanced","rout=
er.ip":"169.254.1.178","router.name":"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:02:45,921 DEBUG [agent.transport.Request] (Job-Executor-9:j=
ob-22) Seq 1-1228472477: Executing:  { Cmd , MgmtId: 7508777239729, via: 1,=
 Ver: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0=
,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cid=
rList":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"=
id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true=
,"cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2=
},{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":f=
alse,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ing=
ress","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6"=
,"portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.22=
3.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":=
0,"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alre=
adyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","ac=
tion":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRan=
ge":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/=
32"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag=
":"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded=
":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"AC=
CEPT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,=
80],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"tr=
afficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072"=
,"protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"=
cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","n=
umber":9}],"nic":{"deviceId":2,"networkRateMbps":200,"defaultNic":false,"uu=
id":"1a0c7f7d-d2f2-4be7-b148-4582f741633a","ip":"192.168.10.1","netmask":"2=
55.255.255.0","gateway":"192.168.10.1","mac":"02:00:25:a3:00:02","broadcast=
Type":"Vlan","type":"Guest","broadcastUri":"vlan://2072","isolationUri":"vl=
an://2072","isSecurityGroupEnabled":false},"accessDetails":{"router.guest.i=
p":"192.168.10.1","guest.vlan.tag":"2072","zone.network.type":"Advanced","r=
outer.ip":"169.254.1.178","router.name":"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:02:45,921 DEBUG [agent.manager.DirectAgentAttache] (DirectA=
gent-117:null) Seq 1-1228472477: Executing request
> 2013-05-14 15:02:46,005 DEBUG [agent.manager.DirectAgentAttache] (DirectA=
gent-355:null) Seq 1-1228472325: Response Received:
> 2013-05-14 15:02:46,005 DEBUG [agent.transport.Request] (DirectAgent-355:=
null) Seq 1-1228472325: Processing:  { Ans: , MgmtId: 7508777239729, via: 1=
, Ver: v1, Flags: 10, [{"ClusterSyncAnswer":{"_clusterId":1,"_newStates":{}=
,"_isExecuted":false,"result":true,"wait":0}}] }
> 2013-05-14 15:02:46,641 DEBUG [agent.manager.DirectAgentAttache] (DirectA=
gent-117:null) Seq 1-1228472477: Response Received:
> 2013-05-14 15:02:46,642 DEBUG [agent.transport.Request] (DirectAgent-117:=
null) Seq 1-1228472477: Processing:  { Ans: , MgmtId: 7508777239729, via: 1=
, Ver: v1, Flags: 0, [{"routing.SetNetworkACLAnswer":{"results":["Failed","=
Failed","Failed","Failed","Failed","Failed","Failed","Failed","Failed"],"re=
sult":false,"wait":0}}] }
> 2013-05-14 15:02:46,642 DEBUG [agent.transport.Request] (Job-Executor-9:j=
ob-22) Seq 1-1228472477: Received:  { Ans: , MgmtId: 7508777239729, via: 1,=
 Ver: v1, Flags: 0, { SetNetworkACLAnswer } }
> 2013-05-14 15:02:46,643 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-9:job-22) Unexpected exception while executing org.apache.cloudstack.a=
pi.command.user.network.CreateNetworkACLCmd
> com.cloud.exception.InvalidParameterValueException: ACL Items in default =
ACL cannot be deleted
>         at com.cloud.network.vpc.NetworkACLServiceImpl.revokeNetworkACLIt=
em(NetworkACLServiceImpl.java:449)
>         at org.apache.cloudstack.api.command.user.network.CreateNetworkAC=
LCmd.execute(CreateNetworkACLCmd.java:227)
>         at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
>         at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.=
java:437)
>         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.=
java:471)
>         at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:=
