Return-Path: 
 <issues-return-10430-apmail-cloudstack-issues-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-issues-archive@www.apache.org
Delivered-To: apmail-cloudstack-issues-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 8E14C10BFD
	for <apmail-cloudstack-issues-archive@www.apache.org>;
 Fri, 14 Jun 2013 05:15:25 +0000 (UTC)
Received: (qmail 38716 invoked by uid 500); 14 Jun 2013 05:15:25 -0000
Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org
Received: (qmail 38586 invoked by uid 500); 14 Jun 2013 05:15:23 -0000
Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:issues@cloudstack.apache.org>
List-Id: <issues.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list issues@cloudstack.apache.org
Received: (qmail 38547 invoked by uid 500); 14 Jun 2013 05:15:22 -0000
Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org
Received: (qmail 38508 invoked by uid 99); 14 Jun 2013 05:15:21 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Jun 2013 05:15:21 +0000
Date: Fri, 14 Jun 2013 05:15:20 +0000 (UTC)
From: "ASF subversion and git services (JIRA)" <jira@apache.org>
To: cloudstack-issues@incubator.apache.org
Message-ID: <JIRA.12652178.1370939910590.113852.1371186920006@arcas>
In-Reply-To: <JIRA.12652178.1370939910590@arcas>
References: <JIRA.12652178.1370939910590@arcas>
Subject: =?utf-8?Q?[jira]_[Commented]_(CLOUDSTACK-2?=
 =?utf-8?Q?930)__[VPC][VMware]Exception_whil?=
 =?utf-8?Q?e_applying_the_user_created_ACL_?=
 =?utf-8?Q?with_protocol_as_=E2=80=9CAll=E2=80=9D_to_a_tier.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2930?page=3Dcom.atla=
ssian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=
=3D13683097#comment-13683097 ]=20

ASF subversion and git services commented on CLOUDSTACK-2930:
-------------------------------------------------------------

Commit 5e56e43e31dae8ec505db9b948dfaa476a96deb8 in branch refs/heads/master=
 from [~mice]
[ https://git-wip-us.apache.org/repos/asf?p=3Dcloudstack.git;h=3D5e56e43 ]

fix CLOUDSTACK-2930, exception while applying ACL rule with protocol as ALL=
.
1) change UI, disable startport and endport when protocol=3DAll
2) validate parameters for API createNetworkACL

               =20
>  [VPC][VMware]Exception while applying the user created ACL with protocol=
 as =E2=80=9CAll=E2=80=9D to a tier.
> -------------------------------------------------------------------------=
--------------------
>
>                 Key: CLOUDSTACK-2930
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-293=
0
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the defa=
ult.)=20
>          Components: Network Controller
>    Affects Versions: 4.2.0
>            Reporter: manasaveloori
>            Assignee: Mice Xia
>            Priority: Critical
>             Fix For: 4.2.0
>
>
> Steps:=09
> 1.=09Have a CS with advanced zone and VMwarehost.
> 2.=09Create a VPC and a tier network
> 3.=09Create a Network ACL list and a ACL rule under it with protocol fiel=
d as =E2=80=9CAll=E2=80=9D
> 4.=09Apply the rule to the tier .
> Observation:
> Observed the following exception:
> 2013-06-11 18:15:48,505 ERROR [utils.ssh.SshHelper] (DirectAgent-137:10.1=
47.40.29) SSH execution of command /opt/cloud/bin/vpc_acl.sh  -d eth2 -i 10=
.0.1.1 -m 24 -a Ingress:all:1:65535:0.0.0.0/0:ACCEPT:,Egress:all:1:65535:0.=
0.0.0/0:ACCEPT:, has an error status code in return. result output: iptable=
s v1.4.14: unknown option "--dport"
> Try `iptables -h' or 'iptables --help' for more information.
> 2013-06-11 18:15:48,508 ERROR [vmware.resource.VmwareResource] (DirectAge=
nt-137:10.147.40.29) SetNetworkACLAnswer on domain router 10.147.40.183 fai=
led. message: iptables v1.4.14: unknown option "--dport"
> Try `iptables -h' or 'iptables --help' for more information.
> 2013-06-11 18:15:48,510 DEBUG [agent.manager.DirectAgentAttache] (DirectA=
gent-137:null) Seq 1-1378812142: Response Received:
> 2013-06-11 18:15:48,510 DEBUG [agent.transport.Request] (DirectAgent-137:=
null) Seq 1-1378812142: Processing:  { Ans: , MgmtId: 6805241462820, via: 1=
, Ver: v1, Flags: 0, [{"routing.SetNetworkACLAnswer":{"results":[null,null]=
,"result":false,"wait":0}}] }
> 2013-06-11 18:15:48,510 DEBUG [agent.transport.Request] (Job-Executor-15:=
job-28) Seq 1-1378812142: Received:  { Ans: , MgmtId: 6805241462820, via: 1=
, Ver: v1, Flags: 0, { SetNetworkACLAnswer } }
> 2013-06-11 18:15:48,511 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-15:job-28) Unexpected exception while executing org.apache.cloudstack.=
api.command.user.network.ReplaceNetworkACLListCmd
> com.cloud.exception.ResourceUnavailableException: Resource [DataCenter:1]=
 is unreachable: Unable to apply network acls on router
>         at com.cloud.network.router.VirtualNetworkApplianceManagerImpl.ap=
plyRules(VirtualNetworkApplianceManagerImpl.java:3743)
>         at com.cloud.network.router.VpcVirtualNetworkApplianceManagerImpl=
.applyNetworkACLs(VpcVirtualNetworkApplianceManagerImpl.java:717)
>         at com.cloud.network.element.VpcVirtualRouterElement.applyNetwork=
ACLs(VpcVirtualRouterElement.java:416)
>         at com.cloud.network.vpc.NetworkACLManagerImpl.applyACLItemsToNet=
work(NetworkACLManagerImpl.java:409)
>         at com.cloud.network.vpc.NetworkACLManagerImpl.applyACLToNetwork(=
NetworkACLManagerImpl.java:337)
>         at com.cloud.network.vpc.NetworkACLManagerImpl.replaceNetworkACL(=
NetworkACLManagerImpl.java:158)
>         at com.cloud.network.vpc.NetworkACLServiceImpl.replaceNetworkACL(=
NetworkACLServiceImpl.java:233)
>         at org.apache.cloudstack.api.command.user.network.ReplaceNetworkA=
CLListCmd.execute(ReplaceNetworkACLListCmd.java:109)
>         at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
>         at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.=
java:437)
>         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.=
java:471)
>         at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:=
334)
>         at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolEx=
ecutor.java:1110)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolE=
xecutor.java:603)
>         at java.lang.Thread.run(Thread.java:679)
> 2013-06-11 18:15:48,513 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Exec=
utor-15:job-28) Complete async job-28, jobStatus: 2, resultCode: 530, resul=
t: Error Code: 530 Error text: Resource [DataCenter:1] is unreachable: Unab=
le to apply network acls on router
> 2013-06-11 18:15:50,096 DEBUG [cloud.api.ApiServlet] (catalina-exec-5:nul=
l) =3D=3D=3DSTART=3D=3D=3D  10.252.192.69 -- GET  command=3DqueryAsyncJobRe=
sult&jobId=3Dc092d23d-ffca-4fa7-b433-54649bc54c49&response=3Djson&sessionke=
y=3DydkJIe0pKVxfZP3S8wS9PfFTNjY%3D&_=3D1370935298970
> 2013-06-11 18:15:50,117 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina=
-exec-5:null) Async

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrato=
rs
For more information on JIRA, see: http://www.atlassian.com/software/jira