334)
>         at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolEx=
ecutor.java:1110)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolE=
xecutor.java:603)
>         at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 15:02:46,644 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-9:job-22) Complete async job-22, jobStatus: 2, resultCode: 530, result=
: Error Code: 530 Error text: ACL Items in default ACL cannot be deleted
> **Creation of ACL Rules with Protocol 50**=20
> 2013-05-14 15:08:53,485 DEBUG [cloud.api.ApiServlet] (catalina-exec-20:nu=
ll) =3D=3D=3DSTART=3D=3D=3D  10.216.133.86 -- GET  command=3DcreateNetworkA=
CL&response=3Djson&sessionkey=3D1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=
=3D10.223.195.44%2F32&protocol=3D50&startport=3D82&endport=3D83&networkid=
=3Dbcc163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=3DIngress&_=3D136856937=
6535
> 2013-05-14 15:08:53,492 DEBUG [cloud.user.AccountManagerImpl] (catalina-e=
xec-20:null) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChec=
ker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:08:53,496 DEBUG [cloud.user.AccountManagerImpl] (catalina-e=
xec-20:null) Access to [VPC [1-Atoms-VPC-1] granted to Acct[3-atoms] by Dom=
ainChecker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:08:53,519 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina=
-exec-20:null) submit async job-23, details: AsyncJobVO {id:23, userId: 3, =
accountId: 3, sessionKey: null, instanceType: None, instanceId: 12, cmd: or=
g.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd, cmdOrigin=
ator: null, cmdInfo: {"sessionkey":"1ew3VD0LppS+SreQld9FNtVnLwo\u003d","pro=
tocol":"50","ctxUserId":"3","traffictype":"Ingress","httpmethod":"GET","sta=
rtport":"82","endport":"83","response":"json","id":"12","cidrlist":"10.223.=
195.44/32","_":"1368569376535","ctxAccountId":"3","networkid":"bcc163c5-c23=
f-4b47-a0c8-562b8460b3fe","ctxStartEventId":"80"}, cmdVersion: 0, callbackT=
ype: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode: 0, =
result: null, initMsid: 7508777239729, completeMsid: null, lastUpdated: nul=
l, lastPolled: null, created: null}
> 2013-05-14 15:08:53,520 DEBUG [cloud.api.ApiServlet] (catalina-exec-20:nu=
ll) =3D=3D=3DEND=3D=3D=3D  10.216.133.86 -- GET  command=3DcreateNetworkACL=
&response=3Djson&sessionkey=3D1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&cidrlist=3D1=
0.223.195.44%2F32&protocol=3D50&startport=3D82&endport=3D83&networkid=3Dbcc=
163c5-c23f-4b47-a0c8-562b8460b3fe&traffictype=3DIngress&_=3D1368569376535
> 2013-05-14 15:08:53,522 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-10:job-23) Executing org.apache.cloudstack.api.command.user.network.Cr=
eateNetworkACLCmd for job-23
> 2013-05-14 15:08:53,527 DEBUG [cloud.user.AccountManagerImpl] (Job-Execut=
or-10:job-23) Access to Acct[3-atoms] granted to Acct[3-atoms] by DomainChe=
cker_EnhancerByCloudStack_32dba8cb
> 2013-05-14 15:08:53,538 DEBUG [network.router.VirtualNetworkApplianceMana=
gerImpl] (Job-Executor-10:job-23) Applying network acls in network Ntwk[206=
|Guest|11]
> 2013-05-14 15:08:53,547 DEBUG [cloud.network.NetworkModelImpl] (Job-Execu=
tor-10:job-23) Service SecurityGroup is not supported in the network id=3D2=
06
> 2013-05-14 15:08:53,559 DEBUG [agent.transport.Request] (Job-Executor-10:=
job-23) Seq 1-1228472494: Sending  { Cmd , MgmtId: 7508777239729, via: 1, V=
er: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":0,"=
vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"cidrL=
ist":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{"id=
":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"=
cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":2},=
{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":fal=
se,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingre=
ss","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6","=
portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.=
131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id":0,=
"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alread=
yAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","acti=
on":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRange=
":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32=
"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTag":=
"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdded":=
true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCE=
PT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79,80=
],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"traf=
ficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072","=
protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,"ci=
drList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","num=
ber":9},{"id":0,"vlanTag":"2072","protocol":"50","portRange":[82,83],"revok=
ed":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficType=
":"Ingress","action":"ACCEPT","number":10}],"nic":{"deviceId":2,"networkRat=
eMbps":200,"defaultNic":false,"uuid":"1a0c7f7d-d2f2-4be7-b148-4582f741633a"=
,"ip":"192.168.10.1","netmask":"255.255.255.0","gateway":"192.168.10.1","ma=
c":"02:00:25:a3:00:02","broadcastType":"Vlan","type":"Guest","broadcastUri"=
:"vlan://2072","isolationUri":"vlan://2072","isSecurityGroupEnabled":false}=
,"accessDetails":{"router.guest.ip":"192.168.10.1","guest.vlan.tag":"2072",=
"zone.network.type":"Advanced","router.ip":"169.254.1.178","router.name":"r=
-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:08:53,561 DEBUG [agent.transport.Request] (Job-Executor-10:=
job-23) Seq 1-1228472494: Executing:  { Cmd , MgmtId: 7508777239729, via: 1=
, Ver: v1, Flags: 100001, [{"routing.SetNetworkACLCommand":{"rules":[{"id":=
0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":true,"ci=
drList":["0.0.0.0/0"],"trafficType":"Ingress","action":"DROP","number":1},{=
"id":0,"vlanTag":"2072","protocol":"all","revoked":false,"alreadyAdded":tru=
e,"cidrList":["0.0.0.0/0"],"trafficType":"Egress","action":"DROP","number":=
2},{"id":0,"vlanTag":"2072","protocol":"tcp","portRange":[22,23],"revoked":=
false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"trafficType":"In=
gress","action":"ACCEPT","number":3},{"id":0,"vlanTag":"2072","protocol":"6=
","portRange":[80,81],"revoked":false,"alreadyAdded":true,"cidrList":["10.2=
23.131.170/32"],"trafficType":"Ingress","action":"ACCEPT","number":4},{"id"=
:0,"vlanTag":"2072","protocol":"6","portRange":[56,67],"revoked":false,"alr=
eadyAdded":true,"cidrList":["10.223.131.170/32"],"trafficType":"Ingress","a=
ction":"ACCEPT","number":5},{"id":0,"vlanTag":"2072","protocol":"6","portRa=
nge":[44,45],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44=
/32"],"trafficType":"Ingress","action":"ACCEPT","number":6},{"id":0,"vlanTa=
g":"2072","protocol":"udp","portRange":[23,24],"revoked":false,"alreadyAdde=
d":true,"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"A=
CCEPT","number":7},{"id":0,"vlanTag":"2072","protocol":"17","portRange":[79=
,80],"revoked":false,"alreadyAdded":true,"cidrList":["10.223.195.44/32"],"t=
rafficType":"Ingress","action":"ACCEPT","number":8},{"id":0,"vlanTag":"2072=
","protocol":"51","portRange":[81,82],"revoked":false,"alreadyAdded":false,=
"cidrList":["10.223.195.44/32"],"trafficType":"Ingress","action":"ACCEPT","=
number":9},{"id":0,"vlanTag":"2072","protocol":"50","portRange":[82,83],"re=
voked":false,"alreadyAdded":false,"cidrList":["10.223.195.44/32"],"trafficT=
ype":"Ingress","action":"ACCEPT","number":10}],"nic":{"deviceId":2,"network=
RateMbps":200,"defaultNic":false,"uuid":"1a0c7f7d-d2f2-4be7-b148-4582f74163=
3a","ip":"192.168.10.1","netmask":"255.255.255.0","gateway":"192.168.10.1",=
"mac":"02:00:25:a3:00:02","broadcastType":"Vlan","type":"Guest","broadcastU=
ri":"vlan://2072","isolationUri":"vlan://2072","isSecurityGroupEnabled":fal=
se},"accessDetails":{"router.guest.ip":"192.168.10.1","guest.vlan.tag":"207=
2","zone.network.type":"Advanced","router.ip":"169.254.1.178","router.name"=
:"r-3-NTIER"},"wait":0}}] }
> 2013-05-14 15:08:53,562 DEBUG [agent.manager.DirectAgentAttache] (DirectA=
gent-32:null) Seq 1-1228472494: Executing request
> 2013-05-14 15:08:55,909 DEBUG [storage.secondary.SecondaryStorageManagerI=
mpl] (secstorage-1:null) Zone 1 is ready to launch secondary storage VM
> 2013-05-14 15:08:56,179 DEBUG [cloud.consoleproxy.ConsoleProxyManagerImpl=
] (consoleproxy-1:null) Zone 1 is ready to launch console proxy
> 2013-05-14 15:08:56,621 DEBUG [cloud.api.ApiServlet] (catalina-exec-19:nu=
ll) =3D=3D=3DSTART=3D=3D=3D  10.216.133.86 -- GET  command=3DqueryAsyncJobR=
esult&jobId=3Df257cf39-9efb-49ec-977d-a6b60ef1a5f3&response=3Djson&sessionk=
ey=3D1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&_=3D1368569379648
> 2013-05-14 15:08:56,637 DEBUG [cloud.api.ApiServlet] (catalina-exec-19:nu=
ll) =3D=3D=3DEND=3D=3D=3D  10.216.133.86 -- GET  command=3DqueryAsyncJobRes=
ult&jobId=3Df257cf39-9efb-49ec-977d-a6b60ef1a5f3&response=3Djson&sessionkey=
=3D1ew3VD0LppS%2BSreQld9FNtVnLwo%3D&_=3D1368569379648
> 2013-05-14 15:08:56,936 DEBUG [agent.manager.DirectAgentAttache] (DirectA=
gent-32:null) Seq 1-1228472494: Response Received:
> 2013-05-14 15:08:56,936 DEBUG [agent.transport.Request] (DirectAgent-32:n=
ull) Seq 1-1228472494: Processing:  { Ans: , MgmtId: 7508777239729, via: 1,=
 Ver: v1, Flags: 0, [{"routing.SetNetworkACLAnswer":{"results":["Failed","F=
ailed","Failed","Failed","Failed","Failed","Failed","Failed","Failed","Fail=
ed"],"result":false,"wait":0}}] }
> 2013-05-14 15:08:56,936 DEBUG [agent.transport.Request] (Job-Executor-10:=
job-23) Seq 1-1228472494: Received:  { Ans: , MgmtId: 7508777239729, via: 1=
, Ver: v1, Flags: 0, { SetNetworkACLAnswer } }
> 2013-05-14 15:08:56,938 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-10:job-23) Unexpected exception while executing org.apache.cloudstack.=
api.command.user.network.CreateNetworkACLCmd
> com.cloud.exception.InvalidParameterValueException: ACL Items in default =
ACL cannot be deleted
>         at com.cloud.network.vpc.NetworkACLServiceImpl.revokeNetworkACLIt=
em(NetworkACLServiceImpl.java:449)
>         at org.apache.cloudstack.api.command.user.network.CreateNetworkAC=
LCmd.execute(CreateNetworkACLCmd.java:227)
>         at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
>         at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.=
java:437)
>         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.=
java:471)
>         at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:=
334)
>         at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolEx=
ecutor.java:1110)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolE=
xecutor.java:603)
>         at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 15:08:56,938 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-10:job-23) Complete async job-23, jobStatus: 2, resultCode: 530, resul=
t: Error Code: 530 Error text: ACL Items in default ACL cannot be deleted
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> On The VPC VR:
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for gu=
est network: 192.168.10.1/24, inbound::51:81:82:10.223.195.44/32
> May 14 14:04:37 r-3-NTIER cloud: Error adding iptables entry for guest ne=
twork : 192.168.10.1/24,inbound::51:81:82:10.223.195.44/32
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for gue=
st network : 192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules fo=
r guest network: 192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for gu=
est network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for gu=
est network: 192.168.10.1/24, inbound::6:80:81:10.223.131.170/32
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for gue=
st network : 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw ru=
les for guest network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for gu=
est network: 192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:10:47 r-3-NTIER cloud: Error adding iptables entry for guest ne=
twork : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for gue=
st network : 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules fo=
r guest network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for gu=
est network: 192.168.10.1/24

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrato=
rs
For more information on JIRA, see: http://www.atlassian.com/software/jira